My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Item 26 - Agreement with Allied Network Solutions, Inc. for Adobe Software and Subscription
Clerk
>
Agenda Packets / Staff Reports
>
City Council (2004 - Present)
>
2025
>
01/21/2025
>
Item 26 - Agreement with Allied Network Solutions, Inc. for Adobe Software and Subscription
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
1/27/2025 5:03:20 PM
Creation date
1/21/2025 2:16:24 PM
Metadata
Fields
Template:
City Clerk
Doc Type
Agenda Packet
Agency
Information Technology
Item #
26
Date
1/21/2025
Jump to thumbnail
< previous set
next set >
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
762
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
SOLICITATION # CHIrn' -) <br />Carahsoft will use customer accounts and data only in the processing of an order and management of the <br />customer's service entitlements. Carahsoft's vendors, as outlined in their specific Master Agreements, only <br />us customer account data for the express purpose of providing the service to the customer. Included in <br />that service is implementation, technical support, and training efforts. Under no circumstances will <br />Carahsoft or its cloud partners use customer information outside of normal operating procedures. <br />8.6 Privacy and Security <br />8.6.1 Offeror must describe its commitment for its Solutions to comply with NIST, as defined in NIST <br />Special Publication 800-145, and any other relevant industry standards, as it relates to the Scope of <br />Services described in Attachment D, including supporting the different types of data that you may receive. <br />CA <br />APM <br />CA technologies understands that security is a top concern when evaluating cloud- <br />MAA <br />based applications, which is why CA technologies operations worldwide conform to <br />rigorous certification, compliance and security programs and processes. In addition, <br />we contract with independent auditors to regularly evaluate and validate the security <br />of our service. High risks are identified, validated and remediated before production <br />systems are made available. Medium risks are evaluated and resolved on a priority <br />basis. <br />CA Agile <br />We use CIS and NIST standards as baselines for hardening our systems. We are <br />currently working towards a NIST 800-53r4 certification however this is not yet <br />complete. We are continuously reviewing our compliance with these standards. We <br />perform monthly scans against our Production Infrastructure based on CIS standards. <br />We scan for both vulnerabilites and compliance best practices bases on NIST 800- <br />53v4 standards. Vulnerabilites are tracked and remidiated based on severity and risk. <br />ASM <br />Please see our response to APM/MAA <br />Google <br />Google's currently maintains a FedRAMP Authorization to Operate. FedRAMP incorporates the <br />relevant NIST SP and FIPS security requirements. Further, Google contractually commits to <br />maintaining SOC2 and IS027001 certifications. <br />AODocs <br />AODocs is committed to comply SOC2 type 2. <br />Virtru <br />Virtru's business depends on its ability to support healthcare and criminal justice markets, which <br />requires us to maintain compliance with HIPAA and CJIS standards which both make extensive <br />use of NIST standards <br />Salesforce <br />On May 23, 2014 Salesforce achieved a FedRAMP Agency Authority to Operate at the moderate <br />impact level (as described in FIPS 199 and 200) issued by Health and Human Services (HHS) for <br />the Salesforce Government Cloud. Additionally, on May 15, 2015, HHS, as the FedRAMP <br />authorizing agency, approved the Salesforce Government Cloud authorization package that was <br />updated based on annual attestation requirements and updates to the FedRAMP baseline which is <br />FISMA compliant and based on the current release of NIST SP 800-53 Rev. 4. <br />Salesforce provides contractual assurance to its customers that the Customer Data hosted in <br />Salesforce's services will be kept confidential and not accessed by third parties except under <br />narrow circumstances (such as a customer support issue or as required by law). In the case of <br />customer support, the company's personnel will access a customer's Org only with prior approval <br />and subject to confidentiality obligations. <br />ServiceNow <br />ServiceNow is a cloud service provider offering a SaaS solution deployed from a private cloud that <br />meets the five essential characteristics of cloud computing as described in 8.1. <br />ServiceNow applies the same data classification for all hosted customer data. ServiceNow does <br />not inspect or monitor its customers' information and therefore has no ability to sub -classify <br />carahsoft <br />50 <br />carahsoft <br />
The URL can be used to link to this page
Your browser does not support the video tag.