Common use of Logical Access Control Clause in Contracts

Logical Access Control. The Contractor takes in particular the following measures to prevent data processing systems from being used without authorization: For User identification and authentication: User ID, password procedures incl. password complexity requirements, reset of generated initial password on first use, periodic change of password, password history controls and automatic blocking (e.g. password request or timeout). A Quentry User session expires automatically after a period of inactivity. The Quentry system is hosted on Amazon Web Services (AWS). The Contractor uses the AWS Identity and Access Management to ensure that only specifically appointed and authorized employees of the Contractor have access to the Quentry system for support and maintenance. All Users with elevated access rights will be required to use AWS Multi-Factor Authentication. On network level the AWS Security Groups (firewall) are configured to restrict administrative access to the Quentry system only to inbound connections from the secured network of the Contractor. AWS is utilized for User authentication (storage of User name and password). The network connection from the Quentry system to the AWS system is encrypted via SSL. The passwords are stored encrypted.