Encryption of Data. A. Data at Rest. The Contractor shall ensure encryption of Personal Data and Non-Public Data within the Contractor’s possession or control is consistent with validated cryptography standards as referenced in Federal Information Processing Standard (FIPS) 140 Publication Series.
Encryption of Data. 1. The Contractor, at its own expense, shall encrypt any and all electronically stored data now or hereafter in its possession or control located on non-State owned or managed devices that the State, in accordance with its existing state policies, classifies as confidential or restricted. The method of encryption shall be compliant with the State of Connecticut Enterprise Wide Technical Architecture ("EWTA") or such other method as deemed acceptable by the Agency. This shall be a continuing obligation for compliance with the EWTA standard as it may change from time to time.
Encryption of Data. Encryption solutions will be deployed with no less than 256-bit Advanced Encryption Standard (AES) encryption.
Encryption of Data. 2. The ability to ensure the ongoing confidentiality, integrity, availability and resilience of Processing systems and services;
Encryption of Data. (a) Contractor and Contractor Parties, at its own expense, shall encrypt any and all electronically stored data now or hereafter in its possession or control located on non-state owned or managed devices that the State, in accordance with its existing state policies classifies as confidential or restricted. The method of encryption shall be compliant with the State of Connecticut Enterprise Wide Technical Architecture (EWTA) as it may be amended from time to time. This shall be a continuing obligation for compliance with the EWTA standard as it may change from time to time. In the event of a breach of security or loss of State data, the Contractor or Contractor Parties shall notify the client agency which owns the data, the Connecticut Department of Information Technology and the Connecticut Office of the Attorney General as soon as practical but no later than 24 hours after the discovery or suspicion of such breach or loss that such data has been compromised through breach or loss. THE REST OF THIS PAGE IS INTENTIONALLY LEFT BLANK
Encryption of Data. A. Data at Rest. Agreement # The Contractor shall ensure that encryption of Personal Data and Non-Public Data within Contractor’s possession or control and while stored on Contractor’s network,is consistent with validated cryptography standards as referenced in Federal Information Processing Standard (FIPS) Publication 140-2. For the avoidance of doubt, the Parties understand and agree that Contractor will not encrypt any City Data, including but not limited to Personal Data or Non-Public Data, when in use on Contractor’s network, as further described in Section 12(B). For the purposes set forth herein, the parties agree that “Data at Rest” means all data in storage, including but not limited to archived Data, Data that is not accessed or changed frequently, files stored on hard drives, USB thumb drives, files stored on back-up tapes and discs, and files stored off-site or on a storage area network (SAN).
Encryption of Data a) All Contractor Parties, at their own expense, shall encrypt any and all electronically-stored data related to this Contract now or hereafter in their possession or control and located on non-State owned or managed devices, which the State classifies as confidential or restricted (“State data”). The method of encryption shall be compliant with the State’s Enterprise Wide Technical Architecture (“EWTA”). This shall be a continuing obligation for compliance with the EWTA standard as it may change from time to time.
Encryption of Data. Data at Rest. The Contractor shall ensure encryption of Personal Data and Non-Public Data within the Contractor’s possession or control is consistent with validated cryptography standards as referenced in Federal Information Processing Standard (FIPS) 140 Publication Series. Data in Transit. The Contractor shall ensure all Personal Data and Non-Public Data is encrypted when transmitted across networks that originate or terminate on equipment owned or controlled by the Contractor to protect against eavesdropping of network traffic by unauthorized users. In cases where source and target endpoint devices are within the same protected subnet, Personal Data and Non-Public Data transmission must still be encrypted due to the potential for high negative impact of a covered Data Breach. The types of transmission may include client-to-server, server-to-server communication, as well as any data transfer between core systems and third-party systems. Where an endpoint device is reachable via web interface, web traffic must be transmitted over Secure Sockets Layer (SSL), using only strong security protocols, such as Transport Layer Security (TLS). Non-web transmission of Personal Data and Non-Public Data should be encrypted via application level encryption. Where the application database resides outside of the application server, the connection between the database and application should also be encrypted using Federal Information Processing Standard (FIPS) compliant cryptographic algorithms referenced in FIPS Publication 197. Where application level encryption is not available for non-web Personal Data and Non-Public Data traffic, network level encryption such as Internet Protocol Security (IPSec) or SSH tunneling shall be implemented. Email is not secure and shall not be used to transmit Personal Data and Non-Public Data.
Encryption of Data. With Jamf’s standard Hosted Services, Customer Content is encrypted in- transit to the Hosted Services and stored encrypted at-rest. Encryption solutions will be deployed with no less than 256-bit Advanced Encryption Standard (AES) encryption.
Encryption of Data. (a) The Contractor, at its own expense, shall encrypt any and all electronically stored data now or hereafter in its possession or control located on non-state owned or managed devices that the State, in accordance with its existing state policies classifies as confidential or restricted. The method of encryption shall be compliant with the State of Connecticut Enterprise Wide Technical Architecture (“EWTA”) or such other method as deemed acceptable by the Agency. This shall be a continuing obligation for compliance with the EWTA standard as it may change from time to time. The EWTA domain architecture documents can be found at xxxx://xxx.xx.xxx/doit/cwp/view.asp?a=1245&q=253968.
