Laserfiche WebLink
Measures for ensuring personnel security <br /> Access to Customer Data. Motorola maintains processes for authorizing and supervising its <br /> employees, and contractors with respect to monitoring access to Customer Data. Motorola <br /> requires its employees, contractors and agents who have, or may be expected to have, access to <br /> Customer Data to comply with the provisions of the Agreement, including this Annex and any other <br /> applicable agreements binding upon Motorola. <br /> Security and Privacy Awareness. Motorola must ensure that its employees and contractors <br /> remain aware of industry standard security and privacy practices, and their responsibilities for <br /> protecting Customer Data and Personal Data. This must include, but not be limited to, protection <br /> against malicious software, password protection, and management, and use of workstations and <br /> computer system accounts. Motorola requires periodic Information security training, privacy <br /> training, and business ethics training for all employees and contract resources <br /> Sanction Policy. Motorola maintains a sanction policy to address violations of Motorola's internal <br /> security requirements as well as those imposed by law, regulation, or contract. <br /> Background Checks. Motorola follows its standard mandatory employment verification <br /> requirements for all new hires. In accordance with Motorola internal policy, these requirements <br /> must be periodically reviewed and include, but may not be limited to, criminal background checks, <br /> proof of identity validation and any additional checks as deemed necessary by Motorola. <br /> Measures for ensuring events logging <br /> Protection, and Response. Motorola assesses organization's effectiveness annually via external <br /> assessors who report and share the assessment findings with Motorola Audit Services who tracks <br /> any identified remediations. For more information, please see the Motorola Trust Center at <br /> https://www.motorolasolutions.com/en us/about/trust-center/security.html <br /> Measures for certification/assurance of processes and products <br /> Motorola performs internal Secure Application Review and Secure Design Review security audits <br /> and Production Readiness Review security readiness reviews prior to service release. Where <br /> appropriate, privacy assessments are performed for Motorola's products and services.A risk register <br /> is created as a result of internal audits with assignments tasked to appropriate personnel. Security <br /> audits are performed annually with additional audits as needed. Additional privacy assessments, <br /> including updated data maps, occur when material changes are made to the products or services. <br /> Further, Motorola Solution has achieved AICPA SOC2 Type 2 reporting and ISO/IEC <br /> 27001:2013 certification for many of its development and support operations. <br /> Measures for ensuring data minimization <br /> Motorola Solutions policies require processing of all personal information in accordance with <br /> applicable law, including when that law requires data minimization. Further, Motorola Solutions <br /> Data Processing Addendum V.2022.12 7 <br />