Datacenter and Security Requirements Clause Samples

Datacenter and Security Requirements. Board agrees that it shall make the Licensed Software available to Customer using a data center in a manner consistent with the following requirements: 4.5.1. Board shall, or require its vendors and/or suppliers to, implement and maintain procedures to segregate Customer Data from Board’s data and data belonging to Board’s other customers. 4.5.2. Board shall, or require its vendors and/or suppliers to, establish and maintain appropriate environmental, safety and facility procedures, data security procedures and other safeguards designed to protect against the destruction, corruption, loss or alteration of the Licensed Software and any Customer Data, and to prevent unauthorized access, alteration or interference by third parties of the same. 4.5.3. Board shall monitor for any attempted unauthorized access to, or use or disclosure of, the Licensed Software or Customer Data and shall promptly take all necessary and appropriate action in the event any such attempt is discovered, promptly notifying Customer of any material or significant breach of security with respect to any such materials. 4.5.4. When software vulnerabilities are revealed and addressed by a vendor patch, Board will obtain the patch from the applicable vendor and apply it as it is tested and determined to be safe for installation to Board’s customer base.
View SourceView Similar (2)
Datacenter and Security Requirements. Supplier agrees that the GSDS will use a SAS 70 Type II certified (or equivalent) datacenter in a manner consistent with the following requirements: 1. Supplier shall implement and maintain procedures to segregate Company’s Participant data from Supplier's data and data belonging to Supplier's other customers. 2. Supplier shall establish and maintain appropriate environmental, safety and facility procedures, data security procedures and other safeguards agani st the destruction, corruption, loss or alteration of the GSDS and any Company or Participant data, and to prevent unauthorized access, alteration or interference by third parties of thesame. 3. In order to prevent unauthorized use access to Company or Participant data or Company or Participant’s Confidential information or Grid Services Capability or underlying infrastructure, Supplier shall implement measures to delete or otherwise disable user accounts for those employees, agents, representatives or affiliates of Supplier that have been terminated or voluntarily discontinue their relationship with Supplier. Such measures shall ensure that such user accounts are deleted or disabled within twenty four (24) hours of termination or voluntary discharge.
View Source

Related to Datacenter and Security Requirements

  • Security Requirements 7.1 The Authority will review the Contractor’s Security Plan when submitted by the Contractor in accordance with the Schedule (Security Requirements and Plan) and at least annually thereafter.

  • Data Security Requirements Without limiting Contractor’s obligation of confidentiality as further described in this Contract, Contractor must establish, maintain, and enforce a data privacy program and an information and cyber security program, including safety, physical, and technical security and resiliency policies and procedures, that comply with the requirements set forth in this Contract and, to the extent such programs are consistent with and not less protective than the requirements set forth in this Contract and are at least equal to applicable best industry practices and standards (NIST 800-53).

  • Accessibility Requirements Under Tex. Gov’t Code Chapter 2054, Subchapter M, and implementing rules of the Texas Department of Information Resources, the System Agency must procure Products and services that comply with the Accessibility Standards when those Products are available in the commercial marketplace or when those Products are developed in response to a procurement solicitation. Accordingly, Grantee must provide electronic and information resources and associated Product documentation and technical support that comply with the Accessibility Standards.

  • New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to: (1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute; (2) Limit unsuccessful logon attempts; (3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions; (4) Authorize wireless access prior to allowing such connections; (5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity; (6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions; (7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles; (8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services; (9) Enforce a minimum password complexity and change of characters when new passwords are created; (10) Perform maintenance on organizational systems; (11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance; (12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1; (13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital; (14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse; (15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas; (16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems; (17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems; (18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception); (19) Protect the confidentiality of Student Data at rest; (20) Identify, report, and correct system flaws in a timely manner; (21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems; (22) Monitor system security alerts and advisories and take action in response; and (23) Update malicious code protection mechanisms when new releases are available.

  • DATA PROTECTION AND SECURITY A. In this Agreement the following terms shall have the meanings respectively ascribed to them: