Network Configuration. 1.1. Networks used to access Personal Data must be configured as follows: 1.1.1. The internal network that supports Personal Data Processing must be configured using RFC 1918 IP addresses. 1.1.2. A stateful firewall must be used to control access between the Internet and workstations used to Process Personal Data. 1.1.3. Inbound Internet access must be protected from malicious code intrusion (e.g., scanning at email gateways, blocking links, stripping executables, intrusion detection/prevention system). 1.1.4. Outbound Internet access must have controls to prevent leakage and misdirection of Personal Data (e.g., proxy server, content filtering, or other network control). 1.1.5. If wireless networking is used at any point along the data path, the wireless network must be secured using the WPA2 standard.
Appears in 2 contracts
Sources: Data Processing Agreement, Data Processing Agreement