Separate Information Processing Environments Clause Samples

Separate Information Processing Environments. At a minimum, the following physical security and access controls must be implemented and maintained throughout the terms of the engagement: i) Verizon Sensitive Information and/or Confidential Information must not be processed on servers that are accessible in general business areas of Supplier’s facility and must be isolated in dedicated information processing areas with independent physical, monitoring, environmental and health and human safety systems (referred to as a “Computer Room”). ii) Access to any information processing area where Verizon Confidential and/or Sensitive information is processed must be restricted to authorized Supplier personnel only. iii) Supplier must implement physical access policies and procedures to ensure that physical access is revoked when it is no longer needed or appropriate (for example, immediately removing access for separated employees or removing access for employees who are no longer authorized to access Verizon Confidential and/or Sensitive Information). Removal of Physical Access should occur in a timely manner not to exceed 24 hours. iv) Supplier must employ technical and organizational mechanisms to prevent unauthorized copying of Sensitive Information within Information Processing Environments. These mechanisms shall include disabling/restricting local ports so as to prevent downloading of data onto removable USB drives, MP3 players or similar devices, restrictions on uploading or file transfer from the facility to unauthorized recipients, and a prohibition on the use of cameras (excluding CCTV security unit) and other screen capture devices.