Segregation control. Personal data collected for different purposes is processed separately in compliance with Swedish legislation and Volvo security rules. Test and production environments are strictly separated from each other, according to Dealer rules, and a developer can never update the production environment. This ensures separation of duties. Data from different customers are in most cases divided from each other physically. However, the storage philosophy adopted by Volvo IT depends on shattering. This means that all information is split between different media, which in turn means that if one physical media would be compromised, the information would not be able to be recovered. Client data are stored via CIFS for internal Customers using ACL (Access Control List) in AD and for external customers Volvo IT has dedicated logical storage systems. NFS is the storage system holding export rights. Servers/data base via FCP are using LUN security in the storage system and Zoning in the SAN network, to secure correct access of server disks.
Appears in 2 contracts
Sources: Framework Agreement for the Provision of Connected Services, Framework Agreement