Database and Network Security Sample Clauses

Database and Network Security. (a) With respect to the Protected Servers and Protected Files, Licensee and the Authorized Third Parties shall employ industry-standard “least privilege” and identity/access management security practices with respect to network and database access and permissions, including requiring unique strong login/password and multi- factor authentication credentials. Only authorized users who need access to the Protected Servers and Protected Files for authorized purposes shall be granted such access. (b) The Protected Servers must be protected with robust industry-standard firewall systems that are configured and monitored in accordance with industry-standard security practices and are designed to detect and protect against common attacks, such as network/database intrusion, DNS and DDoS attacks. (c) In the case of AWS or a substantially equivalent virtual private cloud (“VPC”) service being used, Protected Files must be maintained in a logically secure encrypted virtual storage facility (e.g., an AWS S3 bucket) controlled by Licensee where such storage facility is configured to be not routable from the Internet and access to such storage facility is limited to specified secure actions by authorized users, roles and/or computing instances within Licensee’s VPC (e.g., Licensee’s VPC gateways, VPC endpoints and/or VPC computing instances) that are necessary for delivery of the Licensed Programs via the means licensed in the License Agreement and such access is governed by least privilege security policies that comply with industry-standard security practices (i.e., in the case of using AWS, least privilege security policies that comply with AWS’s security recommendations regarding Identity and Access Management (“IAM”) permission policies for resources (e.g., S3 buckets), principals and related VPC endpoint and subnet configurations, and network security architecture and controls). Further, the following (or equivalent) protections must be employed: AWS Shield (to protect against network intrusion, DNS and DDoS attacks), AWS CloudTrail and VPC Flow Logs (for monitoring) combined with threat detection, and where applicable, AWS WAF (web application firewall).
View Source

Related to Database and Network Security

  • Network Security The AWS Network will be electronically accessible to employees, contractors and any other person as necessary to provide the Services. AWS will maintain access controls and policies to manage what access is allowed to the AWS Network from each network connection and user, including the use of firewalls or functionally equivalent technology and authentication controls. AWS will maintain corrective action and incident response plans to respond to potential security threats.

  • Data Encryption Contractor must encrypt all State data at rest and in transit, in compliance with FIPS Publication 140-2 or applicable law, regulation or rule, whichever is a higher standard. All encryption keys must be unique to State data. Contractor will secure and protect all encryption keys to State data. Encryption keys to State data will only be accessed by Contractor as necessary for performance of this Contract.

  • Network PHARMACY is a retail, mail order or specialty pharmacy that has a contract to accept our pharmacy allowance for prescription drugs and diabetic equipment or supplies covered under this plan. NETWORK PROVIDER is a provider that has entered into a contract with us or other Blue Cross and Blue Shield plans. For pediatric dental care services, network provider is a dentist that has entered into a contract with us or participates in the Dental Coast to Coast Network. For pediatric vision hardware services, a network provider is a provider that has entered into a contract with EyeMed, our vision care service manager.

  • Trunk Group Architecture and Traffic Routing 5.2.1 The Parties shall jointly establish Access Toll Connecting Trunks between CLEC and CBT by which they will jointly provide Tandem-transported Switched Exchange Access Services to Interexchange Carriers to enable such Interexchange Carriers to originate and terminate traffic from and to CLEC's Customers. 5.2.2 Access Toll Connecting Trunks shall be used solely for the transmission and routing of Exchange Access and non-translated Toll Free traffic (e.g., 800/888) to allow CLEC’s Customers to connect to or be connected to the interexchange trunks of any Interexchange Carrier that is connected to the CBT access Tandem. 5.2.3 The Access Toll Connecting Trunks shall be one-way or two-way trunks, as mutually agreed, connecting an End Office Switch that CLEC utilizes to provide Telephone Exchange Service and Switched Exchange Access Service in the given LATA to an access Tandem Switch CBT utilizes to provide Exchange Access in the LATA.

  • Web Site Information on registration for and use of the E-Verify program can be obtained via the Internet at the Department of Homeland Security Web site: ▇▇▇▇://▇▇▇.▇▇▇.▇▇▇/E-Verify.