Access control to data Sample Clauses
The 'Access control to data' clause defines the rules and mechanisms by which parties can access, use, or modify data covered by the agreement. Typically, it specifies who is authorized to view or handle certain types of data, under what circumstances access is granted, and may outline technical or procedural safeguards such as passwords, encryption, or audit trails. This clause is essential for protecting sensitive information, ensuring compliance with privacy regulations, and preventing unauthorized data breaches or misuse.
POPULAR SAMPLE Copied 1 times
Access control to data. The Supplier shall take reasonable steps to prevent logical access to Data by unauthorized persons by implementing and maintaining suitable measures to prevent unauthorized reading, copying, alteration or removal of the media containing Data, unauthorized input into memory, reading, alteration or deletion of the stored Data. This will be accomplished by the following measures:
3.1. Supplier shall ensure that Data is encrypted in transit using non-deprecated industry standard protocols (e.g. SSH/SCP/SFTPV2, TLSv1.2 or greater).
3.2. Supplier shall ensure an industry standard level of encryption of Data appropriate to the risks that are presented by the processing of Data at rest. Notwithstanding, all backups of Data shall be encrypted on backup media.
3.3. Data may only be downloaded to a Supplier’s PC, laptop, mobile device, or removable storage if hard disk encryption is enabled on that device.
3.4. Ensure periodic encryption key rotation and management.
3.5. Data may never be used in development, testing, and / or staging environments unless the Data are pseudonymized and such use is authorized in writing by Avaya.
3.6. If credit cardholder information is handled, stored, or otherwise processed, the Supplier’s systems must be PCI DSS certified.
Access control to data. Persons entitled to use data processing systems gain access only to the Personal Data that they are authorized to access. Measures include: ● ▇▇▇▇ restricts Personnel access to files and programs on a "need-to-know” basis. ● The production environment is separate from the development and testing environment. ● ▇▇▇▇ uses well-configured firewalls for their backend infrastructure. ● ▇▇▇▇ Platform contains capabilities to set roles and permissions to let Customers manage authorizations to set that Personal Data is only made available to appropriate users when needed.
Access control to data. All requests for application or system access, including remote (dial-up) access, are submitted through the IT Access Request Database. The functional manager, data owner, or other authorized approver must approve each request. Documentation is maintained. Security Administration generates user access lists for in-scope applications, databases, and related UNIX and Windows servers with the associated access rights for the designated business owners/IT managers. The business owners/IT managers are responsible for reviewing and approving these lists at least annually.
Access control to data. Individuals will request access and justify a need to retain access as part of a documented access request process. Their managers or other responsible individuals must authorize or approve access before it is authorized.
Access control to data. LumApps implements security measures to prevent Authorized Users from accessing data beyond their authorized access rights and prevent the unauthorized input, reading, copying, removal, modification or disclosure of data. These measures include: ● granular access rights; ● automated log of user access via IT systems; ● measures to prevent the use of unauthorized automated data-processing systems; ● access must be reviewed every quarter; ● no Customer data will be used in development or test environment;
Access control to data. Persons entitled to use data processing systems gain access only to the Personal Data that they are authorized to access. Measures include: ● TemplateRobot restricts Personnel access to files and programs on a "need-to-know” basis. ● The production environment is separate from the development and testingenvironment. ● TemplateRobot uses well-configured firewalls for their backend infrastructure. ● TemplateRobot Platform contains capabilities to set roles and permissions to let Customers manage authorizations to set that Personal Data is only made available to appropriate users when needed.