Cryptographic controls Sample Clauses

Cryptographic controls i. Contractor has a cryptographic controls policy in place that is documented, has obtained management approval, is reviewed no less frequently than annually and is maintained to ensure its continuing suitability, adequacy and effectiveness.
Sample 1Sample 2Sample 3See All (5)
AutoNDA by SimpleDocs
Cryptographic controls. The Contractor should put in place an appropriate policy on the use of encryption, plus cryptographic authentication and integrity controls such as digital signatures and message authentication codes, and cryptographic key management.
Sample 1Sample 2Sample 3See All (5)
Cryptographic controls i. Contractor has a cryptographic controls policy in place that is documented, has obtained management approval, is reviewed no less frequently than annually and is maintained to ensure its continuing suitability, adequacy and effectiveness. Security of system files Contractor has procedures in place to control the installation of software on operational systems; Contractor selects test data carefully, and the test data is protected and controlled; and Contractor restricts access to program source code. Security in development and support processes Contractor has implemented procedures to maintain the security of application system software and information; Contractor utilizes formal change control procedures to implement changes; and Contractor supervises and monitors outsourced software development. Technical Vulnerability Management Contractor documents the technical vulnerabilities, the exposure evaluated, and the appropriate measures taken to address the associated risk.
Sample 1Sample 2Sample 3
Cryptographic controls. 10.1.1 Policy on the use of cryptographic controls Defined in the Eight Technology Information Security Policy
Sample 1
Cryptographic controls i. Upon award and not later than six months following execution of the Contract, Contractor will create a cryptographic controls policy in place that is documented, has obtained management approval, is reviewed no less frequently than annually and is maintained to ensure its continuing suitability, adequacy and effectiveness.
Sample 1
Cryptographic controls. Iron Mountain shall follow a documented policy on the use of cryptographic controls. Iron Mountain’s cryptographic controls shall:
Sample 1
Cryptographic controls. ● Cryptographic keys must be in line with industry best practice (minimum 256 bits for symmetric keys and 2048 bits for Asymmetric keys) ● Cryptographic keys must be protected against modification and loss ● Minimum standards must be defined for ciphers, protocols and hashing algorithms ● A recognised library must be used for cryptography algorithms ● Private keys must be transferred securely between components (minimum of AES 256)
Sample 1
AutoNDA by SimpleDocs
Cryptographic controls. The Consultant should put in place an appropriate policy on the use of encryption, plus cryptographic authentication and integrity controls such as digital signatures and message authentication codes, and cryptographic key management.
Sample 1
Cryptographic controls. Data importer shall follow a documented policy on the use of cryptographic controls. Data importer’s cryptographic controls shall:
Sample 1

Related to Cryptographic controls

  • Security Controls Annually, upon Fund’s reasonable request, Transfer Agent shall provide Fund’s Chief Information Security Officer or his or her designee with a copy of its corporate information security controls that form the basis for Transfer Agent’s Security Policy and an opportunity to discuss Transfer Agent’s information security measures, and a high level summary of any vulnerability testing conducted by Transfer Agent on its information security controls, with a qualified member of Transfer Agent’s information technology management team. Transfer Agent shall review its Security Policy annually.

  • Access Controls a. Authorized Access - DST shall have controls that are designed to maintain the logical separation such that access to systems hosting Fund Data and/or being used to provide services to Fund will uniquely identify each individual requiring access, grant access only to authorized personnel based on the principle of least privileges, and prevent unauthorized access to Fund Data.

  • Expansive Controls Where the capability exists, originating or terminating traffic reroutes may be implemented by either Party to temporarily relieve network congestion due to facility failures or abnormal calling patterns. Reroutes will not be used to circumvent normal trunk servicing. Expansive controls will only be used when mutually agreed to by the Parties.

  • Technical Security Controls 35 a. Workstation/Laptop encryption. All workstations and laptops that store PHI COUNTY 36 discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of 37 COUNTY either directly or temporarily must be encrypted using a FIPS 140-2 certified algorithm which 1 is 128bit or higher, such as AES. The encryption solution must be full disk unless approved by the 2 COUNTY.

  • Audit Controls P. Contractor agrees to an annual system security review by the County to assure that systems processing and/or storing Medi-Cal PII are secure. This includes audits and keeping records for a period of at least three (3) years. A routine procedure for system review to catch unauthorized access to Medi-Cal PII shall be established by the Contractor.

  • Data Encryption Contractor must encrypt all State data at rest and in transit, in compliance with FIPS Publication 140-2 or applicable law, regulation or rule, whichever is a higher standard. All encryption keys must be unique to State data. Contractor will secure and protect all encryption keys to State data. Encryption keys to State data will only be accessed by Contractor as necessary for performance of this Contract.

  • Personnel Controls The County Department/Agency agrees to advise County Workers who have access to Pll, of the confidentiality of the information, the safeguards required to protect the information, and the civil and criminal sanctions for non- compliance contained in applicable federal and state laws. For that purpose, the County Department/Agency shall implement the following personnel controls:

  • Controls Each party will maintain commercially reasonable administrative, technical, and physical controls designed to protect data in its possession or under its control from unauthorised access, accidental loss and unauthorised modification. You are responsible for implementing administrative, technical, and physical controls that are appropriate for your business.

  • Encryption The Fund acknowledges and agrees that encryption may not be available for every communication through the System, or for all data. The Fund agrees that Custodian may deactivate any encryption features at any time, without notice or liability to the Fund, for the purpose of maintaining, repairing or troubleshooting the System or the Software.

  • Technical Safeguards 1. USAC and the Department will process the data matched and any data created by the match under the immediate supervision and control of authorized personnel to protect the confidentiality of the data, so unauthorized persons cannot retrieve any data by computer, remote terminal, or other means.

Time is Money Join Law Insider Premium to draft better contracts faster.