Logical Controls Clause Samples

Logical Controls. All systems containing Intel Confidential information will have strong access control mechanisms in place. Each system user must have a unique identifier and password combination. There must be control methods for securely granting and revoking access to these systems.
View SourceView Similar (6)
Logical Controls. All systems containing Intel Confidential information will have strong access control mechanisms in place. Each system user must have a unique identifier and strong password combination. A strong password must be per industry standard, but at least 6 digits in length and comprised of alphanumeric and special characters. There must be control methods for securely granting and revoking access to these systems. An audit trail sufficient to support an investigation must be maintained for changes to the security configuration and for system use (e.g. system security logs, user activity logs). Information classified as Intel confidential must be encrypted in network transit. Information above Intel confidential will require additional security controls as specified in the Enhanced Data Security Addendum.
View SourceView Similar (3)
Logical Controls. To the extent You Access Protected Information using Your systems, You will: (i) establish and enforce access control policies and measures to ensure that only individuals who have a legitimate need to Access Protected Information will have such access, including multi-factor authentication; (ii) promptly terminate an individual’s access to Protected Information when such access is no longer required for performance under the Agreement; (iii) maintain reasonable and up-to-date anti-malware, anti-spam, and similar controls on Your networks, systems, and devices; (iv) log the appropriate details of access to Protected Information on Your systems and equipment, plus alarms for attempted access violations, and retain such records for no less than 90 days; (v) maintain controls and processes designed to ensure that all operating system and application security patches are installed within the timeframe recommended or required by the issuer of the patch; and (vi) implement reasonable user account management procedures to securely create, amend, and delete user accounts on networks, systems, and devices through which You Access Protected Information, including monitoring redundant accounts and ensuring that information owners properly authorize all user account requests.
View Source