Communications Security. C.2.9.1. The data processor shall deploy a secure Virtual Private Network (VPN) connection for its staff accessing its internal network remotely. Users shall use a two-factor authentication in order to enable the VPN connection. C.2.9.2. The data processor shall deploy advanced firewalls to protect its network, including protection against malicious software and advanced intrusion techniques, as well as to segment its network to ensure resilience. C.2.9.3. The data processor shall deploy solutions designed to monitor and log the activity on its network. The logs shall be continuously monitored to timely identify and remedy security incidents and shall be retained in accordance with the data processor’s formal policies and procedures. C.2.9.4. The data processor shall synchronize system clocks on network servers to a universal time source (e.g. UTC) or network time protocol (NTP).
Appears in 2 contracts
Sources: Data Processing Agreement, Data Processing Agreement