Client Security. Patching of security vulnerabilities to the operating system and software must meet or exceed the service level interval defined by the vendor for the threat level of the vulnerability. • Clients must have Malware protection with automatic signature updates. • Systems located in an unsecured area and attached to the Supplier network must not accesssystems and network segments containing Confidential Information. • All client systems that access Confidential Information, whether in use or not, must be physically secured. • Client systems which access Confidential Information from secured locations must have a passwordprotected screen saver or automated logoff after no more than 15 minutes of inactivity of account access. This includes any third-party vendors that may contract with those vendorsand have privileged access as well.
Appears in 2 contracts
Sources: Data Processing and Security Agreement, Data Processing and Security Agreement
Client Security. ▪ Patching of security vulnerabilities to the operating system and software must meet or exceed the service level interval defined by the vendor for the threat level of the vulnerability. • ▪ Clients must have Malware protection with automatic signature updates. • ▪ Systems located in an unsecured area and attached to the Supplier network must not accesssystems access systems and network segments containing Confidential Informationconfidential data. • ▪ All client systems that access Confidential Informationconfidential data, whether in use or not, must be physically secured. • ▪ Client systems which access Confidential Information confidential data from secured locations must have a passwordprotected password protected screen saver or automated logoff after no more than 15 minutes of inactivity of account access. This includes any third-party vendors that may contract with those vendorsand vendors and have privileged access as well.
Appears in 1 contract