Laserfiche WebLink
EXHIBIT 1 <br /> i- <br /> Insight <br /> employees to coordinate and be accountable for the information security program. The <br /> information security program will include the following measures: <br /> (1) Network Security. The AWS Network will be electronically accessible to employees, <br /> contractors and any other person as necessary to provide the Services. AWS will <br /> maintain access controls and policies to manage what access is allowed to the AWS <br /> Network from each network connection and user, including the use of firewalls or <br /> functionally equivalent technology and authentication controls. AWS will maintain <br /> corrective action and incident response plans to respond to potential security threats. <br /> (2) Physical Security. <br /> (a) Physical Access Controls. Physical components of the AWS Network are housed in <br /> nondescript facilities (the "Facilities"). Physical barrier controls are used to prevent <br /> unauthorized entrance to the Facilities both at the perimeter and at building access <br /> points. Passage through the physical barriers at the Facilities requires either <br /> electronic access control validation (e.g., card access systems, etc.) or validation <br /> by human security personnel (e.g., contract or in-house security guard service, <br /> receptionist, etc.). Employees and certain contractors are assigned photo-ID <br /> badges that must be worn while the employees and contractors are at any of the <br /> Facilities. Visitors and any other contractors are required to sign-in with <br /> designated personnel, must show appropriate identification, are assigned a visitor <br /> ID badge that must be worn while the visitor is at any of the Facilities, and are <br /> continually escorted by authorized employees or contractors while visiting the <br /> Facilities. <br /> (b) Limited Employee and Contractor Access. AWS provides access to the Facilities to <br /> those employees and contractors who have a legitimate business need for such <br /> access privileges. When an employee or contractor no longer has a business need <br /> for the access privileges assigned to him/her, the access privileges are promptly <br /> revoked, even if the employee or contractor continues to be an employee of AWS <br /> or its affiliates. <br /> (c) Physical Security Protections. All access points (other than main entry doors) are <br /> maintained in a secured (locked) state. Access points to the Facilities are <br /> monitored by video surveillance cameras designed to record all individuals <br /> accessing the Facilities. AWS also maintains electronic intrusion detection systems <br /> designed to detect unauthorized access to the Facilities, including monitoring <br /> points of vulnerability (e.g., primary entry doors, emergency egress doors, roof <br /> hatches, dock bay doors, etc.) with door contacts, glass breakage devices, interior <br /> motion-detection, or other devices designed to detect individuals attempting to <br /> gain access to the Facilities. All physical access to the Facilities by employees and <br /> contractors is logged and routinely audited. <br /> ii) Continued Evaluation. AWS will conduct periodic reviews of the security of its AWS <br /> Network and adequacy of its information security program as measured against industry <br /> security standards and its policies and procedures. AWS will continually evaluate the <br /> security of its AWS Network and associated Services to determine whether additional or <br /> different security measures are required to respond to new security risks or findings <br /> generated by the periodic reviews. <br /> (1) Your Responsibilities. You are responsible for all physical and logical access controls <br /> beyond the AWS Network including, but not limited to, Your account access, data <br /> Rev. 06/21Q Page 6 of 7 <br />