Browse
Search
2019-075-E IT - Lex Loci Criminal Justice software
OrangeCountyNC
>
Board of County Commissioners
>
Contracts and Agreements
>
General Contracts and Agreements
>
2010's
>
2019
>
2019-075-E IT - Lex Loci Criminal Justice software
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
2/18/2019 11:47:50 AM
Creation date
2/13/2019 3:56:37 PM
Metadata
Fields
Template:
Contract
Date
1/15/2019
Contract Starting Date
2/2/2019
Contract Ending Date
7/31/2019
Contract Document Type
Agreement - Services
Amount
$14,000.00
Document Relationships
R 2019-075 IT - Lex Loci Criminal Justice software
(Attachment)
Path:
\Board of County Commissioners\Contracts and Agreements\Contract Routing Sheets\Routing Sheets\2019
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
14
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
DocuSign Envelope ID:AA335D7A-5559-49E4-8BFB-49DFC3C62F17 <br /> If Yes, Explain: Click here to enter text. <br /> 21. At what architectural point in the provider's cloud facility will the County's data be <br /> physically connected to networking equipment with non-County data? <br /> The cloud facility is owned and operated by Amazon Web Services. Physical <br /> connectivity documentation is not available. <br /> 22. What are the cloud provider's information security policies? <br /> See enclosed policy documents. <br /> 23. What are the cloud provider's incident management and reporting policies? <br /> See enclosed policy documents. <br /> 24. What is the process by which the cloud provider updates policies and informs customers? <br /> Customers are notified of modifications to pertinent policies as soon as possible <br /> following their approval. <br /> 25. What is the basic architecture of the cloud provider's network security? (overall design, <br /> zones, filters, firewalls, VLANs, protocols, standards) <br /> YouPlea is built on a Serverless architecture on Amazon Web Services cloud platform. <br /> Traffic enters the system through AWS API Gateway where it is routed to AWS Lambda <br /> functions which in turn process requests. Requests are authenticated via AWS Cognito. <br /> Request processing may or may not involve reading from and/or writing to AWS <br /> DynamoDB and AWS S3. AWS C1oudWatch receives and stores all logging information. <br /> 26. What security measures does the cloud provider use in data storage, transit and use? <br /> HTTPS secures in-flight data. AWS Cognito and JWTs serve authentication and <br /> authorization. <br /> 27. What encryption technologies does the cloud provider use in data management? <br /> TLS <br /> 28. How are access rights managed by the cloud provider for their employees, contractors <br /> and other persons? <br /> Access rights are provisioned following the principle of least privilege and are approved <br /> by the Director of Engineering. <br /> 29. What methods does the cloud provider use to destroy information, when so authorized? <br /> LexLoci uses the methods made available by AWS to destroy information when <br /> requested to do so by the client. <br /> 30. What is the cloud provider's patch management policy/methods? <br /> See enclosed policy documents. <br /> 31. How does the cloud provider defend against malware, including but not limited to <br /> viruses, bots, spyware, spam, phishing and pharming? <br />
The URL can be used to link to this page
Your browser does not support the video tag.