Common use of System Access Control Clause in Contracts

System Access Control. The following measures are implemented to protect against the unauthorized access to and use of data processing systems used to provide Services on the Platform: a) User and administrator access to the data center facilities, servers, networking equipment, and host software is based on a role based access rights model. A unique ID is assigned to ensure proper user-authentication management for users and administrators on all system components. b) The concept of least privilege is employed, allowing only the necessary access for users to accomplish their job function. When user accounts are created, user accounts are created to have minimal access. Access above these least privileges requires appropriate authorization. c) IT access privileges are reviewed on a regular basis by appropriate personnel. d) Access to systems is revoked within a reasonable timeframe of the employee record being terminated (deactivated). e) First time passwords/passphrases are set to a unique value and changed immediately after first use. f) User passwords/passphrases are changed at least every 90 days and only allow complex passwords. g) Time stamped logging of security relevant actions is in place. h) Automatic time-out of user terminal if left idle, with user identification and password required to reopen. i) Assets (e.g. laptops) are configured with anti-virus software that includes e-mail filtering and malware detection. j) Firewall devices are configured to restrict access to the computing environment and enforce boundaries of computing clusters. k) Firewall policies (configuration files) are pushed to firewall devices on a regular basis.

System Access Control. The following measures are implemented to protect against the unauthorized access to and use of data processing systems used to provide Services on the Platform: a) User and administrator access to the data center facilities, servers, networking equipment, and host software is based on a role role-based access rights model. A unique ID is assigned to ensure proper user-authentication management for users and administrators on all system components. b) The concept of least privilege is employed, allowing only the necessary access for users to accomplish their job function. When user accounts are created, user accounts are created to have minimal access. Access above these least privileges requires appropriate authorization. c) IT access privileges are reviewed on a regular basis by appropriate personnel. d) Access to systems is revoked within a reasonable timeframe of the employee record being terminated (deactivated). e) First time passwords/passphrases are set to a unique value and changed immediately after first use. f) User passwords/passphrases are changed at least every 90 days and only allow complex passwords. g) Time stamped logging of security relevant actions is in place. h) Automatic time-out of user terminal if left idle, with user identification and password required to reopen. i) Assets (e.g. laptops) are configured with anti-virus software that includes e-mail filtering and malware detection. j) Firewall devices are configured to restrict access to the computing environment and enforce boundaries of computing clusters. k) Firewall policies (configuration files) are pushed to firewall devices on a regular basis.

System Access Control. The following measures are implemented to protect against the unauthorized access to and use of data processing systems used to provide Services on the Platformdigital services: a) User and administrator access to the data center facilities, servers, networking equipment, and host software is based on a role role-based access rights model. A unique ID is assigned to ensure proper user-authentication management for users and administrators on all system components. b) The concept of least privilege is employed, allowing only the necessary access for users to accomplish their job function. When user accounts are created, user accounts are created to have minimal access. Access above these least privileges requires appropriate authorization. c) IT System Administrator access privileges are reviewed on a regular basis by appropriate personnel. d) Access to systems is revoked within a reasonable timeframe of the employee record being terminated (deactivated). e) First time passwords/passphrases are set to a unique value and changed immediately after first use. f) User passwords/passphrases are changed at least every 90 days periodically and only allow complex passwords. g) Time stamped logging of security relevant actions is in place. h) Automatic time-out of user terminal if left idle, with user identification and password required to reopen. i) Assets (e.g. laptops) are configured with anti-virus software that includes e-mail filtering and malware detection. j) Firewall devices are configured to restrict access to the computing environment and enforce boundaries of computing clusters. k) Firewall policies (configuration files) are pushed to firewall devices on a regular basis.

System Access Control. The following measures are implemented to protect against the unauthorized unauthorised access to and use of data processing systems used to provide Services on the Platformdigital services: a) User and administrator access to the data center centre facilities, servers, networking equipment, and host software is based on a role based access rights model. A unique ID is assigned to ensure proper user-authentication management for users and administrators on all system components. b) The concept of least privilege is employed, allowing only the necessary access for users to accomplish their job function. When user accounts are created, user accounts are created to have minimal access. Access above these least privileges requires appropriate authorization. c) IT access privileges are reviewed on a regular basis by appropriate personnel. d) Access to systems is revoked within a reasonable timeframe of the employee record being terminated (deactivated). e) First time passwords/passphrases are set to a unique value and changed immediately after first use. f) User passwords/passphrases are changed at least every 90 days periodically and only allow complex passwords. g) Time stamped logging of security relevant actions is in place. h) Automatic time-out of user terminal if left idle, with user identification and password required to reopen. i) Assets (e.g. laptops) are configured with anti-virus software that includes e-mail filtering and malware detection. j) Firewall devices are configured to restrict access to the computing environment and enforce boundaries of computing clusters. k) Firewall policies (configuration files) are pushed to firewall devices on a regular basis.

System Access Control. The following measures are implemented to protect against the unauthorized access to and use of data processing systems used to provide Services on the Platform: a) User and administrator access to the data center facilities, servers, networking equipment, and host software is based on a role based access rights model. A unique ID is assigned to ensure proper user-authentication management for users and administrators on all system components. b) The concept of least privilege is employed, allowing only the necessary access for users to accomplish their job function. When user accounts are created, user accounts are created to have minimal access. Access above these least privileges requires appropriate authorization. c) IT access privileges are reviewed on a regular basis by appropriate personnel. d) Access to systems is revoked within a reasonable timeframe of the employee record being terminated (deactivated). e) First time passwords/passphrases are set to a unique value and changed immediately after first use. f) User passwords/passphrases are changed at least every 90 days periodically and only allow complex passwords. g) Time stamped logging of security relevant actions is in place. h) Automatic time-out of user terminal if left idle, with user identification and password required to reopen. i) Assets (e.g. laptops) are configured with anti-virus software that includes e-mail filtering and malware detection. j) Firewall devices are configured to restrict access to the computing environment and enforce boundaries of computing clusters. k) Firewall policies (configuration files) are pushed to firewall devices on a regular basis.