Configuration Management The Contractor shall maintain a configuration management program, which shall provide for the administrative and functional systems necessary for configuration identification, control, status accounting and reporting, to ensure configuration identity with the UCEU and associated cables produced by the Contractor. The Contractor shall maintain a Contractor approved Configuration Management Plan that complies with ANSI/EIA-649 2011. Notwithstanding ANSI/EIA-649 2011, the Contractor’s configuration management program shall comply with the VLS Configuration Management Plans, TL130-AD-PLN-010-VLS, and shall comply with the following:
Network Access Control The VISION Web Site and the Distribution Support Services Web Site (the “DST Web Sites”) are protected through multiple levels of network controls. The first defense is a border router which exists at the boundary between the DST Web Sites and the Internet Service Provider. The border router provides basic protections including anti-spoofing controls. Next is a highly available pair of stateful firewalls that allow only HTTPS traffic destined to the DST Web Sites. The third network control is a highly available pair of load balancers that terminate the HTTPS connections and then forward the traffic on to one of several available web servers. In addition, a second highly available pair of stateful firewalls enforce network controls between the web servers and any back-end application servers. No Internet traffic is allowed directly to the back-end application servers. The DST Web Sites equipment is located and administered at DST’s Winchester data center. Changes to the systems residing on this computer are submitted through the DST change control process. All services and functions within the DST Web Sites are deactivated with the exception of services and functions which support the transfer of files. All ports on the DST Web Sites are disabled, except those ports required to transfer files. All “listeners,” other than listeners required for inbound connections from the load balancers, are deactivated. Directory structures are “hidden” from the user. Services which provide directory information are also deactivated.
The Web Services E-Verify Employer Agent agrees to, consistent with applicable laws, regulations, and policies, commit sufficient personnel and resources to meet the requirements of this MOU.
Network Interconnection Architecture Each Party will plan, design, construct and maintain the facilities within their respective systems as are necessary and proper for the provision of traffic covered by this Agreement. These facilities include but are not limited to, a sufficient number of trunks to the point of interconnection with the tandem company, and sufficient interoffice and interexchange facilities and trunks between its own central offices to adequately handle traffic between all central offices within the service areas at P.01 grade of service or better. The provisioning and engineering of such services and facilities will comply with generally accepted industry methods and practices, and will observe the rules and regulations of the lawfully established tariffs applicable to the services provided.
STATEWIDE CONTRACT MANAGEMENT SYSTEM If the maximum amount payable to Contractor under this Contract is $100,000 or greater, either on the Effective Date or at any time thereafter, this section shall apply. Contractor agrees to be governed by and comply with the provisions of §§00-000-000, 00-000-000, 00-000-000, and 00- 000-000, C.R.S. regarding the monitoring of vendor performance and the reporting of contract information in the State’s contract management system (“Contract Management System” or “CMS”). Contractor’s performance shall be subject to evaluation and review in accordance with the terms and conditions of this Contract, Colorado statutes governing CMS, and State Fiscal Rules and State Controller policies.
Quality Management System Supplier hereby undertakes, warrants and confirms, and will ensue same for its subcontractors, to remain certified in accordance with ISO 9001 standard or equivalent. At any time during the term of this Agreement, the Supplier shall, if so instructed by ISR, provide evidence of such certifications. In any event, Supplier must notify ISR, in writing, in the event said certification is suspended and/or canceled and/or not continued.
System Access Control Data processing systems used to provide the Cloud Service must be prevented from being used without authorization. Measures: • Multiple authorization levels are used when granting access to sensitive systems, including those storing and processing Personal Data. Authorizations are managed via defined processes according to the SAP Security Policy • All personnel access SAP’s systems with a unique identifier (user ID). • SAP has procedures in place so that requested authorization changes are implemented only in accordance with the SAP Security Policy (for example, no rights are granted without authorization). In case personnel leaves the company, their access rights are revoked. • SAP has established a password policy that prohibits the sharing of passwords, governs responses to password disclosure, and requires passwords to be changed on a regular basis and default passwords to be altered. Personalized user IDs are assigned for authentication. All passwords must fulfill defined minimum requirements and are stored in encrypted form. In the case of domain passwords, the system forces a password change every six months in compliance with the requirements for complex passwords. Each computer has a password-protected screensaver. • The company network is protected from the public network by firewalls. • SAP uses up–to-date antivirus software at access points to the company network (for e-mail accounts), as well as on all file servers and all workstations. • Security patch management is implemented to provide regular and periodic deployment of relevant security updates. Full remote access to SAP’s corporate network and critical infrastructure is protected by strong authentication.
Construction Management Services a. A-E may be required to review and recommend approval of submittals, shop drawings, Request for Information (RFI) and/or calculations for temporary structures such as trench shoring, false work and other temporary structural forms.
Restricted Use By Outsourcers / Facilities Management, Service Bureaus or Other Third Parties Outsourcers, facilities management or service bureaus retained by Licensee shall have the right to use the Product to maintain Licensee’s business operations, including data processing, for the time period that they are engaged in such activities, provided that: 1) Licensee gives notice to Contractor of such party, site of intended use of the Product, and means of access; and 2) such party has executed, or agrees to execute, the Product manufacturer’s standard nondisclosure or restricted use agreement which executed agreement shall be accepted by the Contractor (“Non-Disclosure Agreement”); and 3) if such party is engaged in the business of facility management, outsourcing, service bureau or other services, such third party will maintain a logical or physical partition within its computer system so as to restrict use and access to the program to that portion solely dedicated to beneficial use for Licensee. In no event shall Licensee assume any liability for third party’s compliance with the terms of the Non-Disclosure Agreement, nor shall the Non-Disclosure Agreement create or impose any liabilities on the State or Licensee. Any third party with whom a Licensee has a relationship for a state function or business operation, shall have the temporary right to use Product (e.g., JAVA Applets), provided that such use shall be limited to the time period during which the third party is using the Product for the function or business activity.
Network Access TENANT may find it necessary to purchase a network interface card, wireless PC card or other hardware in order to connect to the internet service. LANDLORD is not responsible for the purchase of these items and LANDLORD cannot guarantee compatibility with any device TENANT may have. The computer and network card must have software installed that supports the Internet Protocol commonly referred to as TCP/IP. Any conflicts between the software compatibility of the network and the TENANT’S computer operating system or any other feature will be the responsibility of the TENANT to resolve. LANDLORD will not be responsible for software issues related to the user’s personal computer.
