Browse
Search
2021-484-E-Visitor Bureau-Photoshelter- Cloud base digital asset management platform licensing agreement
OrangeCountyNC
>
Board of County Commissioners
>
Contracts and Agreements
>
General Contracts and Agreements
>
2020's
>
2021
>
2021-484-E-Visitor Bureau-Photoshelter- Cloud base digital asset management platform licensing agreement
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
9/7/2021 2:31:31 PM
Creation date
9/7/2021 2:31:16 PM
Metadata
Fields
Template:
Contract
Date
9/1/2021
Contract Starting Date
9/1/2021
Contract Ending Date
9/3/2021
Contract Document Type
Contract
Amount
$6,999.00
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
28
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
wSHVRM0/I0000A6bVk9GpcTc/Libris-Security-OverviewLibris-Security- <br />Statement-1-pdf <br /> <br />23. What are the cloud provider’s incident management and reporting policies? <br />a. PhotoShelter follows the SANS incident response program, and clients notified as <br />soon as a breach would be discovered. In 15+ years, PhotoShelter has never seen <br />a successful DDOS attack or loss of a single bit of data. <br /> <br />24. What is the process by which the cloud provider updates policies and informs customers? <br />a. PhotoShelter clients are typically notified by email in advance of specific policies <br />taking effect and the date of adoption. <br /> <br />25. What is the basic architecture of the cloud provider’s network security? (overall design, <br />zones, filters, firewalls, VLANs, protocols, standards) <br />a. Please see the data diagram: <br />https://welkerlibris.photoshelter.com/galleries/C0000dA4gktF6a90/G0000VFCK <br />wSHVRM0/I0000jRsNr8hK6Os/Photoshelter-Data-Diagram-pdf <br /> <br />26. What security measures does the cloud provider use in data storage, transit and use? <br />a. Data is fully encrypted via TLS 1.2. <br /> <br />27. What encryption technologies does the cloud provider use in data management? <br />a. Data is fully encrypted via TLS 1.2. <br /> <br />28. How are access rights managed by the cloud provider for their employees, contractors <br />and other persons? <br />a. PhotoShelter has policies in place that once signed on as a client, no one from <br />PhotoShelter accesses client data unless there’s been permission from a member <br />of the client org. Normally, this is in cases of support, training, etc. <br /> <br />29. What methods does the cloud provider use to destroy information, when so authorized? <br />a. Data is permanently wiped from our system 120 days after the end date of a <br />contract. <br /> <br />30. What is the cloud provider’s patch management policy/methods? <br />a. Updates, bug fixes, etc are rolled out in real-time as they are discovered and <br />addressed. <br /> <br />31. How does the cloud provider defend against malware, including but not limited to <br />viruses, bots, spyware, spam, phishing and pharming? <br />a. Regular scans with Malware detection software. In 15+ years, PhotoShelter has <br />never experienced a successful DDOS attack or penetration of our infrastructure. <br /> <br />32. What system hardening strategies are employed by the cloud provider? <br /> <br />33. How does the cloud provider perform security testing, including logging, correlation, <br />DocuSign Envelope ID: 576DD5DB-E4A9-406B-8F7C-CC4EF3C2484FDocuSign Envelope ID: 79107112-9BB9-477B-B662-FF2F869640FC
The URL can be used to link to this page
Your browser does not support the video tag.