Encryption Keys. Encryption keys must be protected. Encryption key length must be a minimum of the latest industry recognized, and a maximum of the length authorized under applicable law and/or regulation. A log of keys must be kept for each user. Keys must be protected through a strong password (chosen by the end-user) and must be only accessible for the respective end-user where applicable. Access control for system keys must be configured as restrictive as possible. If the key is no longer needed or life-time exceeded the key must securely deleted (unrecoverable) from all storage medias.
Appears in 2 contracts
Sources: Transfer Agency and Service Agreement (Eq Advisors Trust), Transfer Agency and Service Agreement (1290 Funds)