Logging. Al network traffic and all server logs are monitored and logged. The following activities are logged in systems, databases and networks: • All access attempts • All searches and • Activities carried out by system administrators and others with special rights • Security incidents including (i) deactivation of logging, (ii) changes to system rights and (iii) failed log-on attempts The Supplier does not work with shared log-ins. Therefore, it will always be possible to identify which employee performed a specific activity. The relevant log files are stored and protected against manipulation and technical errors. The log files are continuously reviewed to ensure normal operation and to examine unintended incidents. Anti-virus and firewalls All external access to systems and databases where processing of personal data takes places, is filtered through a secure firewall with a restrictive protocol. A port and IP address filtration has been implemented to ensure limited access to ports and specific IP addresses. Anti-virus software and Intrusion Prevention System (IPS) have been installed on all systems and databases where processing of personal data take place, to protect against hostile attacks. The anti- virus software is continuously updated. Protection against XSS and SQL injections is implemented in all services. The internal network of the Supplier can only be accessed by authorized persons.
Appears in 6 contracts
Samples: Data Processing Agreement, Data Processing Agreement, Data Processing Agreement
