Common use of Office/Work Space Clause in Contracts

Office/Work Space. All of the office work space of itslearning is protected by access control. Only invited visitors and employees can access itslearning’s work space. Multiple measures are in place to avoid security issues due to theft or loss of computer equipment. This includes security guidelines and acceptable use policies, authentication systems and encryption of storage units when applicable. Technical measures System availability itslearning has implemented industry standard measures to ensure that personal data are protected from accidental destruction or loss, including: • infrastructure redundancy (including full network, power, cooling, database, server and storage redundancy) • backup is stored at an alternative site and available for restore in case of failure of the primary system. • Appropriate denial-of-service protection • 365/24/7 personnel on duty to monitor and troubleshoot Data protection itslearning has implemented a series of industry standard measures to prevent the personal data from being read, copied, altered or deleted by unauthorized parties during transport or at rest. This is accomplished by various industry standard measures including: • Use of layered firewalls, VPNs and encryption technologies to protect gateways and pipelines • HTTPS encryption (also referred to as SSL or TLS connection) with secure cryptographic keys • Remote access to data centers are protected with a number of layers of network security • Particular sensitive customer data at rest is protected by encryption and/or hashing (pseudonymisation) • Every decommissioned disks are subject to a disk erasure process according to our “Disk erase policy”, and decommissioning is logged by disk serial number • Regular third-party security audits (minimum annually), including penetration testing, that are made available to customers Data centers itslearning uses only state-of the art data centers, with 365/24/7 on-site security and monitoring operations. The data centers are housed in modern fire-resistant facilities that require electronic card key access, with alarms that are linked to the on-site security operation. Only authorized employees and contractors are permitted to request electronic card key access to these facilities. System development itslearning’s platform is based on industry standard technologies from well-known vendors, including Microsoft, Linux, Dell, Fujitsu, Amazon, Cloudflare, F5 and Cisco. Systems are periodically patched to latest version to ensure that the latest security enhancements are applied. The platform is in general updated several times per quarter, and bug-fixes are released swiftly based on priority, following rigorous quality checks. itslearning has measures in place to minimize the risk of introducing code in its platform that can degrade the security or integrity of the customer services and personal data processed. Measures include: • Regular training of staff • Code review by security architects • QA process for rigorous testing of changes prior to deployment Sub-processor security