Web Security Sample Clauses

Web Security. Our web layer consists of a passcode encrypted web service with enforced business logic. The business logic restricts user activity based upon permission level such that data access is limited to role within the LEA organization. 3 Address the training received by your employees and any subcontractors engaged in the provision of services under the Contract on the federal and state laws that govern the confidentiality of PII. Our employees undergo annual training related to data handling and privacy/security issues. This includes protocols for sharing PII data, requiring it to be sent via a secure method, such as SFTP, instead of via email. Employees are also trained to avoid printing documents with PII unless required to do so and to refrain from sharing data with any person outside of their designated contact at the school or district or others that are explicitly authorized to receive such data.

Web Security. Our web layer consists of a passcode encrypted web service with enforced business logic. The business logic restricts user activity based upon permission level such that data access is limited to role within the LEA organization. 3 Address the training received by your employees and any subcontractors engaged in the provision of services under the Contract on the federal and state laws that govern the confidentiality of PII. Our employees undergo annual training related to data handling and privacy/security issues. This includes protocols for sharing PII data, requiring it to be sent via a secure method, such as SFTP, instead of via email. Employees are also trained to avoid printing documents with PII unless required to do so and to refrain from sharing data with any person outside of their designated contact at the school or district or others that are explicitly authorized to receive such data. 4 Outline contracting processes that ensure that your employees and any subcontractors are bound by written agreement to the requirements of the Contract, at a minimum. All employees and subcontractors sign a NDA related to data handling. Any breach of this agreement is grounds for termination and the offending party may also risk criminal prosecution and civil penalties as a result. 5 Specify how you will manage any data security and privacy incidents that implicate PII and describe any specific plans you have in place to identify breaches and/or unauthorized disclosures, and to meet your obligations to report incidents to the EA. Details on the policies and procedures related to PII handling may be found here, but LinkIt! is committed to prompt notification of any breaches within seven (7) days after initial discovery. The company also performs internal scans to detect such breaches (or attempts) as well as regular penetration and vulnerability testing via a third party firm to identify and mitigate potential risks and vulnerabilities. 6 Describe how data will be transitioned to the EA when no longer needed by you to meet your contractual obligations, if applicable. Data will be transitioned to EA within 7 days of receipt of written request for the same, or, in the absence of such notice, within 60 days of termination of contract. A copy of the data set may also be provided to authorized EA staff upon request following the termination of the Agreement. 7 Describe your secure destruction practices and how certification will be provided to the EA. Written certifi...

Web Security a. The ASP will disclose the use of various web architecture and programming languages, including, but not limited to Java, JavaScript, ActiveX, PHP, Python, C, Perl, VBScript, etc. b. The ASP will describe the process for performing security testing for the application and or system accessing Department data. For example, testing of authentication, authorization, and accounting functions, or any other activity designed to validate the security architecture, including external and internal penetration testing. c. The ASP will disclose the methodology utilized for web code reviews, including CGI, Java, etc., for the explicit purposes of finding and remediating security vulnerabilities, the authorizing party who performed the review, results of the review, and what remediation activity has taken place.

Web Security. Supplier will provide Seagate with the process for doing security- specific quality assurance testing for the application, for example, testing of authentication, authorization, and accounting functions, as well as any other activity designed to validate the security architecture.

Web Security. To prepare for our move to Secure Sockets Layer (SSL -- encrypted communication between servers and browsers) support for our websites, we chose ▇▇▇▇▇▇▇▇▇.▇▇▇ as the source of our SSL certificates.  Teleforms: Libraries reported that their patrons were not receiving “hold pickup” phone notices. The Teleforms log showed no problems and we could hear calls being made. When we listened closely, though, we could hear that “hold pickup” calls were being answered with the message, “You must dial an area code first.” All patron records in Sierra have area codes in their phone numbers, so we contacted III, who had us reapply a code and restart the server. That fixed the problem. There are other problems with Teleforms, though, that we continue to work with III to resolve.  Email: Some patrons report that they’re not receiving email notices. If not the usual suspect (Spam folder), then It may be that the volume of emails we send is causing ISPs to block us temporarily if they think we’re spammers. We’re trying to get whitelisted with Spectrum, since that’s one of the biggest ISPs and is used by many of the patrons who have reported this problem.  Sierra-cc: To log Sierra emails, we Bcc ▇▇▇▇▇▇-▇▇@▇▇▇▇.▇▇▇ on every message. When looking at that account to troubleshoot a problem report, we saw that there were 1.2 million messages in the Inbox. We deleted all messages that were more than thirty days old, and installed a script that runs continually to delete old (> 30 days) messages automatically. (We send more than 85,000 hold and overdue emails a month.)  On the recommendation of the Cataloging Advisory Council we added a new Material Type: Digital Media.  FTP problem: As a result (we think) of our hardening of security on our servers, EGRN and ▇▇▇▇ lost the ability to ftp content to their WordPress sites on our linux web server. We made some adjustments to correct this problem.  Sierra Item Types/Loan Rules: As part of the Cataloging Advisory Council’s project to simplify and reduce the number of Item Types and Loan Rules, ▇▇▇ worked with SNLK, BRUN, NASSS, and other libraries to analyze and change theirs.  New Item Type: At BETH’s request, we created a new Sierra Item Type - 121: Instrument.

Web Security. 1. At University of Louisiana at Lafayette's discretion, the ASP may be required to disclose the specific configuration files for any web servers and associated support functions (such as search engines or databases). 2. Please disclose whether, and where, the application uses Java, Javascript, ActiveX, PHP or ASP (active server page) technology. 3. What language is the application back-end written in? (C, Perl, Python, VBScript, etc.) 4. Please describe the ASP process for doing security Quality Assurance testing for the application. For example, testing of authentication, authorization, and accounting functions, as well as any other activity designed to validate the security architecture. 5. Has the ASP done web code review, including CGI, Java, etc, for the explicit purposes of finding and remediating security vulnerabilities? If so, who did the review, what were the results, and what remediation activity has taken place? If not, when is such an activity planned?

Web Security