My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Item 26 - Agreement with Allied Network Solutions, Inc. for Adobe Software and Subscription
Clerk
>
Agenda Packets / Staff Reports
>
City Council (2004 - Present)
>
2025
>
01/21/2025 Regular & Special SA
>
Item 26 - Agreement with Allied Network Solutions, Inc. for Adobe Software and Subscription
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
1/27/2025 5:03:20 PM
Creation date
1/21/2025 2:16:24 PM
Metadata
Fields
Template:
City Clerk
Doc Type
Agenda Packet
Agency
Information Technology
Item #
26
Date
1/21/2025
Jump to thumbnail
< previous set
next set >
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
762
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
Security Policies and Procedures <br />1. Access control <br />2. Authorization <br />3. Information classification <br />4. Storage controls <br />S. Backup and restoration <br />6. Confidentiality and integrity requirements <br />7. Audit logs <br />8. Privacy, export control and other such requirements <br />All product associated applications must use HTTPS to communicate with all remote <br />hosts, both Virtru hosted services and external third parties. HTTP and other <br />non -encrypted communications are not allowed under any scenario. <br />Virtru applications shall treat user credentials with the utmost sensitivity and must <br />follow security best practices for storing and transmitting user credentials. All <br />credentials which are shared with a client device must be sent over HTTPS or another <br />encrypted communication channel. All user credentials which are stored in a data <br />store, must be stored in a benign state so that leakage of information from the data <br />store does not compromise user accounts. <br />All application logs must be sent to a central logging cluster for aggregation and <br />analysis. <br />H. Configuration Management <br />Where possible, Virtru applications and infrastructure follow an immutable paradigm. <br />All changes to production infrastructure and application code is deployed on a brand <br />new Amazon Machine Image (AMI). This allows all changes which are deployed to be <br />tracked and audited. This also means that no configuration or application code will be <br />modified on a production instance. All application servers have osquery installed and <br />configured to monitor key files on the system for any change (File Integrity <br />Monitoring). Any changes to configuration are logged and sent to AWS Cloudwatch <br />Logs, where they trigger an alarm and cause an email to be sent to the Virtru DevOps <br />team for further investigation. <br />Where possible, Virtru utilizes Terraform, Ansible, and other similar tools to define <br />their infrastructure as code. This allows the production infrastructure to be versioned <br />in a git repository and easily audited for change over time. <br />I. Asset management for software <br />The ISO is responsible for maintaining an inventory of software; as such it shall employ <br />software to aid in the management of software assets. <br />Rev.2015.8.6 <br />56 <br />
The URL can be used to link to this page
Your browser does not support the video tag.