Cloud Services and Systems Clause Samples
The 'Cloud Services and Systems' clause defines the terms under which cloud-based platforms, applications, or infrastructure are provided and accessed by the parties. It typically outlines the scope of services, user access rights, data storage locations, and security obligations, such as how data is protected and who is responsible for system maintenance. By clearly delineating responsibilities and expectations regarding the use of cloud technologies, this clause helps prevent misunderstandings, ensures compliance with data protection standards, and allocates risk between the service provider and the customer.
Cloud Services and Systems. Any single image of data classified as Confidential defines the minimum-security requirement for all virtual instances in the cloud. • Cloud based systems may contain Confidential Information. We reserve the right to perform a Security review and Risk Assessment of applications and services containing Confidential Information in the cloud before implementation.
(d) Existing services containing Confidential Information may not be pushed to the cloud or transferred to cloud service vendors without Our approval. It is subject to approval following a Security Review and Risk Assessment by Us.
Cloud Services and Systems. Cloud-based systems may only contain Confidential Information subject to the prior written approval by Us and must be certified to ISO 27001 standards as a minimum. This minimum ISO 27001 certification must not exceed 12 months from the initial date of issue, for the standard to be considered valid. We reserve the right to perform a security review and risk assessmentof applications and services containing Confidential Information in the cloud prior to implementation. Any changes to the architecture or function of a service or data model inthe cloud that stores Confidential Information must first be reviewed and approved by Our Information Security Department. Applications that require physical separation cannot be on a cloud-based service unless duly segregated and approved in writing by Us. Supplier shall ensure Confidential Informationis fully segregated from the Supplier’s other customers and/or third parties. In addition, the Supplier agrees to allow any regulated Customers (i.e., when a government or regulatory body with binding authority (“Regulator”) regulates such entity’s regulated services such as (for example) financial services) or any independent or impartial inspection agents or auditors selected by Us or a regulated Customer, to audit the Supplier and the Supplier agrees to allow Us to provide any such reports to its Customers where required.
Cloud Services and Systems. Cloud-based systems may only contain McAfee Enterprise Confidential Information subject to the prior written approval of McAfee Enterprise and must be certified to ISO 27001 standards as a minimum. McAfee Enterprise reserves the right to perform a security review and risk assessment of applications and services containing McAfee Enterprise Confidential Information in the cloud prior to implementation. Any changes to the architecture or function of a service or data model in the cloud that stores McAfee Enterprise Confidential Information must first be reviewed and approved by McAfee Enterprise Information Security Department. Applications that require physical separation cannot be on a cloud-based service unless duly segregated and approved in writing by McAfee Enterprise . Supplier shall ensure McAfee Enterprise Confidential Information is fully segregated from Supplier’s other customers and/or third-parties. In addition, Supplier agrees to allow any regulated End-User Customers( i.e. when a government or regulatory body with binding authority (“Regulator”) regulates such entity’s regulated services such as (for example) financial services) or any independent or impartial inspection agents or auditors selected by McAfee Enterprise or a regulated End-User Customer, to audit Supplier and Supplier agrees to allow McAfee Enterprise to provide any such reports to its End-User Customers where required.