Technical and Organizational Security Measures. Okta shall maintain administrative, physical and technical safeguards for protection of the security, confidentiality and integrity of Customer Data, including Personal Data, as set forth in the Trust & Compliance Documentation. Okta regularly monitors compliance with these safeguards. Okta will not materially decrease the overall security of the Service during a subscription term. DATA EXPORTER Name…….……………………………… Authorised Signature …………………… DATA IMPORTER Name: Xxx Xxxxxx Authorised Signature
Technical and Organizational Security Measures. The Technical and Organizational Security Measures can be found at the following link: xxxxx://xxx.xxxxxxx.xxx/en-us/about/legal.html
Technical and Organizational Security Measures. 9.1 The Data Processor shall perform its obligations and actions under this DPA with all due skill, care and diligence.
Technical and Organizational Security Measures. Cloudflare has implemented and shall maintain an information security program in accordance with ISO/IEC 27000 standards. Cloudflare’s security program shall include: Measures of encryption of Personal Data Cloudflare implements encryption to adequately protect Personal Data using: ● state-of-the-art encryption protocols designed to provide effective protection against active and passive attacks with resources known to be available to public authorities; ● trustworthy public-key certification authorities and infrastructure; ● effective encryption algorithms and parameterization, such as a minimum of 128-bit key lengths for symmetric encryption, and at least 2048-bit RSA or 256-bit ECC key lengths for asymmetric algorithms. Measures for ensuring ongoing confidentiality, integrity, availability and resilience of processing systems and services Cloudflare enhances the security of processing systems and services in production environments by: ● employing a code review process to increase the security of the code used to provide the Services; and testing code and systems for vulnerabilities before and during use; ● maintaining an external bug bounty program; ● using checks to validate the integrity of encrypted data, and ● employing preventative and reactive intrusion detection. Cloudflare deploys high-availability systems across geographically-distributed data centers. Cloudflare implements input control measures to protect and maintain the confidentiality of Personal Data including: ● an authorization policy for the input, reading, alteration and deletion of data; ● authenticating authorized personnel using unique authentication credentials (passwords) and hard tokens; ● automatically signing-out user IDs after a period of inactivity; ● protecting the input of data, as well as the reading, alteration and deletion of stored data; and ● requiring that data processing facilities (the rooms housing the computer hardware and related equipment) are kept locked and secure. Measures for ensuring the ability to restore the availability and access to Personal Data in a timely manner in the event of a physical or technical incident Cloudflare implements measures to ensure that Personal Data is protected from accidental destruction or loss, including by maintaining: ● disaster-recovery and business continuity plans and procedures; ● geographically-distributed data centers; ● redundant infrastructure, including power supplies and internet connectivity; ● backups stored at...
Technical and Organizational Security Measures. The Processor has taken the following technical and organizational security measures:
Technical and Organizational Security Measures. The physical, organizational and technical safeguards which HTC has implemented for the HTC Offerings are set forth in HTC Corporate Information Security Policy.
Technical and Organizational Security Measures. (A) Data Processing The Parties must assess and reduce the scope of data access and processing limited to what is strictly necessary for the performance of the Agreement.
Technical and Organizational Security Measures. 7.1 LASSO shall implement appropriate technical and organizational measures in accordance with the Data Protection Legislation to ensure a level of security appropriate to the risks that are presented by such processing, in particular, protecting from and against accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data, taking into account the state of the art, the costs of implementation, the nature, scope, context and purposes of processing and the likelihood and severity of risk in relation to the rights and freedoms of the data subjects, so as to ensure a level of security appropriate to (i) the harm that may result from a breach of the relevant measures, and (ii) the nature of Personal Data processed hereunder.
Technical and Organizational Security Measures. 1. DocuWare shall maintain administrative, physical and technical safeguards for protection of the security, confidentiality and integrity of personal data as it determines in its reasonable discretion. Schedule 2 – Business Associate Agreement This Schedule 2 is included as part of the DocuWare Cloud Services Agreement (the “Cloud Services Agreement”) by and between DocuWare (as defined in the Cloud Services Agreement) and Customer (as defined in the Cloud Services Agreement). This Business Associate Agreement (this “Agreement”) is made as of the Effective Date of the Cloud Services Agreement, by and between DocuWare and Customer, each individually a “Party” and together the “Parties.”
Technical and Organizational Security Measures. The Processor guarantees that it has implemented and will continue to implement under the term of this DPA appropriate technical and organizational measures in such a manner that its Processing of Personal Data under this DPA will meet the requirements of Applicable Data Protection Law and ensure the protection of the rights of the Data Subject. Description of the minimum technical and organizational security measures required to be implemented by Vendor: • Established standards that all users must agree to that dictate what computers may and may not be used for • Performance of risk assessments for new companies onboarded that interact with Cepheid data, and for when major changes are made • Control of what software users are able to install and use and have a process for approving new software • Performance of several versions of yearly security training, security newsletters, and monthly phishing tests • Established and tested processes for identifying and responding to security events • Established and tested processes for performing back-ups and recovery of data and systems • Rules for provisioning, deprovisioning, and changing access for users • Password requirement to be 12 characters, complex, and changed every 90 days • Standards for how cloud services are purchased and configured • Standard for how computers and systems are tracked in a single place • Performance of change management meetings to review prior to making changes • Standards for how network devices are configured, connected, and maintained • Minimum security baselines for all system types defined o Laptops/Desktops require Malware protection software, network access software, and USB protection • Standards for sending event logs to a central tracking system (SIEM) • A process for identifying and remediating security vulnerabilities and patches on a regular basis
