Measures for user identification and authorisation. ● Employee identity is controlled by a central team, members of which prescribe role identity to an Active Directory system; ● The employee Active Directory system acts as the programmatic source of truth, and federates various levels of authority to security providers that govern systems at varying levels of diligence dependent on the risk those systems pose if identity or credentials were compromised. These systems employ MFA and other sophisticated challenge techniques depending on risk; ● Customer identity is managed by server single-sign on partners as well as our own proprietary identity management framework.
Appears in 2 contracts
Sources: Data Processing Agreement, Data Processing Agreement