System Sharing Clause Samples

System Sharing. Application must not permit the transmission of City data beyond the approved City domains ▇▇▇▇▇▇▇▇.▇▇▇ and ▇▇▇▇▇▇.▇▇▇. Fully Compliant Agreed and acknowledged AS‐5 Protection of Sensitive Information and Data. Proposer, its agents, employees, contractors and any other person or entity working on behalf of Proposer to provide services under this proposal must at all times comply with City of San Diego Administrative Regulation (A.R. 90.64) “Protection of Sensitive Information and Data”. Fully Compliant Agreed and acknowledged AS‐6 Auditing and Logging. Application must support interoperability with, and stream logs to the City’s centralized Sumo Logic Security Information and Event Management (SIEM) platform for, at a minimum, all security related events including logon, logoff, data modification, data deletion, change in rights or permission levels, and the addition of data/information to the application. Logs must include user ID generating the transaction, time of the transaction and details regarding the activity (e.g. logon, logoff or data details). Fully Compliant Agreed and acknowledged AS‐7 Compliance with Organization’s Security Policy, Standards and Procedures. Solution Proposer working directly on City-owned applications or from City facilities are subject to and required to follow all City policies, standards and guidelines. Proposer must also follow FIPS 140-2 standards which can be viewed at ▇▇▇▇▇://▇▇▇▇.▇▇▇▇.▇▇▇/publications/detail/fips/140/2/final. For FIPS-140-2 the City requires Level 2 compliance; the City requires at least role based authentication for access to this application. Fully Compliant InThing platform includes enterprise class authentication and authorization features that include: Active directory integration for single sign on using OAuth, ▇▇▇▇ or OpenID protocols Username and password credentials. Passwords are encrypted using SHA256 hashed RBAC (role based access control) configurable by account administrators M2M authentication using client id, secret keys along with API key authentication All data transport in and out of InThing’s platform is TLS (1.2 and above) encrypted. All data at rest is AES128 encrypted. AS‐8
View Source
System Sharing. Application must not permit the transmission of City data beyond the approved City domains ▇▇▇▇▇▇▇▇.▇▇▇ and ▇▇▇▇▇▇.▇▇▇.
View Source
System Sharing. Application must not permit the transmission of City data beyond the approved City domains ▇▇▇▇▇▇▇▇.▇▇▇ and ▇▇▇▇▇▇.▇▇▇. Fully Compliant 1.5 Protection of Sensitive Information and Data. Proposer, its agents, employees, contractors and any other person or entity working on behalf of Proposer to provide services under this proposal must at all times comply with City of San Diego Administrative Regulation (A.R. 90.64) “Protection of Sensitive Information and Data”. Fully Compliant 1.6
View Source