Access Control to Data Processing Systems. Processes to prevent TCP data processing systems from being used by unauthorized persons, to include: a. identification of the terminal and/or the terminal user to the data processor systems; b. automatic time-out of user terminal if left idle, identification and password required to reopen; c. regular examination of security risks by internal personnel and qualified third-parties; d. issuing and safeguarding of identification codes; e. password complexity requirements (minimum length, expiry of passwords, etc.); and f. protection against external access by means of firewall and network access controls.
Appears in 3 contracts
Sources: Data Processing Addendum, Data Processing Addendum, Data Processing Addendum