System Hardening Sample Clauses

The System Hardening clause requires that information systems be configured and maintained to minimize vulnerabilities and enhance security. This typically involves disabling unnecessary services, applying security patches promptly, and enforcing strong configuration standards across all hardware and software components. By mandating these practices, the clause helps protect against cyber threats and reduces the risk of unauthorized access or data breaches.
POPULAR SAMPLE Copied 4 times
System Hardening i) Jamf will establish and ensure the use of standard secure configurations of operating systems. Images should represent hardened versions of the underlying operating system and the applications installed on the system. Hardening includes removal of unnecessary accounts (including service accounts), disabling or removal of unnecessary services, applying patches, closing open and unused network ports, and implementing intrusion detection systems and/or intrusion prevention systems. These images should be validated on a regular basis to update their security configuration as appropriate. ii) Jamf will perform periodic (at least quarterly) access reviews for system administrators for all supporting systems requiring access control. iii) Jamf will implement patching tools and processes for both applications and operating system software. When outdated systems can no longer be patched, Jamf will update to the latest version of application software. Jamf will remove outdated, unsupported, and unused software from the system. iv) Jamf will limit administrative privileges to only those personnel who have both the knowledge necessary to administer the operating system and a business need to modify the configuration of the underlying operating system.
View SourceView Similar (7)
System Hardening. Third Party shall use Internet-industry standard system and device hardening standards for all Systems that store, process, or transmit SAP Data. Such hardening standards will include: a. Disable or remove all unnecessary services. b. Security patch management is implemented to provide regular and periodic deployment of relevant security updates. c. Change all default passwords. d. Rename administrative user accounts. e. Each server performs only one function (e.g., web server, application server, and database server should occupy separate systems). f. Employ host-based intrusion detection and prevention mechanism. g. Passwords are stored using industry accepted hashing algorithm; only administrators that support the function have access to stored hashes, when necessary.
View Source
System Hardening. Information-processing equipment is protected against malware and hardened. Suitable software (e.g., virus scanners, IDS) are installed and kept up-to-date to protect the systems. When hardening a system, the following points must be taken into account at the minimum: • The patch level is up-to-date. • When a system is installed, only those software components are installed or activated that are required for the system’s operation and proper functioning. • Apart from software functions, any hardware functions that are not required for the system’s operation also remain deactivated after the system installation. Functions such as interfaces that are not required are permanently deactivated, ensuring that they remain deactivated even when the system is restarted. • All unnecessary services in a system and in the interfaces were and remain deactivated even when the system is restarted. • The accessibility of a service via the necessary interfaces was also restricted to legitimate communication partners. • Preconfigured service accounts that are not required were deleted and default passwords were changed. • It is common practice for manufacturers, developers, or suppliers to preconfigure authentication features such as passwords and cryptographic keys in systems. Such authentication features were changed to separate features that third parties are not aware of. • If the system is operated on a cloud platform, it has been safeguarded to prevent it (or the entire client/tenant with all of its services and data) from being deleted accidentally or by unauthorized persons.
View SourceView Similar (3)
System Hardening i) We will establish and ensure the use of standard secure configurations of operating systems. Images should represent hardened versions of the underlying operating system and the applications installed on the system. Hardening includes removal of unnecessary accounts (including service accounts), disabling or removal of unnecessary services, applying patches, closing open and unused network ports, and implementing intrusion detection systems and/or intrusion prevention systems. These images should be validated on a regular basis to update their security configuration as appropriate. ii) We will perform periodic (at least quarterly) access reviews for system administrators for all supporting systems requiring access control. iii) We will implement patching tools and processes for both applications and operating system software. When outdated systems can no longer be patched, we will update to the latest version of application software. We will remove outdated, unsupported, and unused software from the system. iv) We will limit administrative privileges to only those personnel who have both the knowledge necessary to administer the operating system and a business need to modify the configuration of the underlying operating system.
View Source
System Hardening. 4.1. All Service Providers are to conduct build hardening for all devices. 4.2. Hardening standards should be reviewed quarterly or following a significant and relevant vulnerability announcement. Additional ad-hoc reviews may be required as part of post- Incident activities.
View Source
System Hardening. System hardening procedures to disable all unnecessary services on devices and servers used to access, process, transmit or store Covered Information of the other Party or devices and systems that reside on the same restricted network segment. Unnecessary services include any service not required to meet business needs.
View Source
System Hardening 
View SourceView Similar (4)

Related to System Hardening

  • System Logging The system must maintain an automated audit trail which can 20 identify the user or system process which initiates a request for PHI COUNTY discloses to 21 CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY, 22 or which alters such PHI. The audit trail must be date and time stamped, must log both successful and 23 failed accesses, must be read only, and must be restricted to authorized users. If such PHI is stored in a 24 database, database logging functionality must be enabled. Audit trail data must be archived for at least 3 25 years after occurrence.

  • System Use (a) An electronic site access system may be used on site, subject to the requirements of this statement. (b) The system operates via: (i) a facial recognition device; and (ii) an electronic gate. (c) The system will be installed at the access and egress point/s of the site and will only be utilised to identify presence on site. (d) The purpose for which the electronic site access system will be implemented is to ensure: (i) avoiding unauthorised access to site; (ii) confirmation and co-ordination of effort in emergency situations; and (iii) confirmation that all entrants to site have received a site specific induction; (e) The only personal data collected by the system is a site entrant’s: (i) image; (ii) first & last name; (iii) mobile phone number; (iv) email address; and (v) employer’s name. (the Collected Data) (f) The Collected Data will only be held or used for the purposes specified above, unless otherwise by consent or required by law. (g) The Employer will not use the electronic site access control system to verify who was on a site at a particular time for the purpose of: (i) evaluating whether a variation claim regarding labour costs made by a subcontractor can be substantiated; (ii) taking disciplinary action against an Employee, or assisting a subcontractor to take disciplinary action against its own employees, regarding their start and finish times; or (iii) otherwise generally tracking a worker’s movements whilst on the site.

  • System Upgrades The Connecting Transmission Owner shall procure, construct, install, and own the System Upgrade Facilities and System Deliverability Upgrades described in Attachment 6 of this Agreement. To the extent that design work is necessary in addition to that already accomplished in the Class Year Interconnection Facilities Study for the Interconnection Customer, the Connecting Transmission Owner shall perform or cause to be performed such work. If all the Parties agree, the Interconnection Customer may construct System Upgrade Facilities and System Deliverability Upgrades. 5.2.1 As described in Section 32.3.5.3 of the SGIP in Attachment Z of the ISO OATT, the responsibility of the Interconnection Customer for the cost of the System Upgrade Facilities and System Deliverability Upgrades described in Attachment 6 of this Agreement shall be determined in accordance with Attachment S of the ISO OATT, as required by Section 32.3.5.3.2

  • System Maintenance The Trust understands that USBFS will perform periodic maintenance to the System(s), which may cause temporary service interruptions. To the extent possible, USBFS shall notify the Trust of all planned outages and will perform any necessary maintenance during non-business hours.