Security Awareness. The Contractor and Key Persons of the contractor must attend annual security awareness sessions and complete required forms to perform services for the Authority. The Contractor must complete a Security Plan (see Exhibit E) upon entering into an awarded contract.
Security Awareness. Each party shall ensure that its employees and contractors remain aware of industry standard security practices, and their respective responsibilities for protecting the Mercury Information and the Global Processing Resources. This shall include, but not be limited to:
Security Awareness. Tenant and Occupant acknowledge that security systems are subject to failure from malfunction, tampering, power outages, human error or other causes, and agree that they shall not rely on such systems as protection against crime, injury or damage. Landlord specifically disclaims any express or implied warranty of any security systems provided by Landlord. Tenant and Occupant acknowledge that he or she is responsible for his or her own personal safety and agrees to take appropriate safety measures to protect him or herself.
Security Awareness. Notified shall ensure that its employees and contractors remain aware of industry standard security practices, and their responsibilities for protecting the Customer Information. This shall include, but not be limited to:
Security Awareness. Policies: CloudShare has developed a comprehensive set of security policies covering a range of topics. These policies are shared with, and made available to, all employees and contractors with access to CloudShare information assets.
Security Awareness. For the purpose of familiarizing users with the CBNS Information Security policy and educating users on recommended practices, the Department of Management Information Systems has established and will maintain a regularly published informational newsletter; an organized users group and departmental policy. Practices promulgated include but are not limited to: • Educating users on the creation of good passwords • Do’s and don’ts for maintaining workstations • Informing users of e-mail and Internet access policies • Employee responsibility for computer security • Incident reporting procedures • How to identify social engineering tactics • Protecting information The main purpose of the Information Security Policy is to inform users, staff and managers of their obligatory requirements for protecting technology and information assets. The policy specifies the mechanisms through which these requirements can be met. It is also to provide a baseline from which to acquire, configure and audit computer systems and networks for compliance with the policy. INCIDENT REPORTING The Department of Management Information Systems has in the past reported computer incidents and will continue to report computer incidents to the Federal Computer Incident Response Center (FedCIRC) and the National Infrastructure Protection Center (NIPC) via United States Computer Emergency Response Team (US-CERT). FedCIRC is part of the National Cyber Security Division (NCSD), a division of the Information Analysis and infrastructure Protection (IAIP) Directorate in the Department of Homeland Security(DHS). US- CERT is a partnership between the Department of Homeland Security and the public and private sectors. Established to protect the nation's Internet infrastructure, US-CERT coordinates defense against and responses to cyber attacks across the nation.
Security Awareness. Each Party shall ensure that all of its employees and other personnel are familiar with and have received adequate training with respect to its written information security program and their obligations thereunder.
Security Awareness. Each employee, when inducted, signs a confidentiality agreement and acceptable use policy, after which they undergo training in information security, privacy, and compliance. Furthermore, we evaluate their understanding through tests and quizzes to determine which topics they need further training in. We provide training on specific aspects of security, that they may require based on their roles. We educate our employees continually on information security, privacy, and compliance in our internal community where our employees check in regularly, to keep them updated regarding the security practices of the organization. We also host internal events to raise awareness and drive innovation in security and privacy. Dedicated security and privacy teams We have dedicated security and privacy teams that implement and manage our security and privacy programs. They regulate and maintain defense systems, develop review processes for security, and constantly monitor our networks to detect suspicious activity. They provide domain- specific consulting services and guidance to our engineering teams. Internal audit and compliance We have a dedicated compliance team to review procedures and policies in ManageEngine to align them with standards, and to determine what controls, processes, and systems are needed to meet the standards. This team also does periodic internal audits and facilitates independent audits and assessments by third parties. For more details, check out our compliance portfolio. Endpoint security All workstations issued to ManageEngine employees run up-to-date OS versions and are configured with anti-virus software. They are configured such that they comply with our standards for security, which require all workstations to be properly configured, patched, and be tracked and monitored by ManageEngine's endpoint management solutions. These workstations are secure by default as they are configured to encrypt data at rest, have strong passwords, and get locked when they are idle. Mobile devices used for business purposes are enrolled in the mobile device management system to ensure they meet our security standards.
Security Awareness. Background checks are required on personnel at the time of hire, to the extent permitted under applicable law. • Employees are required to undergo periodic privacy and information security training. • Training is updated as deemed necessary by Data Importer.
Security Awareness. 2.2.2.2.17. New Hire, Role Change, and Termination
