AUTHENTICATION AND ACCESS CONTROL Sample Clauses

AUTHENTICATION AND ACCESS CONTROL. The Supplier shall operate an access control regime to ensure all users and administrators of the ICT Environment (to the extent that the ICT Environment is within the control of the Supplier) are uniquely identified and authenticated when accessing or administering the Services. Applying the ‘principle of least privilege’, users and administrators shall be allowed access only to those parts of the ICT Environment that they require. The Supplier shall retain an audit record of accesses.
Sample 1Sample 2
AutoNDA by SimpleDocs
AUTHENTICATION AND ACCESS CONTROL. The Supplier shall ensure that accounts are provisioned with privileges appropriate for the user need. Administrator (or other high privilege) accounts shall only be provisioned to users who need those privileges. Administrators shall not conduct ‘normal’ day-to-day business from their high privilege account. Privileges shall be periodically reviewed and removed where no longer required. The Supplier shall have its own ’crypto custodianto handle encryption of PCs or IT equipment on closed networks, in accordance with List X Guidance. Such an individual shall be responsible for the custody, handling, protection and destruction of all cryptographic material. The Supplier shall ensure that users identify and authenticate to devices and Services. The Supplier’s crypto custodian shall manage this process. For passwords, the Supplier shall, with reference to CESG’s published best practice ‘Password Guidance: Simplifying Your Approach’: ensure that all passwords are changed from defaults; not allow password/account sharing; ensure that high-privilege users (i.e. administrators) use different passwords for their high-privilege and low-privilege accounts; combine passwords with some other form of strengthening authentication, such as lockouts, throttling or two-factor authentication; ensure that passwords are never stored as plain text, but are (as a minimum) hashed using a cryptographic function capable of multiple iterations and/or a variable work factor. It is advisable to add a ‘salt’ before hashing passwords. In respect of End User Devices, the Supplier shall ensure that users identify and authenticate to devices and Services. Additionally, the Supplier shall ensure that only appropriately authorised devices are provided with access to Services, in compliance with EUD Security Principle 3: Authentication.
Sample 1
AUTHENTICATION AND ACCESS CONTROL. 6.1. I will abide by the IRC access processes set in the IRC Access and Usage Procedure
Sample 1
AUTHENTICATION AND ACCESS CONTROL. The Supplier shall operate an access control regime to ensure: all users and administrators of the Supplier System are uniquely identified and authenticated when accessing or administering the Services; and all persons who access the Sites are identified and authenticated before they are allowed access to the Sites. The Supplier shall apply the ‘principle of least privilege’ when allowing persons access to the Supplier System and Sites so that such persons are allowed access only to those parts of the Sites and the Supplier System they require. The Supplier shall retain records of access to the Sites and to the Supplier System and shall make such record available to the Authority on request.
Sample 1

Related to AUTHENTICATION AND ACCESS CONTROL

  • Authorization, Authentication, and Access In order to ensure that access to the Data is limited to authorized staff, the Contractor must:

  • Execution, Authentication, Delivery and Dating of Rights Certificates (a) The Rights Certificates shall be executed on behalf of the Company by any of its Chairman of the Board, President, Chief Executive Officer and Chief Financial Officer. The signature of any of these officers on the Rights Certificates may be manual or facsimile. Rights Certificates bearing the manual or facsimile signatures of individuals who were at any time the proper officers of the Company shall bind the Company, notwithstanding that such individuals or any of them have ceased to hold such offices either before or after the countersignature and delivery of such Rights Certificates.

  • Authentication This Note shall not be valid until authenticated by the manual signature of the Trustee or an authenticating agent.

  • Execution, Authentication, Availability and Dating of the Residual Certificates The Residual Certificates shall be executed on behalf of Xxxxxx Mae by an Authorized Officer of Xxxxxx Xxx under the corporate seal of Xxxxxx Mae, which may be in facsimile form and be imprinted or otherwise reproduced thereon, and shall be attested by the Secretary, Assistant Secretary, or a second Authorized Officer of Xxxxxx Xxx. The signature of any of these Persons on the Residual Certificates may be manual or facsimile. A Residual Certificate bearing the manual or facsimile signature of individuals who were at any time officers of Xxxxxx Mae shall bind Xxxxxx Xxx, notwithstanding that such individuals or any of them have ceased to hold such offices prior to the authentication and delivery of such Certificate or did not hold such offices at the date of such Certificate. At any time and from time to time after the execution and delivery of this Trust Agreement, Xxxxxx Mae may deliver Residual Certificates executed by Xxxxxx Xxx to the Certificate Registrar for authentication and the Certificate Registrar shall authenticate and make available such Certificates as provided in this Trust Agreement and not otherwise. No Residual Certificate shall be entitled to any benefit under this Trust Agreement or be valid for any purpose, unless there appears on such Residual Certificate a certificate of authentication substantially in the form provided for herein, executed by the Certificate Registrar by the manual or facsimile signature of one of its authorized signatories, and such certificate upon any Residual Certificate shall be conclusive evidence, and the only evidence, that such Residual Certificate has been duly authenticated and made available hereunder. Each Residual Certificate shall be dated the date of its authentication.

  • Installation and Acceptance 4.1 Unless otherwise agreed in the Proposal, SDSD shall install the Product and other Licensed Materials on the Equipment.

  • AUTHENTICATION OF FACSIMILE BIDS The act of submitting a Bid by facsimile transmission, including an executed signature page or as otherwise specified in the Bid Documents, shall be deemed a confirming act by Bidder which authenticates the signing of the Bid.

  • Access by and Authentication of Authorized Users Authorized Users of the Participating Institutions shall be granted access to the Licensed Materials pursuant to the following:

  • Execution Completion Authentication and Delivery (a) The Notes shall be executed on behalf of the Issuer by one or more officers of the Issuer authorized to do so pursuant to one or more resolutions of the Issuer, whose signatures may be manual or facsimile (an "Authorized Officer"). Notes bearing the manual or facsimile signature of an Authorized Officer shall bind the Issuer, notwithstanding that such person no longer serves as the official so authorized to execute the Notes prior to the authentication and delivery of the Notes or was not such an official at the date of execution of such Notes. The Global Agent shall have no responsibility to the Issuer to determine by whom or by what means a facsimile signature may have been affixed on the Notes, or to determine whether any facsimile or manual signature is genuine.

  • INSPECTION AND ACCEPTANCE (a) LOCKHEED XXXXXX and its customer may inspect all Work at reasonable times and places, including, when practicable, during manufacture and before shipment. SELLER shall provide all information, facilities, and assistance necessary for safe and convenient inspection without additional charge.

Time is Money Join Law Insider Premium to draft better contracts faster.