Solution Security Clause Samples

The Solution Security clause establishes requirements and standards to ensure that any solution provided under the agreement is protected against unauthorized access, data breaches, and other security threats. Typically, this clause outlines the security measures the provider must implement, such as encryption, access controls, regular security assessments, and compliance with relevant data protection laws. Its core practical function is to safeguard sensitive information and maintain the integrity of the solution, thereby reducing the risk of security incidents and ensuring trust between the parties.
Solution Security. Swissmeda implements commercially available security software, hardware and techniques to minimize and prevent non-authorized use of the Solution. These include firewalls, intrusion detection software tools, and monitored use of the Solution. The Solution also performs authentication of interactive user sessions. For increased security, the Solution uses HTTPS, which is HTTP over SSL (Secure Sockets Layer). The SSL security protocol provides data encryption, server authentication, message integrity, and optional client authentication for TCP/IP connections. The Solution's Webservers use a server digital certificate to enable SSL connections.
View SourceView Similar (3)
Solution Security a. Software development life cycle (SDLC): IDVerifact shall maintain a software development life cycle policy that defines the process by which personnel create secure products and services and the activities that personnel must perform at various stages of development (requirements, design, implementation, verification, documentation, and delivery).
View Source
Solution Security. 5.1. Software development life cycle (SDLC): SailPoint shall maintain a software development life cycle policy that defines the process by which personnel create secure products and services and the activities that personnel must perform at various stages of development (requirements, design, implementation, verification, documentation and delivery).
View Source
Solution Security a. Software development life cycle (SDLC): WSP shall maintain a software development life cycle policy that defines the process by which personnel create secure products and services and the activities that personnel must perform at various stages of development (requirements, design, implementation, verification, documentation and delivery).
View Source
Solution Security. Arcadis has a range of experience working with web-based products and their corresponding security. Arcadis’s Software Development team is accredited with the following certifications: • ISO 9001:2015 - Quality management systems • ISO/IEC 27001:2013 - Information Security Management • ISO/IEC 20000-1:2011 - Information technologyService management • CMMI Level 5 - Capability Maturity Model Integration Several of Arcadis’s products have also cleared the Cyber Security VAPT (Vulnerability Assessment & Penetration Testing) and are certified including CurbIQ. This testing was carried out as per the OWASP Testing Guidelines, SANS 25 & NIST Framework as per international standards. The process involves the following activities: • Acquiring detailed information about the devices, network architecture, protocols used • Devising a strategy to simulate real time threat scenario on the infrastructure. • Generating exhaustive set of test cases to run on any target environment against which the target is tested. • Plans are devised to optimize the entire process and minimize any adverse effect on live infrastructure. • Vulnerability Detection: Tests are run on respective elements of the IT infrastructure with the help of industry benchmark tools which help in listing out the potential vulnerabilities against each device. • Penetration Testing: Out of all the potential vulnerabilities, a penetration test is carried out to list out the most probable attack points to the client. 80% of the VAPT work is done here. Customized scripts are written as per the business logics and exploit each vulnerability manually for the best result. • Industry benchmark security testing tools across each of the IT infrastructure as per the business and technical requirements. • Below are few from many of the tools that are used, along with the Manual Testing wherever needed.
View Source
Solution Security 
View SourceView Similar (4)

