Backup Copies. Procedures for backup and retention of data and programs have been documented and implemented. Data and programs are backed up regularly and replicated between geographically diverse data centers. New employees are required to sign a non-disclosure agreement relating to proprietary software and confidentiality of information relating to customers. New employees are required to acknowledge receipt of Abnormal’s Information Security Policy. Access to the production environment is authorized by the Chief Technology Officer and is based on business need. A multi- factor secure remote access is required for all access to the production systems. Customer Data is processed in memory and is not available for printing. All print services are disabled by default on all production servers All Data Importer employees and contractors are provided with unique userIDs Access is only granted to employees whose role requires it Access is disabled upon role reassignment or termination. Access is revoked on termination. Isolated network environment using Amazon VPC Default blocked firewall policies Limited number of integration-related endpoints are accessible via public internet. Majority of services protected by firewalls as private endpoints. Public endpoints utilize Application Load Balancers, and are resilient to dynamic changes in query load/throughput Data in transit encrypted using TLS 1.2 sessions with a 2048-bit RSA asymmetric key HTTPS required for all web traffic Encrypted connectors for databases using SSL
Appears in 4 contracts
Sources: Data Processing Addendum, Data Processing Addendum, Data Processing Addendum