Software Development. 12.1. In-house software development follows Agile/Sprint life-cycle methodology and follow OWASP best practices. 12.2. An SDLC (Software Development Lifecycle) Policy is in place including requirements analysis and specifications, security by design, secure engineering principles, secure development environment, application support, QA, testing, implementation, training, and post-implementation review. 12.3. Single-Sign-On integration is available within our client-facing applications. ▇▇▇▇ 2.0-based solutions, such as ADFS, azure AD and OKTA are supported, other third-party options may also be supported, but may require development and testing. 12.4. Development, Test and Production systems are segregated. Anonymised data is used for testing purposes in non-production environments. 12.5. Client data is segregated using unique identifiers assigned at the time of account implementation. Segregation is ensured by using unique identifiers, e.g., Corporate ID’s, Traveller ID’s, and Account ID’s.
Appears in 3 contracts
Sources: Data Protection Schedule, Data Protection Schedule, Data Protection Schedule
Software Development. 12.1. In-house software development follows Agile/Sprint life-cycle methodology and follow follows OWASP best practices.
12.2. An SDLC (Software Development LifecycleLife Cycle) Policy is in place including requirements analysis and specifications, security by design, secure engineering principles, secure development environment, application support, QA, testing, implementation, training, and post-implementation review.
12.3. Single-Sign-On integration is available within our client-facing applications. ▇▇▇▇ 2.0-based solutions, such as ADFSAzure AD, azure AD Ping Identity, Duo, and OKTA Okta are supported, other third-party options may also be supported, but may require development and testing.
12.4. Development, Test and Production systems are segregated. Anonymised data is used for testing purposes in non-production environments.
12.5. Client data is segregated using unique identifiers assigned at the time of account implementation. Segregation is ensured by using unique identifiers, e.g., Corporate ID’s, Traveller ID’s, and Account ID’s.
Appears in 1 contract
Sources: Data Protection Schedule
Software Development. 12.1. In-house software development follows Agile/Sprint life-cycle methodology and follow follows OWASP best practices.
12.2. An SDLC (Software Development LifecycleLife Cycle) Policy is in place including requirements analysis and specifications, security by design, secure engineering principles, secure development environment, application support, QA, testing, implementation, training, and post-implementation review.
12.3. Single-Sign-On integration is available within our client-facing applications. ▇▇▇▇ 2.0-based solutions, such as ADFSAzure AD, azure AD Ping Identity, Duo, and OKTA Okta are supported, other third-party options may also be supported, but may require development and testing.
12.4. Development, Test and Production systems are segregated. Anonymised data is used for testing purposes in non-non- production environments.
12.5. Client data is segregated using unique identifiers assigned at the time of account implementation. Segregation is ensured by using unique identifiers, e.g., Corporate ID’s, Traveller ID’s, and Account ID’s.
Appears in 1 contract
Sources: Data Protection Schedule