Related to Solution Security

  • Aviation Security 1. In accordance with their rights and obligations under international law, the Parties reaffirm that their obligation to each other to protect the security of civil aviation against acts of unlawful interference forms an integral part of this Agreement. Without limiting the generality of their rights and obligations under international law, the Parties shall in particular act in conformity with the provisions of the Convention on Offenses and Certain Other Acts Committed on Board Aircraft, done at Tokyo September 14, 1963, the Convention for the Suppression of Unlawful Seizure of Aircraft, done at The Hague December 16, 1970, the Convention for the Suppression of Unlawful Acts against the Safety of Civil Aviation, done at Montreal September 23, 1971, and the Protocol for the Suppression of Unlawful Acts of Violence at Airports Serving International Civil Aviation, done at Montreal February 24, 1988. 2. The Parties shall provide upon request all necessary assistance to each other to prevent acts of unlawful seizure of civil aircraft and other unlawful acts against the safety of such aircraft, of their passengers and crew, and of airports and air navigation facilities, and to address any other threat to the security of civil air navigation. 3. The Parties shall, in their mutual relations, act in conformity with the aviation security standards and appropriate recommended practices established by the International Civil Aviation Organization and designated as Annexes to the Convention; they shall require that operators of aircraft of their registry, operators of aircraft who have their principal place of business or permanent residence in their territory, and the operators of airports in their territory act in conformity with such aviation security provisions. 4. Each Party agrees to observe the security provisions required by the other Party for entry into, for departure from, and while within the territory of that other Party and to take adequate measures to protect aircraft and to inspect passengers, crew, and their baggage and carry-on items, as well as cargo and aircraft stores, prior to and during boarding or loading. Each Party shall also give positive consideration to any request from the other Party for special security measures to meet a particular threat. 5. When an incident or threat of an incident of unlawful seizure of aircraft or other unlawful acts against the safety of passengers, crew, aircraft, airports or air navigation facilities occurs, the Parties shall assist each other by facilitating communications and other appropriate measures intended to terminate rapidly and safely such incident or threat. 6. When a Party has reasonable grounds to believe that the other Party has departed from the aviation security provisions of this Article, the aeronautical authorities of that Party may request immediate consultations with the aeronautical authorities of the other Party. Failure to reach a satisfactory agreement within 15 days from the date of such request shall constitute grounds to withhold, revoke, limit, or impose conditions on the operating authorization and technical permissions of an airline or airlines of that Party. When required by an emergency, a Party may take interim action prior to the expiry of 15 days.

  • UNION SECURITY 7.01 The Employer shall deduct monthly from the pay due to each employee who is covered by this Agreement a sum equal to the monthly Union dues of each such employee. Where an employee has no earnings during the first payroll period, the deduction shall be made in the next payroll period where the employee has earnings, within that month. The Union shall notify the employer in writing of the amount of such dues from time to time. The Employer will send to the Union its cheque for the dues so deducted in the month following the month in which the dues are deducted. When arrears or adjustments are submitted retroactively, the dues month and an explanation will accompany any such dues. 7.02 The Employer shall provide the Union with a list showing the first and last names and Social Insurance Numbers of all employees from whom deductions have been made. The report will identify the name of the facility and the month from which the dues are remitted. The Employer will also identify job classification (where the bargaining unit includes classifications, employees paid less than RNs) and status (i.e. full-time, part-time) of the employees, all terminations, newly hired employees (including start date, where the existing system allows for the information without cost), and employees on Leaves of Absence. On a quarterly basis, the Home will also provide the members’ current addresses and phone numbers, shown on the Employer’s personnel records. The Employer will endeavour to provide information in electronic format if the Employer has the technology. The Union may forward any questions with respect to individual employees in writing (or e-mail) to the Administrator (or designate). The employer will respond to such requests with any information it has which is readily available, within two weeks. 7.03 The Employer shall provide each employee with a T4 Supplementary slip showing the dues deducted in the previous year for income tax purposes where such information is or becomes readily available through the employer's payroll system. 7.04 The Union shall indemnify and save the Employer harmless with respect to dues so deducted and remitted.

  • Application Security The ISP will require that in-house application development be governed by a documented secure software development life cycle methodology, which will include deployment rules for new applications and changes to existing applications in live production environments.

  • Information Security IET information security management practices, policies and regulatory compliance requirements are aimed at assuring the confidentiality, integrity and availability of Customer information. The UC ▇▇▇▇▇ Cyber-safety Policy, UC ▇▇▇▇▇ Security Standards Policy (PPM Section 310-22), is adopted by the campus and IET to define the responsibilities and key practices for assuring the security of UC ▇▇▇▇▇ computing systems and electronic data.

  • Transaction Security Each of the Parties agrees that the Transaction Security shall rank and secure the Credit Facility Liabilities, the Hedging Liabilities and the Pari Passu Debt Liabilities (subject to the terms of this Agreement) pari passu and without any preference between them (but only to the extent that such Transaction Security is expressed to secure those Liabilities).