Security Parameters Clause Samples

Security Parameters. Interconnections will be used to transmit data between Members and the Network via secured data streams for the purposes specified in this Agreement. If an exchange not covered by this Agreement is detected without prior appropriate approval, it must be refused, and documented as a possible intrusion until the interconnected service is authorized. Also, additional security parameters may be required (e.g., personal accountability) to allow the respondent system to determine whether a requestor is authorized to receive the information and/or services requested and whether all details of the transaction fall within the scope of user services authorized in this Agreement.

Security Parameters. EGS and <<VENDOR SYSTEM>> use RESTful web services over HTTPS using most current NIST and Federal Government recommended versions of TLS to implement its system-to-system interface. The EGS system shall connect to the <<VENDOR SYSTEM>> system using the system- to-system interface.

Security Parameters. Data is exchanged using the latest secure connection protocol. SBA currently supports TLS 1.2 and 1.3.

Security Parameters. [Required for systems that allow users of one system to directly access the other system. Specify the security parameters that are exchanged among/between systems that authenticates that the requesting system is the legitimate system and that the class(es) of service being requested are approved by the ISA. For example, at the system level, if a new service such as E-mail is requested without prior coordination, it should be detected, refused, and documented as a possible intrusion until the interconnected service is authorized. Also, additional security parameters may be required (e.g., personal accountability) to allow the respondent system to determine whether a requestor is authorized to receive the information and/or services requested and whether all details of the transaction fall within the scope of user services authorized in the ISA.]

Security Parameters. All Parties are required to protect NMT’s systems and data in accordance with applicable statutory, regulatory and contractual compliance obligations; Provider shall establish procedures, supporting business processes and implement technical measures to ensure the continuity and availability of operations while operating in other-than-normal conditions; Unless otherwise protected by NMT-defined alternative physical safeguards, Provider must: Implement cryptographic mechanisms to prevent unauthorized disclosure of information;

Security Parameters. Credit card numbers, fixed log-in passwords, and other security parameters that can be used to gain access to goods or services, shall not be sent over the Internet in readable form. The SSL or SET encryption processes are both acceptable Internet encryption standards for the protection of security parameters. Other encryption processes, such as PGP, are permissible if approved by Gateway.

Security Parameters. The following detailed security measures and controls implemented by each organization to protect the confidentiality, integrity, and availability of the connected systems and the information/data that will pass between them are outlined below; [VA Organization 1] implements the following security measures and controls: • Identification and Authentication - User Access control is managed by strong authentication method and must be assigned on the "Least Privilege" Principal. VA utilizes “two-factor authentication” for general users. A separate token and non-mail enabled account is required for users who require elevated privileges on IT systems. • Logical Access Controls - VA accounts are separated into domains and the system administrators only manage those accounts within their domain. Accounts are audited every ninety (90) days. VA policy requires account termination within twenty-four (24) hours of an employee/contractor departure. Accounts are terminated immediately in the event of a hostile termination. • Physical and Environmental Security - Physical and environmental controls are maintained at VA facilities. Badges are required for employees and contract staff. Access to networking closets and computer rooms require authorization from the facility Chief Information Officer (CIO) and a log is maintained. VA computer rooms are environmentally controlled for operation of the equipment is contains. This includes power; network; heating, ventilation, and air conditioning (HVAC); and fire suppression. • Firewall, IDS, and Encryption - Intrusion detection systems (IDS) are in place at gateways and throughout the VA network. The VA’s Network Security Operations Center monitors the VA network 24x7. Suspicious activity is reviewed and determined recommendations are formulated and assigned to the system administrators. FIPS 140-2 validated encryption is required for transmission of sensitive information. [Organization 2] implements the following security measures and controls: • Identification and Authentication - [Detailed description of policy] • Logical Access Controls - [Detailed description of policy] • Physical and Environmental Security - [Detailed description of policy] • Firewall, IDS, and Encryption - [Detailed description of policy as well as confirmation of properly configured firewalls.]