Information Exchange Security Clause Samples
The Information Exchange Security clause establishes requirements and protocols to protect the confidentiality, integrity, and availability of information shared between parties. It typically mandates the use of secure communication channels, such as encrypted email or secure file transfer systems, and may require both parties to implement specific security measures like access controls or regular security audits. This clause is essential for minimizing the risk of data breaches or unauthorized disclosures, thereby ensuring that sensitive information remains protected throughout the course of the business relationship.
Information Exchange Security. The security of the information being passed on this two-way connection is protected through the use of FIPS 140-2 validated encryption, which protects the data in-transit and at rest. The MTW Expansion application is hosted in the Salesforce Government Cloud (Gov Cloud), which has a FedRAMP Moderate Authority to Operate (ATO) and Department of Defense Impact Level 4 Provisional Authorization (PA). These authorizations enable organizations to transmit, process, and store sensitive information such as personally identifiable information (PII). Gov Cloud also provides the following: U.S. Data Centers: Customer Data is processed and stored solely within the continental U.S U.S. Citizens: Operated and supported by screened U.S. citizens as applicable. Salesforce’s approach to information security governance is structured around the ISO 27001/27002 framework and consistent with the requirements identified in NIST SP 800-53. All users are granted Role Based Access Control (RBAC) and the concept of least privilege is applied to support control and access to data elements within the system. The default user authentication mechanism for the Salesforce Government Cloud requests that a user provide a username and password (credentials) to establish a connection. The Salesforce Government Cloud does not use cookies to store confidential user and session information [AC-2, IA-2]. Trusted Behavior Expectations. HUD's system and users are expected to protect Organization B’s ABC database, and Organization B's system and users are expected to protect HUD's MTW Expansion application, in accordance with the Privacy Act and Trade Secrets Act (18 U.S. Code 1905) and the Unauthorized Access Act (18 U.S. Code 2701 and 2710).
Information Exchange Security. Each organization will maintain the boundary protections to include firewalls, IDS/IPS, and any other perimeter protections required for their respective network as dictated by organization security policies. Both organizations will ensure that (where appropriate) virus and spyware detection and eradication capabilities are used and that adequate system access controls (i.e., NIST 800-53) are in place and maintained on all components connected to the systems. DHS CISA and the shall protect the data in order to maintain confidentiality, integrity, and availability of the data and information systems. In order to connect to the DHS TAXII server, any external organization must be white-listed at the TAXII server firewall; therefore, static IP addresses or ranges are to be used by external organizations. Specific protocols and ports that are needed to support this interconnection are provided in Appendix A: Ports and protocols not specifically defined in Appendix A will be approved by DHS firewall change control procedures.
Information Exchange Security. The connection with CBP is via the public Internet, over a AES 256 bit protected VPN tunnel.
Information Exchange Security. Each organization will maintain the boundary protections to include firewalls, IDS/IPS, and any other perimeter protections required for their respective network as dictated by organization security policies. 1 See ▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇.▇▇▇/govcloud-us/ for additional information. 2 Physical and environmental safeguards of DHS-hosted components are fulfilled by AWS and have been independently audited to the Federal Risk and Authorization Management Program (FedRAMP) requirements. Both organizations will ensure that (where appropriate) virus and spyware detection and eradication capabilities are used and that adequate system access controls are in place and maintained on all components connected to the systems. In order to connect to the DHS TAXII server, any external organization must be white-listed at the TAXII server firewall; therefore, static IP addresses or ranges are to be used by external organizations.
Information Exchange Security. The FTPS protocol is used to protect the credential and information exchange between the COSMIC-PGD and INPE-COSMIC-PGD systems. INPE uses a group account with a reusable password, created by UCAR/COSMIC, which allows INPE to automate the file transfer process. The account is used for the purpose of delivering VC files to the COSMIC-PGD, and in turn receiving TLE and Pass Schedule files. This account does not have the ability to elevate privilege. UCAR/COSMIC maintains the account on the COSMIC-PGD system and determines the appropriate password strength and change policy. Both the COSMIC-PGD and INPE-COSMIC-PGD systems are located within controlled access facilities, with alarms and 24x7 monitoring. UCAR/COSMIC users access the COSMIC-PGD system over the UCAR Virtual Private Network (VPN) with multifactor authentication token. INPE-COSMIC-PGD users access the system through their "login" and "password" used for accessing all of INPE´s internal systems. Differentiated authentication rules are not applied. Individual COSMIC-PGD staff have no direct access to the INPE-COSMIC-PGD system. Individual INPE-COSMIC-PGD staff have no direct access to the COSMIC-PGD system.
Information Exchange Security. The information exchanged between VENDOR and CAFS requires the lender using the vendor solution has a valid CLS account.
Information Exchange Security. All data transferred between systems will be encrypted over secure web interfaces via the authorized API connection maintained by USAC. The user agent requesting access must be capable of accepting cookies and following all HTTP redirects. Only authenticated requests through an encrypted channel which will be submitted using the HTTPS (SSL/TLS), will be accepted. The connection authorization mechanism restricts each authenticated API user to only the data related to the companies (i.e. study area codes in NLAD) assigned to them as well as restricting them to specific API operations and resources that are provisioned by USAC. The security of the information being passed on these two-way connections will be protected in accordance with requirements set forth in this ISA. Both parties agree to maintain the connections at each end in a controlled access environment that includes the use of authorized access codes (passwords or public key infrastructure (PKI)) to restrict access and to safeguard the data by utilizing encryption for data in transit and at rest. Trusted Behavior Expectations. USAC’s system and users are expected to protect SERVICE PROVIDER’s system. SERVICE PROVIDER's system and employees (including contractors and subcontractors) with access to the system interconnection are expected to protect USAC’s pre-production and production environment servers for the NV and/or NLAD in accordance with the Federal Information Security Modernization Act (“FISMA”), Privacy Act (5 U.S.C. § 552a), Trade Secrets Act (18 U.S.C. § 1905), Unauthorized Access Act (18 U.S.C. § 2701), and NIST and OMB requirements. In addition, SERVICE PROVIDER may not take actions that impose an unreasonable or disproportionately large load on the infrastructure of the NV and/or NLAD system connections and USAC reserves the right to limit or stop connection transaction rates in order to safeguard USAC’s systems during peak system transaction volumes or for system maintenance activities.
Information Exchange Security. The security of the information being passed on this connection {specify; e.
Information Exchange Security. [Enter a description of all system security technical services pertinent to the secure exchange of information/data among and between the systems in question.]
Information Exchange Security. All data transferred between systems will be encrypted over secure web interfaces via the authorized API connection maintained by USAC. The user agent requesting access must be capable of accepting cookies and following all HTTP redirects. Only authenticated requests through an encrypted channel which will be submitted using the HTTPS (“SSL/TLS”), will be accepted. The connection authorization mechanism restricts each authenticated API user to only the data related to the companies (i.e. study area codes in NLAD) assigned to them as well as restricting them to specific API operations and resources that are provisioned by USAC. The security of the information being passed on these two-way connections will be protected in accordance with requirements set forth in this ISA. Both parties agree to maintain the connections at each end in a controlled access environment that includes the use of authorized access codes (passwords or public key infrastructure (“PKI”)) to restrict access and to safeguard the data by utilizing encryption for data in transit and at rest.