Operating System Access Control. To protect against unauthorized access or misuse of Recipient Confidential Information residing on Provider Information Processing Systems, Provider will: 9.4.1 Ensure that access to operating systems is controlled by a secure log-on procedure. 9.4.2 Ensure that Provider Information Processing System users have a unique identifier (user ID) or that a documented and approved exception request exists. 9.4.3 Ensure that the use of utility programs that are capable of overriding system and application controls are highly restricted and tightly controlled. 9.4.4 Ensure that inactive sessions are shut down after a defined period of inactivity.
Appears in 2 contracts
Sources: Transition Services Agreement, Transition Services Agreement (ADT Corp)