Access and Site Controls Sample Clauses

Access and Site Controls. Control Activities and Processes. Control activities provide reasonable assurance that logical access to relevant applications, data and system resources is restricted to properly authorized individuals and programs. Sprinklr Tech Operations team is responsible for configuration and administration of the firewall and security groups to control security and access to “internal” network infrastructure. Backend infrastructure requires two level access mechanisms. For Linux servers, public key based SSH authentication is used to access the Access Server. From Access Server, LDAP authentication is used to access other servers. LDAP authentication is based on User ID and Password. For Windows servers, RDP over SSL is used for both legs. Access to applications is achieved via HTTPS, providing secure encrypted transport sessions to the application. Sprinklr defines user access using role-based access control (RBAC) approach, where role is used to determine user access to only required features and functions. All sensitive data used by the system is stored encrypted, and direct access privilege to data store instances is given to database administrators only. There is no direct end-user access to data store. End-user access is available only via the application. The completion of the SOC 1 Type I examination typifies Sprinklr’s continued commitment to create and maintain the most stringent controls needed to ensure the highest quality and security of service provided to its Customers. The system is deployed on Linux and Windows server instances via Amazon Elastic Compute Cloud (EC2) managed service, which provides reliable and flexible server deployment including OS level patches. Firewalls and host-based intrusion detection systems are deployed on the system. All security monitoring systems including, but not limited to, firewalls and host intrusion detection systems are deployed and enabled. All infrastructure platforms and services (operating systems, web servers, database servers, firewalls, etc.) are configured according to industry best practices. Sprinklr Tech Operations team is responsible for configuration and administration of the firewall using AWS security groups to control security and access to “internal” network infrastructure. The Data Importer has, and maintains, a security policy for its personnel, and requires security training as part of the training package for its personnel. The Data Importer’s infrastructure security personnel are responsible...
Access and Site Controls. (a) Site Controls. the specific data center and internal areas they wish to visit; (ii) sign in at on-site security operations; and (iii) reference an approved data center access record identifying the individual as approved.
Access and Site Controls