Regularly Monitor and Test Networks. Per NCC’s Information Security Policy, NCC will perform regular tests on information systems (port scanning, virus scanning, internal/external vulnerability scanning). Ensure that issues identified via testing are remediated according to the issue severity (e.g. fix critical issues immediately, high severity in 15 days, etc.). Logs will be maintained for 90 days online and 1 year archived. Audit trails will be enabled and active for systems and applications used to access, store, process, or transmit Credit Bureau Data establish a process for linking all access to such systems and applications. Use current best practices to protect telecommunications systems and any computer system or network device(s) used to provide Services hereunder to access Credit Bureau systems and networks. These controls should be selected and implemented to reduce the risk of infiltration, hacking, access penetration or exposure to an unauthorized third party by: a. Protecting against intrusions b. Securing the computer systems and network devices c. Protecting against intrusions of operating systems or software.
Appears in 4 contracts
Sources: Master Services Agreement, Master Services Agreement, Master Services Agreement