Security by Design Clause Samples

The 'Security by Design' clause requires that security considerations are integrated into the development and operation of products, systems, or services from the outset. This means that security features, such as data encryption, access controls, and regular vulnerability assessments, must be incorporated during the planning, design, and implementation phases, rather than being added as an afterthought. By mandating proactive security measures, this clause helps prevent security breaches and ensures that systems are resilient against threats, ultimately protecting sensitive information and reducing the risk of costly incidents.
Security by Design. Seller represents and warrants a commercially reasonable program consistent with industry standards to ensure that all such Software and Firmware is free from material vulnerabilities (whether in proprietary software code or third party software code (including Open Source Software) will be established and maintained for any Software and Firmware, including when used in, or incorporated the Goods, or Software used in the installation, maintenance, configuration, or support of the Goods (“Security Protocol”). The Security Protocol will include a testing regime designed to model threats and detect security and design bugs, defects, and flaws through: (a) static code analysis; (b) penetration testing (ethical hacking);
View SourceView Similar (6)
Security by Design. 5.1 The Supplier shall apply the ‘principle of least privilege’ (the practice of limiting systems, processes and user access to the minimum possible level) to the design and configuration of IT systems which will process or store Government Data. 5.2 When designing and configuring the ICT Environment (to the extent that the ICT Environment is within the control of the Supplier) the Supplier shall follow Good Industry Practice and seek guidance from recognised security professionals with the appropriate skills and/or a NCSC certification (▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/section/products-services/ncsc-certification) for all bespoke or complex components of the ICT Environment (to the extent that the ICT Environment is within the control of the Supplier).
View SourceView Similar (3)
Security by Design. Secure Software Development Life Cycle (SDLC) is followed and can be evidenced.
View Source
Security by Design. Seller represents and warrants it has made commercially reasonable efforts consistent with industry standards to ensure that all Software and Firmware is designed free from material vulnerabilities (whether in proprietary software code or third party software code, including the applicable operational support system (“OSS”) ) and a reasonable commercial security by design program has been established and maintained for all Software and Firmware, including when used in, or incorporated the goods, or Software/Firmware used in the installation, maintenance, configuration, or support of the goods (the “Security Protocol”). The Security Protocol will include a testing regime designed to model threats and detect security and design bugs, defects, and flaws through: (a) penetration testing (ethical hacking); (b) OSS scanning; (c) static code analysis and (d) all other testing and verification necessary to ensure adherence to industry standard “Security by Design” principles (collectively, a “Security by Design Program”). Seller further represents and warrants that it will reasonably assist with and participate in any similar Security by Design Program established by Buyer, including providing Buyer documentation regarding Seller’s compliance with these requirements reasonably requested by ▇▇▇▇▇.
View Source
Security by Design. 1The Supplier shall apply the ‘principle of least privilege’ (the practice of limiting systems, processes and user access to the minimum possible level) to the design and configuration of IT systems which will process or store Government Data.
View Source
Security by Design. Data can only be directly accessed by authorised Brightmile team members. We employ a principle of least privilege across all services and resources, users and resources can only read or write to the resources they require. We segregate using VPC (virtual private networks) to isolate our services from each other. All data is only accessible via our secure encrypted API. This API is secured using an industry standard ID & token management solution. By employing this solution Brightmile never directly reads or stores passwords or credentials and all access management is deferred to this platform. There is no way to programatically access a user’s password or credentials. We use token minting to mint access controls directly into the user’s token. These tokens are then re-verified our server on every request to ensure there is no inappropriate or unauthorised access to data. Through usage logs we log every data access at point of usage and can quickly revoke all access to any resource or all resources automatically. Our system notifies us immediately via push, email and through dashboards of any unauthorised access to our systems. Any account that makes 5 or more invalid password requests for an access token is blocked and all access is revoked. Although all data is secured through our API stack, we also employ cloud level access controls and database access controls directly on the storage solutions we employ. Geolocation data is read only and cannot be read or processed by an end user, and is not accessible via any API. Positional information is processed upon upload, stored in a read-only format and never retrieved again by the platform.
View Source
Security by Design. The Service Provider shall apply the ‘principle of least privilege’ (the practice of limiting systems, processes and user access to the minimum possible level) to the design and configuration of IT systems which will process or store Government Data.
View Source
Security by Design. The Auditoria’s Software Development Lifecycle (SDLC) standard defines the process by which Auditoria creates secure products and the activities that the product teams must perform at different stages of development (requirements, design, implementation, and deployment). Auditoria engineers perform numerous security activities for the Auditoria Solution including: 10.1. internal security reviews before products are launched; 10.2. periodic penetration tests performed by independent third-party contractors; and 10.3. conduct threat models for the Auditoria Solution including documenting any detection of attacks.
View Source

Related to Security by Design

  • Surrender of Premises Ownership and Removal of Trade Fixtures 23.1 No act or thing done by Landlord or any agent or employee of Landlord during the Lease Term shall be deemed to constitute an acceptance by Landlord of a surrender of the Premises unless such intent is specifically acknowledged in writing by Landlord. The delivery of keys to the Premises to Landlord or any agent or employee of Landlord shall not constitute a surrender of the Premises or effect a termination of this Lease, whether or not the keys are thereafter retained by Landlord, and notwithstanding such delivery Tenant shall be entitled to the return of such keys at any reasonable time upon request until this Lease shall have been properly terminated. The voluntary or other surrender of this Lease by ▇▇▇▇▇▇, whether accepted by Landlord or not, or a mutual termination hereof, shall not work a merger, and at the option of Landlord shall operate as an assignment to Landlord of all subleases or subtenancies affecting the Premises or terminate any or all such subtenants or subtenancies. 23.2 Upon the expiration of the Lease Term, or upon any earlier termination of this Lease, Tenant shall, subject to the provisions of this Article 23 and section 8.2 above, quit and surrender possession of the Premises to Landlord in as good order and condition as when ▇▇▇▇▇▇ took possession, ordinary wear and tear and damage thereto by fire or other casualty excepted. Upon such expiration or termination, Tenant shall, without expense to Landlord, remove or cause to be removed from the Premises all debris and rubbish, and such items of furniture, equipment, business and trade fixtures, free-standing cabinet work, movable partitions, voice and data cabling and other articles of personal property owned by Tenant or installed or placed by Tenant at its expense in the Premises, and such similar articles of any other persons claiming under Tenant, as Landlord may, in its sole discretion, require to be removed; provided, however, that in lieu of removing certain cabling, Tenant shall, at Landlord's request, abandon and leave in place, without additional payment to Tenant or credit against rent, any cabling (including conduit) designated by Landlord and installed in the Premises or elsewhere in the Building by or on behalf of Tenant (including all connections for such cabling), in a neat and safe condition in accordance with the requirements of all applicable Legal Requirements, including the National Electric Code or any successor statute, and terminated at both ends of a connector, properly labeled at each end and in each electrical closet and junction box. Any such property not so removed by Tenant shall be deemed to be abandoned and at the option of Landlord shall either (a) become Landlord's property without any payment to Tenant or (b) remain Tenant's property, but Landlord shall have the right to sell or otherwise dispose of such personal property in any commercially reasonable manner, provided that any proceeds realized from the sale of Tenant's property shall be applied first to offset all expenses of storage and sale, then credited against Tenant's outstanding obligations under this Lease (including, without limitation, past due rent amounts and any termination damages owing by Tenant to Landlord pursuant to Article 19 hereof), and any remaining balance shall be returned to Tenant.