Network security management. Networks and network services are secured, for example by separation and segregation.
Network security management. DoIT staff routinely become aware of advanced persistent threats (APTs), or generally hostile state actors attacking state and local governments, universities and other ICN constituents. DoIT will provide network security and managed services, including scanning for vulnerabilities on network systems, as further described in Appendix A, the terms and conditions of which are attached hereto and incorporated herein.
Network security management. 1. NautaDutilh manages and controls its networks and properly protects them against threats and maintains security for the information assets that use the network, including information assets that are transmitted.
Network security management. The Supplier shall (and shall ensure that its Subcontractors shall) maintain the appropriate confidentiality, integrity, and availability of Lloyd’s Information, by: • utilising secure network architecture and operations; • ensuring that networks carrying Lloyd’s Information are designed, built, monitored, and managed according to industry standards, best practices and frameworks e.g. ISO27001, TOGAF, OWASP ITIL, etc. such that they enforce the required information security policy boundaries. These boundaries must prevent unauthorised access to Systems and Lloyd’s Systems or Lloyd’s Information by default, and allow only explicitly authorised and authenticated access. The Supplier shall (and shall ensure that its Subcontractors shall) ensure that anti-virus and firewall protection systems are implemented in relation to both internal and external traffic and ensure that: • firewall platforms are hardened; • penetration tests of firewall protected network connections are conducted by trained personnel on a regular basis; • firewalls have real-time logging and alerting capabilities; • intrusion detection systems are implemented where Internet connections exist; • access lists are implemented on network routers to restrict access to sensitive internal networks or servers. Remote support access shall be controlled via a secure gateway that implements the following controls: • strong authentication (e.g. two-factor authentication); • access via a secure gateway (e.g. a firewall or the Azure portal); • remote support accounts only enabled for the duration of troubleshooting activity; • all troubleshooting activity is logged and reviewed. The Supplier shall seek prior written Lloyd’s approval to use any Supplier provider of remote support of Supplier systems. Any such approved Subcontractor shall be subject to a contract between the Supplier and such Subcontractor detailing security requirements in relation to such support, and that access granted to the Subcontractor in order to provide such support is given with minimum privileges and revoked on completion. The Supplier shall develop and implement an appropriate internet, email and acceptable use policy and ensure that appropriate controls are in place and documented to prevent unauthorised download of software or web content by Supplier (or Subcontractor) personnel. The Supplier shall ensure that utility programs capable of overriding system and application controls shall be restricted and tightly controlled. T...
Network security management. 4.1. Attack Prevention - WFS will employ adequate measures to protect the networks hosting information systems against or limit the effects of attacks by unauthorized users.
Network security management. 13.1.1 Network controls Defined in the Eight Technology Information Security Policy and security manual
Network security management. Physical Security - The GSP must provide a copy of its policy restricting physical access to all in-house facilities and equipment.
