System Security (a) If any party hereto is given access to the other party’s computer systems or software (collectively, the “Systems”) in connection with the Services, the party given access (the “Availed Party”) shall comply with all of the other party’s system security policies, procedures and requirements that have been provided to the Availed Party in advance and in writing (collectively, “Security Regulations”), and shall not tamper with, compromise or circumvent any security or audit measures employed by such other party. The Availed Party shall access and use only those Systems of the other party for which it has been granted the right to access and use.
(b) Each party hereto shall use commercially reasonable efforts to ensure that only those of its personnel who are specifically authorized to have access to the Systems of the other party gain such access, and use commercially reasonable efforts to prevent unauthorized access, use, destruction, alteration or loss of information contained therein, including notifying its personnel of the restrictions set forth in this Agreement and of the Security Regulations.
(c) If, at any time, the Availed Party determines that any of its personnel has sought to circumvent, or has circumvented, the Security Regulations, that any unauthorized Availed Party personnel has accessed the Systems, or that any of its personnel has engaged in activities that may lead to the unauthorized access, use, destruction, alteration or loss of data, information or software of the other party hereto, the Availed Party shall promptly terminate any such person’s access to the Systems and immediately notify the other party hereto. In addition, such other party hereto shall have the right to deny personnel of the Availed Party access to its Systems upon notice to the Availed Party in the event that the other party hereto reasonably believes that such personnel have engaged in any of the activities set forth above in this Section 9.2(c) or otherwise pose a security concern. The Availed Party shall use commercially reasonable efforts to cooperate with the other party hereto in investigating any apparent unauthorized access to such other party’s Systems.
NIST Cybersecurity Framework The U.S. Department of Commerce National Institute for Standards and Technology Framework for Improving Critical Infrastructure Cybersecurity Version 1.1.
Network Security The AWS Network will be electronically accessible to employees, contractors and any other person as necessary to provide the Services. AWS will maintain access controls and policies to manage what access is allowed to the AWS Network from each network connection and user, including the use of firewalls or functionally equivalent technology and authentication controls. AWS will maintain corrective action and incident response plans to respond to potential security threats.
DTC DIRECT REGISTRATION SYSTEM AND PROFILE MODIFICATION SYSTEM (a) Notwithstanding the provisions of Section 2.04, the parties acknowledge that the Direct Registration System (“DRS”) and Profile Modification System (“Profile”) shall apply to uncertificated American Depositary Shares upon acceptance thereof to DRS by DTC. DRS is the system administered by DTC pursuant to which the Depositary may register the ownership of uncertificated American Depositary Shares, which ownership shall be evidenced by periodic statements issued by the Depositary to the Owners entitled thereto. Profile is a required feature of DRS which allows a DTC participant, claiming to act on behalf of an Owner of American Depositary Shares, to direct the Depositary to register a transfer of those American Depositary Shares to DTC or its nominee and to deliver those American Depositary Shares to the DTC account of that DTC participant without receipt by the Depositary of prior authorization from the Owner to register such transfer.
(b) In connection with and in accordance with the arrangements and procedures relating to DRS/Profile, the parties understand that the Depositary will not verify, determine or otherwise ascertain that the DTC participant which is claiming to be acting on behalf of an Owner in requesting a registration of transfer and delivery as described in subsection (a) has the actual authority to act on behalf of the Owner (notwithstanding any requirements under the Uniform Commercial Code). For the avoidance of doubt, the provisions of Sections 5.03 and 5.08 shall apply to the matters arising from the use of the DRS. The parties agree that the Depositary’s reliance on and compliance with instructions received by the Depositary through the DRS/Profile System and in accordance with this Deposit Agreement shall not constitute negligence or bad faith on the part of the Depositary.
Contractor Security Clearance Customers may designate certain duties and/or positions as positions of “special trust” because they involve special trust responsibilities, are located in sensitive locations, or have key capabilities with access to sensitive or confidential information. The designation of a special trust position or duties is at the sole discretion of the Customer. Contractor or Contractor’s employees and Staff who, in the performance of this Contract, will be assigned to work in positions determined by the Customer to be positions of special trust, may be required to submit to background screening and be approved by the Customer to work on this Contract.