Remote Access Security Controls Sample Clauses

Remote Access Security Controls. In the event United authorizes Vendor to remotely access United Information Systems, unless authorized by United in writing, only United-owned and maintained mobile/PC devices (i.e., laptops, electronic notebooks, desktop PCs, etc) may be used for remote access into United Information Systems. In the event that United approves Vendor-owned mobile devices for mobile/PC devices for remote access connections, ▇▇▇▇▇▇ agrees to the following security controls: (a) Vendor shall procure mobile/PC devices and related operational hardware, manage the facilities used for remote or at home use, and provide access to United systems. (b) Vendor shall establish mutually agreed upon policies, procedures and protocols that are to address the facilities requirements for remote or at home access. (c) Mobile/PC devices shall be routinely registered with the United security guard or the United manager, as required. (d) Vendor shall have and shall restrict administrative rights to the mobile/PC device and will provide United field support the rights necessary to verify configuration on a periodic basis. (e) Vendor shall configure the mobile/PC device according to United’s connectivity requirements, including approved VPN software. (f) Vendor shall maintain mobile/PC device password and screen saver safeguards. (g) Vendor shall disable all wireless capability from the mobile/PC device when not in use. (h) Vendor shall only use current, commercially supported operating systems on the mobile/PC device. (i) Vendor shall only use current and up to date patches, hot fixes, and service. (j) Vendor shall not simultaneously connect to the United network and a non-secure network (third party network or other non-standard connections). Only authorized connections from United Information Systems to United approved networks are allowed. (k) United reserves the right to require installation of appropriate systems management and security software to ensure adequate protection, including but not limited to system patch levels, anti-virus and malware protection, software licensing and appropriate device-level firewall protection. (l) Vendor remote access users shall adhere to United standard authentication protocols including, but not limited to, network and application login accounts, and/or two factor authentication tokens. (m) Vendor shall remotely connect to United systems using only the following United-provided solutions: (i) External Corporate Connection through a dedicated private netw...