Virtualization & Cloud Solutions Clause Samples

Virtualization & Cloud Solutions. Jostens may utilize a cloud solution, which must adhere to the same security principles required by Jostens IT security policies and applicable government regulations, laws, or directives as used throughout the enterprise: a. The geographic location of provider infrastructure resources is known to Jostens. Jostens is in control of the data location to ensure compliance with local laws that restrict the cross-border flow of data. b. Vendors providing cloud services must: i. Provide a process for data destruction and secure deletion of any and all Jostens data as needed; ii. Have an established method of encrypting sensitive data in storage and in transit following industry- recognized leading practices; iii. Securely handle Jostens related data, compute resources, virtual machines resources by providing logical isolation and secure migration; iv. Include methods or options for multi-factor authentication for cloud administrator roles; v. Provide Jostens the capability to fully audit Jostens user access and activity within the cloud service. Audit logs are capable of being exported from the cloud service; vi. Limit employee access to the least privilege needed to perform their duties. vii. Maintain documented audits or established compliance roadmaps in alignment with Industry Standard Certifications for Cloud Security. Examples include ISO27001/2, SSAE16, FEDRAMP, CSA STAR, FIPS 140- 2, and Open Data Alliance; viii. Demonstrate adherence to Security Development best practices for all code, APIs, and applications deployed and implemented in support of the cloud service; ix. Process and advise Jostens of any security breach involving Jostens data or services utilized by Jostens; and x. Provide Jostens with the means to monitor in near real-time service and resource availability; and c. All access to cloud computing sites must encrypt data in transit. i. Any Jostens data stored in a cloud environment is encrypted so that data cannot be read by other users in a multi-tenant environment.