Laserfiche WebLink
SOLICITATION # CHI rn'') <br />1.Email Threat Prevention (ETP) <br />ETP offers TLS encryption support for data in transmission. ETP only stores email found to contain <br />malware or malicious content and does not encrypt this data. <br />2.Mobile Threat Prevention (MTP) <br />All data in transit is protected using standard TLS encryption. The database itself is not encrypted. <br />However, all systems are under strict security and access control rules, in compliant with SOC 2 <br />regulations. <br />3.Threat Analytics Platform (TAP) <br />All data in -transit between a customer environment and TAP instance in Amazon AWS is encrypted <br />with a 256-bit Twofish key. No customer data is stored on disk, however data stores leverage <br />Amazon AWS S3 encryption settings. <br />4.FireEye as a Service (FaaS CV) <br />FireEye appliance communications, and FireEye as a Service (FaaS) non -person entity (NPE) <br />secured inter -process communications employs industry standard HTTPS encrypted web interfaces, <br />and multifactor SSH management access for the end -to -end protection of sensitive customer data. In <br />addition, FaaS communicates with FireEye appliances with additional layers of protected symmetric <br />ke exchan es protecting and establishing encrypted channels for inter -device information. <br />VirtueStream <br />Encryption keys are generated at the time of backup application install on the Client VM(s). <br />Encryption keys are at least AES-128 but can be AES-256. Keys are stored on the backup system <br />databases using the encryption key management tool. The data about the keys on the database is in <br />an unreadable format and cannot be decrypted. <br />8.9.2 Describe whether or not it is willing to sign relevant and applicable Business Associate Agreement or <br />any other agreement that may be necessary to protect data with a Purchasing Entity. <br />Carahsoft would be willing to sign Business Associate Agreements or similar agreements that are set forth <br />with a purpose of protecting customer data. <br />8.9.3 Offeror must describe how it will only use data for purposes defined in the Master Agreement, <br />participating addendum, or related service level agreement. Offeror shall not use the government data or <br />government related data for any other purpose including but not limited to data mining. Offeror or its <br />subcontractors shall not resell nor otherwise redistribute information gained from its access to the data <br />received as a result of this RFP. <br />Agreed and understood. Carahsoft and its' subcontractors will not use any government data for purposes <br />other than those outlined within the frameworks of this contract. <br />8.10 Service Level Agreements <br />8.1Offeror must describe whether your sample Service Level Agreement is negotiable. If not describe <br />how it benefits purchasing entity's not to negotiate your Service Level Agreement. <br />CA <br />APM <br />The target availability SLA of 99.8% is standard and not negotiable <br />MAA <br />The target availability SLA of 99.8% is standard and not negotiable <br />CAAgile <br />The target availability SLA of 99.8% is standard and not negotiable <br />ASM <br />The target availability SLA of 99.8% is standard and not negotiable <br />Goo le <br />Goo le maintains a single SLA for all customers. <br />AODocs <br />AODocs maintains a single SLA for all customers. <br />Virtru <br />Agreement can be negotiated for certain large customers. <br />carahsoft 125 carahsoft <br />