Browse
Search
2019-642-E Visitors Bureau - PhotoShelter cloud based software
OrangeCountyNC
>
Board of County Commissioners
>
Contracts and Agreements
>
General Contracts and Agreements
>
2010's
>
2019
>
2019-642-E Visitors Bureau - PhotoShelter cloud based software
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
9/19/2019 9:05:40 AM
Creation date
9/19/2019 8:48:18 AM
Metadata
Fields
Template:
Contract
Date
9/5/2019
Contract Starting Date
9/20/2019
Contract Ending Date
9/19/2021
Contract Document Type
Agreement - Services
Amount
$11,498.00
Document Relationships
R 2019-642 Visitors Bureau - PhotoShelter cloud based software
(Attachment)
Path:
\Board of County Commissioners\Contracts and Agreements\Contract Routing Sheets\Routing Sheets\2019
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
28
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
DocuSign Envelope ID:576DD5DB-E4A9-406B-8F7C-CC4EF3C2484F <br /> wSHVRMO/IOOOOA6bVk9GpcTc/Libris-Security-OverviewLibris-Security- <br /> Statement-l-pdf <br /> 23. What are the cloud provider's incident management and reporting policies? <br /> a. PhotoShelter follows the SANS incident response program, and clients notified as <br /> soon as a breach would be discovered. In 15+years, PhotoShelter has never seen <br /> a successful DDOS attack or loss of a single bit of data. <br /> 24. What is the process by which the cloud provider updates policies and informs customers? <br /> a. PhotoShelter clients are typically notified by email in advance of specific policies <br /> taking effect and the date of adoption. <br /> 25. What is the basic architecture of the cloud provider's network security? (overall design, <br /> zones, filters, firewalls, VLANs, protocols, standards) <br /> a. Please see the data diagram: <br /> https://welkerlibris.photoshelter.com/galleries/COOOOdA4gktF6a90/GOOOOVFCK <br /> wSHVRMO/IOOOOiRsNr8hK60s/Photoshelter-Data-Dia rg am-pdf <br /> 26. What security measures does the cloud provider use in data storage, transit and use? <br /> a. Data is fully encrypted via TLS 1.2. <br /> 27. What encryption technologies does the cloud provider use in data management? <br /> a. Data is fully encrypted via TLS 1.2. <br /> 28. How are access rights managed by the cloud provider for their employees, contractors <br /> and other persons? <br /> a. PhotoShelter has policies in place that once signed on as a client, no one from <br /> PhotoShelter accesses client data unless there's been permission from a member <br /> of the client org. Normally, this is in cases of support, training, etc. <br /> 29. What methods does the cloud provider use to destroy information, when so authorized? <br /> a. Data is permanently wiped from our system 120 days after the end date of a <br /> contract. <br /> 30. What is the cloud provider's patch management policy/methods? <br /> a. Updates, bug fixes, etc are rolled out in real-time as they are discovered and <br /> addressed. <br /> 31. How does the cloud provider defend against malware, including but not limited to <br /> viruses, bots, spyware, spam, phishing and pharming? <br /> a. Regular scans with Malware detection software. In 15+years, PhotoShelter has <br /> never experienced a successful DDOS attack or penetration of our infrastructure. <br /> 32. What system hardening strategies are employed by the cloud provider? <br /> 33. How does the cloud provider perform security testing, including logging, correlation, <br />
The URL can be used to link to this page
Your browser does not support the video tag.