Browse
Search
2022-077-E-IT Dept-PUBLIC LIBRARY ASSOCIATION, a divison of the American Library Association-Digital learning
OrangeCountyNC
>
Board of County Commissioners
>
Contracts and Agreements
>
General Contracts and Agreements
>
2020's
>
2022
>
2022-077-E-IT Dept-PUBLIC LIBRARY ASSOCIATION, a divison of the American Library Association-Digital learning
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
2/23/2022 3:05:36 PM
Creation date
2/23/2022 3:00:56 PM
Metadata
Fields
Template:
Contract
Date
2/15/2022
Contract Starting Date
2/15/2022
Contract Ending Date
2/23/2022
Contract Document Type
Contract
Amount
$15,000.00
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
106
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
DocuSign Envelope ID:24BBAFA9-CD81-4144-ACEF-E9036E703739 <br /> • All non-console administrative access will be encrypted using technologies such as SSH, <br /> VPN, or TLS 1.1 or newer for web-based management and other non-console <br /> administrative access. <br /> 27. What encryption technologies does the cloud provider use in data management? <br /> See answer to question#26 <br /> 28. How are access rights managed by the cloud provider for their employees, contractors <br /> and other persons? <br /> Jende Solutions recognizes that our personnel are the greatest resource in maintaining an effective level <br /> of security. At the same time, internal threats can create the greatest risks to information security. No <br /> security program can be effective without maintaining security awareness for employees, relevant <br /> contractors, and relevant third party users. Relevant contractors and relevant third party users are defined <br /> as those personnel with administrative access and/or access to sensitive data/information based on job <br /> function, or by accessing Jende Solutions information systems without employee oversight. <br /> Every Jende Solutions employee, contractor, third party user, service provider, or vendor is responsible <br /> for systems security to the degree that the function requires the use of information and associated <br /> systems. Fulfillment of security responsibilities is mandatory and violations of security requirements may <br /> be cause for disciplinary action, up to and including dismissal, civil penalties, and criminal penalties. <br /> All positions interacting with Jende Solutions information resources must be required to undergo formal <br /> processes for access granting, change, and termination. Those positions working with especially sensitive <br /> information or powerful privilege must be analyzed to determine any potential vulnerability associated with <br /> work in those positions, prior to assignment of these roles. <br /> Applicability <br /> Jende Solutions Human Resources Department (HR) in conjunction with Management will establish staff <br /> guidelines and all staff, relevant contractors and relevant third party users will comply with those <br /> guidelines. <br /> Standards <br /> The Human Resource Department will support the Chief Information Security Officer(CISO)to implement <br /> the following personnel security safeguards: <br /> • Hiring Practices <br /> • Security awareness education and training <br /> • Termination Practices <br /> Hiring Practices <br /> Each new hire granted access to client information and other classified Jende Solutions data will undergo <br /> a background check. Any past activity that would subject sensitive systems and data to risk due to an <br /> employee's past behavior will be cause to terminate the employment relationship with Jende Solutions. <br /> Prior to granting access to classified systems and data, all new hires will receive orientation and training <br /> that include responsibilities for protecting classified information. As outlined in the Access Control Policy, <br /> a new employees' supervisor must approve access to systems on a "business need-to-know" basis and <br /> submit the Systems Access Request Form to both IT and HR for processing. <br />
The URL can be used to link to this page
Your browser does not support the video tag.