Encryption Standards. State Street will define in its Security Policy minimum standards for encryption methods and strength.
Encryption Standards. DST will define in its WISP minimum standards for data encryption. DST will employ approved industry standards designed to ensure that applicable requirements are implemented to protect the data. DST must:
Encryption Standards. Encryption algorithms that are publicly or commercially available, with key lengths sufficient to prevent commercially reasonable attempts to decrypt through brute force the encrypted information.
Encryption Standards. The Software uses industry standard, strong encryption algorithms to encrypt Customer’s files and secure Customer’s Data that Customer backs-up with the Code42 Subscription Services prior to any transmission from the Device where the Customer Data resides. Customer Data remains encrypted at Code42’s Public Cloud secure data centers or within Customer’s Private Cloud or Managed Private Cloud, as elected by Customer. Unless another party, including Code42, is provided with Customer’s passwords and encryption keys, only Customer can decrypt and view its unencrypted Customer Data. UNDER NO CIRCUMSTANCES SHOULD PROTECTED OR REGULATED DATA INCLUDING, BUT NOT LIMITED TO, PERSONAL HEALTH INFORMATION, PERSONABLY IDENTIFIABLE INFORMATION, OR FINANCIAL DATA, BE PLACED UNENCRYPTED ON ANY SYSTEM RUNNING THE SOFTWARE. IF CUSTOMER DOES HAVE PROTECTED OR REGULATED DATA THAT IS BACKED UP USING THE SOFTWARE, CUSTOMER MUST ELECT SECURITY LEVEL TWO, WHICH REQUIRES EACH AUTHORIZED USER TO HAVE A LOGIN PASSWORD AND PRIVATE DATA PASSWORD. Safekeeping of Encryption Keys. Customer shall be responsible for maintaining the physical security of each Customer account, encryption keys, passwords and files. To decrypt Customer Data, Customer needs its passwords and encryption keys. Without these, neither Customer, nor any other party, is able to decrypt Customer Data. The encryption keys are secured and escrowed on Code42 servers in the Public Cloud or within Customer’s Private Cloud or Managed Private Cloud, as elected by Customer. If Customer elects Security Level Two, the login user names and private passwords will be required before decrypting Customer Data. IF YOU USE PRIVATE ENCRYPTION KEYS AND PASSWORDS, YOU ARE REPSONSIBLE FOR PROTECTING SUCH ENCRYPTION KEYS AND PASSWORDS. IN THE EVENT YOU LOSE YOUR PRIVATE ENCRYPTION KEYS AND/OR PASSWORDS, NEITHER YOU NOR CODE42 CAN RECOVER YOUR CUSTOMER DATA. Code42 Security. Code42 shall (i) use commercially reasonable efforts to maintain appropriate technical and organizational measures to protect any Customer Data against unauthorized or unlawful transfer, processing or alteration and against accidental access, loss, damage, processing, use, transfer or destruction; (ii) use commercially reasonable efforts to provide reliable and secure systems operated by or on behalf of Code42 that process such data and information in connection with this Agreement; (iii) promptly notify Customer in writing of any (a) breach or suspected breach of the sec...
Encryption Standards. Stored Data Contractor’s and Subcontractors’ workstations and portable devices that are used to access, store, receive and/or transmit County PI, PHI or MI (e.g., mobile, wearables, tablets, thumb drives, external hard drives) require encryption (i.e., software and/or hardware) in accordance with: (a) Federal Information Processing Standard Publication (FIPS) 140-2, (b) National Institute of Standards and Technology (NIST) Special Publication 800-57 Recommendation for Key Management – Part 1: General (Revision 3), (c) NIST Special Publication 800-57 Recommendation for Key Management – Part 2: Best Practices for Key Management Organization; and (d) NIST Special Publication 800-111 Guide to Storage Encryption Technologies for End User Devices. Advanced Encryption Standard (AES) with cipher strength of 256-bit is minimally required. Contractor’s and Subcontractors’ use of remote servers (e.g., cloud storage, Software-as-a-Service or SaaS) for storage of County PI, PHI and/or MI will be subject to written pre-approval by the County’s Chief Executive Office.
Encryption Standards. Transmitted Data All transmitted (e.g., network) County PI, PHI and/or MI require encryption in accordance with: (a) NIST Special Publication 800-52 Guidelines for the Selection and Use of Transport Layer Security Implementations, and
Encryption Standards. The Service Provider provides encryption at rest and in transit where applicable as part of hosted and SaaS offerings. Where this feature is selected by a customer we strongly recommend that: A minimum 256bit key length is used Algorithms used meet requirements published by NIST Keys are generated and stored in a secure manner that prevents loss or theft with strict role based access.
Encryption Standards. Contractor agrees to utilize strong encryption standards (AES/256 bit or greater) for the storage, transport, and transmission of H-NNCSB data for purposes of executing the agreement between the H-NNCSB and Contractor.
Encryption Standards. Stored Data Any Confidential Information at rest, wherever the information is stored, must be encrypted using Advanced Encryption Standard (AES), or equivalent protocol, with cipher strength of 256-bit, or equivalent. Contractor’s and sub-contractors’ use of remote servers (e.g. cloud storage, Software-as-a-Service or SaaS) for storage of County PI, PHI and/or MI shall be subject to written pre-approval by the County’s Chief Information Security Officer.
Encryption Standards. Transmitted Data All transmitted County Confidential Information must be encrypted using Secure Sockets Layer (SSL) (aka TLS), or equivalent protocol, with a minimal cipher strength of 128- bit, or equivalent.
