Logging. The ISP will require the maintenance of network and application logs as part of BNY Mellon’s security information and event management processes. Logs are retained in accordance with law applicable to BNY Mellon’s provision of the services as well as BNY Mellon’s applicable policies. BNY Mellon uses various tools in conjunction with such logs, which may include behavioral analytics, security monitoring case management, network traffic monitoring and analysis, IP address management and full packet capture.
Logging. Partner will log, including time and date, all attempted accesses to its servers involved in performing obligations to or for Yahoo or otherwise conducted pursuant to this Security Agreement and the Business Agreement, and the result of such attempts, successful or unsuccessful. In order to enable a complete audit trail of activities, Partner must log, including time and date, all commands that require additional privileges, including all failed attempts to execute privileged commands. Partner must protect the logs from tampering. Partner will retain all such log entries for at least six months.
Logging. The PEPPOL AP Provider shall log all business documents handled by the PEPPOL AP. Such log shall be kept for at least 3 months or for the period prescribed by law. The PEPPOL AP Provider shall on request from the implicated users (PEPPOL SML, PEPPOL SMP, other PEPPOL APs and/or PEPPOL Participant) or from the PEPPOL Authority reveal or give access to relevant data from the logs provided that the data is not subject to a duty of confidentiality in which case the prior written consent of the data subject should be retrieved.
Logging. Al network traffic and all server logs are monitored and logged. The following activities are logged in systems, databases and networks: • All access attempts • All searches and • Activities carried out by system administrators and others with special rights • Security incidents including (i) deactivation of logging, (ii) changes to system rights and (iii) failed log-on attempts The Supplier does not work with shared log-ins. Therefore, it will always be possible to identify which employee performed a specific activity. The relevant log files are stored and protected against manipulation and technical errors. The log files are continuously reviewed to ensure normal operation and to examine unintended incidents. Anti-virus and firewalls All external access to systems and databases where processing of personal data takes places, is filtered through a secure firewall with a restrictive protocol. A port and IP address filtration has been implemented to ensure limited access to ports and specific IP addresses. Anti-virus software and Intrusion Prevention System (IPS) have been installed on all systems and databases where processing of personal data take place, to protect against hostile attacks. The anti- virus software is continuously updated. Protection against XSS and SQL injections is implemented in all services. The internal network of the Supplier can only be accessed by authorized persons.
Logging. 6.21 The Processor shall, upon request from the Controller, be able to provide logs of the personnel who have obtained access to personal data.