Operational Measures. The following operational measures are in place to ensure technical and organizational security for user identification and authentication: - Physical locations housing employees do not have direct network, VPN, etc. access to the server/data centers; - Access to servers is controlled with client VPN, as well as maintenance of local workstation compliance leveraging Cendyn’s configuration management tools; - Client VPN is protected with MFA, UserID/Password and Duo; - Server access once past all VPN controls, is then maintained with SSH keys; and - Once in Cendyn's network, to access servers, a second VPN tunnel is established, to access production data. This is also protected with MFA but leverages a different UserID/Password combination.
Appears in 2 contracts
Sources: Data Processing Agreement, Controller to Controller Data Sharing Agreement