Entry controls Sample Clauses

Entry controls. The Contractor shall prevent unauthorised persons from using IT systems. This shall be done by: ● password procedures (special characters, minimum length, regular change) ● clear assignment of accounts to users, no generic accounts (e.g. Trainee 1, Warehouse, User) ● blocking of the user accounts after several failed login attempts ● use of firewalls/virus scanner ● regular control of the validity of permissions (user accounts) ● secure transmission of authentication secrets (credentials) in the network using TLS/HTTPS, SSH, VPN (IPSec, SSL VPN)
View SourceView Similar (4)
Entry controls. The rooms in which the processing of personal data is carried out or in which data processing systems are installed shall not be freely accessible. They must be locked when the employee is absent. The access authorisations must be issued in a regulated procedure according to the "need to know princi- ple" and must be monitored regularly with regard to their necessity. Rooms in which data processing systems (data centre, servers, network distributors, etc.) are housed must be particularly access con- trolled and may be accessible only to the employees of the IT administration (if required, the man- agement). Alternatively, the devices must be stored in suitable and locked cabinets. Visitors and per- sons outside the company must be registered in a documented procedure and supervised within the premises.
View SourceView Similar (2)

Related to Entry controls

  • Personnel Controls The County agrees to advise Contractor Staff, who have access to PII, of the confidentiality of the information, the safeguards required to protect the information, and the civil and criminal sanctions for non-compliance contained in applicable federal and state laws. For that purpose, the Contractor shall implement the following personnel controls:

  • TIA Controls If any provision of this Indenture limits, qualifies, or conflicts with another provision which is required to be included in this Indenture by the TIA, the required provision shall control.

  • Plan Controls The terms contained in the Plan are incorporated into and made a part of this Agreement and this Agreement shall be governed by and construed in accordance with the Plan. In the event of any actual or alleged conflict between the provisions of the Plan and the provisions of this Agreement, the provisions of the Plan shall be controlling and determinative.

  • Administrative Controls The Contractor must have the following controls in place: a. A documented security policy governing the secure use of its computer network and systems, and which defines sanctions that may be applied to Contractor staff for violating that policy. b. If the Data shared under this agreement is classified as Category 4, the Contractor must be aware of and compliant with the applicable legal or regulatory requirements for that Category 4 Data. c. If Confidential Information shared under this agreement is classified as Category 4, the Contractor must have a documented risk assessment for the system(s) housing the Category 4 Data.

  • Personal Controls a. Employee Training. All workforce members who assist in the performance of functions or activities on behalf of COUNTY in connection with Agreement, or access or disclose PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY, must complete information privacy and security training, at least annually, at CONTRACTOR’s expense. Each workforce member who receives information privacy and security training must sign a certification, indicating the member’s name and the date on which the training was completed. These certifications must be retained for a period of six (6) years following the termination of Agreement.