Network and Communications Security Sample Clauses

Network and Communications Security. 2.1 All Processor connectivity to Controller computing systems and/or networks and all attempts at same shall be only through Controller’s security gateways/firewalls and only through Controller-approved security procedures. 2.2 Processor will not access, and will endeavor its best efforts to prevent unauthorized persons or entities to access,Controller computing systems and/or networks without Controller’s express written authorization and any such actual or attempted access shall be consistent with any such authorization. 2.3 Processor will take appropriate measures to ensure that Processor’s systems connecting to Controller’s systems and anything provided to Controller through such systems does not contain any computer code, programs, mechanisms or programming devices designed to, or that would enable, the disruption, modification, deletion, damage, deactivation, disabling, harm or otherwise be an impediment, in any manner, to the operation of Controller’s systems. 2.4 Processor will maintain technical and organizational measures for data protection including: (i) firewalls and threat detections systems to identify malicious connection attempts, to block spam, viruses and unauthorized intrusion; (ii) physical networking technology designed to resist attacks by malicious users or malicious code; and (iii) encrypted data in transit over public networks using industry standard protocols.

Network and Communications Security. 3.1. All Poppulo connectivity to Customer information systems shall be through secured remote access mechanisms. 3.2. Poppulo will use best industry practice to ensure that Poppulo’s systems connecting to Customer’s systems and anything provided to Customer through such systems does not knowingly contain any malicious code designed to, or that would enable, the disruption, modification, deletion, damage, deactivation, disabling, harm or otherwise be an impediment to the operation of the Customer’s systems. 3.3. At end-of-life, all electronic storage media containing Protected Data will be wiped or degaussed for physical destruction or disposal, in a manner meeting forensic industry standards such as the NIST SP800-88 Guidelines for Media Sanitisation. Destruction of Protected Data on paper shall be by shredding, either by Poppulo or an approved third party. Poppulo will maintain documented evidence of data erasure and destruction. This evidence will be available for review at the request of Customer.

Network and Communications Security. 2.1 All Processor connectivity to Controller computing systems and/or networks and all attempts at same shall be only through Controller’s security gateways/firewalls and only through Controller-approved security procedures. 2.2 Processor shall not access and will not permit unauthorized persons or entities to access Controller computing systems and/or networks without Controller’s express written authorization and any such actual or attempted access shall be consistent with any such authorization. 2.3 Processor shall take appropriate measures to ensure that Processor’s systems connecting to Controller’s systems and anything provided to Controller through such systems does not contain any computer code, programs, mechanisms or programming devices designed to, or that would enable, the disruption, modification, deletion, damage, deactivation, disabling, harm or otherwise be an impediment, in any manner, to the operation of Controller’s systems. 2.4 Processor shall maintain technical and organisational measures for data protection including: (i) firewalls and threat detections systems to identify malicious connection attempts, to block spam, viruses and unauthorized intrusion; (ii) physical networking technology designed to resist attacks by malicious users or malicious code; and (iii) encrypted data in transit over public networks using industry standard protocols.

Network and Communications Security. Markit shall: 2.1 Deploy multiple layers of defence on Markit’s systems including firewalls, network intrusion detection, and host-based intrusion detection systems. All security monitoring systems, including firewalls and intrusion detection systems, must be monitored twenty-four (24) hours per day, three hundred and sixty-five (365) days per year. 2.2 Notify Subscriber as soon as commercially feasible and provide Subscriber, within 5 days of the closure of the incident, if an incident takes place that involves the systems, employees or software used to provide goods and/or services to Subscriber and provide Subscriber with a written report describing the incident, actions taken during the response, and plans for future actions to prevent a similar incident from occurring in the future. 2.3 Configure its firewalls, network routers, switches, load balancers, name servers, mail servers, and other network components in accordance with industry best practices. 2.4 Where Subscriber so requests upon reasonable grounds, and based upon information received by Subscriber about specific and realistic vulnerabilities and threats, to restrict access within Markit to any Subscriber-specific component (if any) of Markit’s networks, systems, and applications used to provide the Services. 2.5 Deploy firewalls, filtering routers, or other similar network segmentation devices between networks providing services anticipated by this agreement and other Markit networks to control network traffic and minimise exposure to a network compromise.

Network and Communications Security. A. Asset Management. BNY Mellon will maintain an inventory of its system components, hardware and software used to provide the services under the Agreement, and will review and update such inventory in accordance with the ISP.

Network and Communications Security. Each party shall deploy security controls in a multi-layered approach, including intrusion detection and anti-virus systems. All security control layers shall log and notify any unusual activity twenty-four (24) hours per day, three hundred sixty five (365) days a year. Administrators shall review logs regularly (at least monthly) and respond to alerts within a reasonable amount of time. Logs shall be archived onto a write once/read only media for a reasonable amount of time (consistent with commercially reasonable document retention policies) and be accessible for investigation purposes.

Network and Communications Security. The Supplier must develop and implement network and communications security policies, procedures and technology to control and detect potential network and communications information security system issues and failures. At a minimum, Supplier must have: i) Firewall controls at appropriate points in the Supplier network to control the ingress and egress of communications and data to environments containing Verizon Sensitive Information and/or Confidential Information. At a minimum, Network Firewalls must protect all connections to open, public networks. System Security Patches and updates for Firewalls must be implemented in a timely manner not to exceed 30 days following release. ii) Supplier must employ industry standard intrusion detection systems (IDS) for any environment into which Sensitive Information will be placed.

Network and Communications Security. You will ensure that: a. Your actual and attempted connectivity to the Foundation’s Information Systems will be only through the Foundation’s security gateways and firewalls and only through the Foundation’s authorized security procedures, which can be obtained from Foundation InfoSec, b. You will not access, and will not permit unauthorized persons or entities to access, the Foundation’s Information Systems without the Foundation’s express written authorization, and any such actual or attempted access will be consistent with the Foundation’s authorization, c. You will take the utmost care to protect the security of any credentials and other means of access to the Foundation’s Information Systems from unauthorized access or use, and treat the same as Sensitive Information, and d. You will take appropriate measures to ensure that Your Information Systems that connect to the Foundation’s Information Systems, and anything You provide to the Foundation, do not contain any computer code, programs, mechanisms, or programming devices designed to, or that would, enable the disruption, modification, deletion, damage, deactivation, disabling, harm or otherwise be an impediment, in any manner, to the operation of the Services or the Foundation’s Information Systems, and You will immediately notify Foundation InfoSec of any vulnerabilities thereto.

Network and Communications Security. 2.1 All Data Importer connectivity to Data Exporter computing systems and/or networks and all attempts at same shall be only through Data Exporter’s security gateways/firewalls and only through Data Exporter-approved security procedures. 2.2 Data Importer shall not access, and will not permit unauthorized persons or entities to access Data Exporter computing systems and/or networks without Data Exporter’s express written authorization and any such actual or attempted access shall be consistent with any such authorization. 2.3 Data Importer shall take appropriate measures to ensure that Data Importer’s systems connecting to Data Exporter’s systems and anything provided to Data Exporter through such systems does not contain any computer code, programs, mechanisms or programming devices designed to, or that would enable, the disruption, modification, deletion, damage, deactivation, disabling, harm or otherwise be an impediment, in any manner, to the operation of Data Exporter’s systems. 2.4 Data Importer shall maintain technical and organisational measures for data protection including: (i) firewalls and threat detections systems to identify malicious connection attempts, to block spam, viruses and unauthorized intrusion; (ii) physical networking technology designed to resist attacks by malicious users or malicious code; and (iii) encrypted data in transit over public networks using industry standard protocols.