Security Policies and Procedures. 53. Ensure that all personnel, subcontractors or representatives performing work under this Agreement are in compliance with these Security Requirements. (All Work to Be In Compliance with SISR)
Security Policies and Procedures. Tenant shall be responsible for ensuring that Tenant’s members, officers, directors, employees, volunteers, agents, representatives, participants, guests, contractors, sub-contractors, and other invitees shall comply fully with any and all security policies and procedures adopted or implemented by Landlord from time to time as Landlord deems necessary and appropriate for protecting the public health, safety or, welfare or for compliance with any Federal, state, or local law or regulation. Landlord will provide Tenant with notice of any such adopted or implemented security policies and procedures affecting the Premises or its occupation or use.
Security Policies and Procedures. New York State considers the protection of sensitive and confidential information and business systems to be of the utmost importance. The information collected and maintained by SBOE and CBOEs is protected by a myriad of Federal, State and local laws and regulations. Access to and use of sensitive and confidential information is limited to authorized government employees and legally designated agents, for authorized purposes only. The Contractor and its personnel shall review and be familiar with all Authorized User's security requirements (e.g. laws, policies, procedures and directives) currently existing or implemented during the term of the Contract. If required within the Authorized User Agreement or Purchase Order, Contractor will provide verification of compliance with Authorized User security requirements.
Security Policies and Procedures. The Domestic Companies shall take reasonable steps and adopt an internal compliance process designed to prevent Security Incidents by the Companies, their Personnel, and any third party person or entity, including any foreign government, with respect to any of the Domestic Companies' products or services; such process shall include training and annual certification procedures. In the absence of prior approval by the USG Parties, the Companies shall not authorize any person or entity to take any action that, in the absence of such authorization, would constitute a Security Incident unless such authorization is consistent with this Agreement and with the normal course of the Companies' business. The Domestic Companies also will maintain or exceed security standards and best practices utilized within the U.S. telecommunications industry and will consult with the USG Parties and other appropriate U.S. Government agencies on steps to maintain or exceed such standards and practices. The Domestic Companies shall take measures consistent with such practices to prevent the use of or access to the Domestic Communications Infrastructure or to Data Centers to conduct Lawfully Authorized Electronic Surveillance, or to obtain or disclose Domestic Communications, U.S. Hosting Data, Classified Information, or Sensitive Information, in violation of any U.S. federal, state, or local laws, or the terms of this Agreement. These measures shall include maintenance of all existing Domestic Companies’ security policies and procedures, and shall include provisions consistent with industry best practices for: maintenance of password systems, non-destructive access logs, including in particular, logs regarding any access to a capability to conduct electronic surveillance, and non-destructive audit logs; periodic internal network security audits; periodic switch audits to discover unauthorized “Free Line Service” accounts; physical security for access to Domestic Communications Infrastructure; and ensuring the placement of firewalls and associated security levels.
Security Policies and Procedures. The Contractor and its personnel shall review and be familiar with all State security policies, procedures and directives currently existing or implemented during the term of the Contract, including ITS Policy NYS-P03-002 Information Security Policy (or successor policy). Authorized User may require individual Contractor Staff Members to provide photo identification such as a valid Driver’s License, Non-Driver’s Identification Card, Passport, etc. in order to gain entrance into the Authorized User’s building and/or facilities.
Security Policies and Procedures a. All visits to State facilities or grounds require proper check-in and check-out; on no occasion will service be provided without proper contact with the Authorized User.
Security Policies and Procedures. Provider shall, and shall cause its Subcontractors and employees to, abide by all applicable State security policies that may be established by the State from time to time, and which are provided to Provider in writing. The Parties agree that the security needs of the State, as well as those of other governmental agencies, may require changes to the security policies and procedures that are implemented by Provider. Therefore, Provider and the State concur that a spirit of cooperation and collaboration is needed throughout the Term of this Agreement to develop provisions sufficient to meet these security needs. Provider will actively participate with the State in the mutual development and implementation of these provisions to properly protect the security and confidentiality of State Data and State Confidential Information.
Security Policies and Procedures. Genesys maintains and implements a comprehensive set of security policies and procedures aligned with business goals, compliance programs, and overall corporate governance. These policies and procedures are periodically reviewed and updated as necessary to ensure ongoing compliance.
Security Policies and Procedures. LogicMonitor shall maintain formal information security policies and procedures which address the following areas:
Security Policies and Procedures. Processor has information security, use and management policies which dictate the actions of employees and contractors regarding appropriate use, access to and storage of confidential and sensitive information; restrict access to confidential and sensitive information to members of Processor's workforce who have a "need to know" such information; prevent terminated employees from accessing Processor's information post -termination; and impose disciplinary measures for failure to abide by such policies. System access to Processor resources denied unless specifically assessed and access granted. Processor performs background checks of its employees at time of hire, as permitted by law. Physical and Environmental Access Controls Processor limits physical access to its information systems and facilities using physical controls (e.g., coded pass access) that provide reasonable assurance that access to its data centers is limited to authorized individuals and employs camera or video surveillance systems at critical internal and external entry points. Processor applies air temperature and humidity controls for its data centers and protects against loss due to power failure. Logical Access Controls Processor employs logging and monitoring technology to help detect and prevent unauthorized access attempts to its networks and production systems. Processor's monitoring includes a review of changes affecting systems' handling authentication, authorization, and auditing; privileged access to Processor's production systems. Vulnerability Management Processor regularly performs vulnerability scans and addresses detected vulnerabilities in accordance with their risk. Processor products are also subject to periodic vulnerability assessment and penetration testing. Disaster Recovery and Back-up Controls Xxxxxxxxx performs periodic backups of production file systems and databases according to a defined schedule and maintains a formal disaster recovery plan for the production cloud data center, including regular testing. Cyber Incident Response Plan Processor employs an incident response plan to manage and minimize the effects of unplanned cyber events that includes procedures to be followed in the event of an actual or potential security breach, including: an internal incident response team with a response leader; an investigation team performing a root causes analysis and identifying affected parties; internal reporting and notification processes; documenting responsive a c...
