Home
Agriculture
EXHIBIT C-1 - SECURE WORK SPACE REQUIREMENTS
EXHIBIT C-1 - SECURE WORK SPACE REQUIREMENTS
hannica ain valdezco

EXHIBIT C-1 - SECURE WORK SPACE REQUIREMENTS

Use this Template
Print as PDF
graphic of a hand making an okay sign ×

Free EXHIBIT C-1 - SECURE WORK SPACE REQUIREMENTS Checklist

Use this Template

Title Page

  • Site conducted

  • Conducted on

  • Prepared by

  • Location

Untitled Page

Physical Security and Access

  • Electronic access will include anti-tailgating and anti-passback controls (swipe in, swipe out)

  • Where possible, physical controls such as turnstiles are preferred

  • Entry into the SWS will be limited to only those persons requiring access for the purposes of performing under this Agreement. The Verizon Project Manager must approve all visitors to the

  • MACCS: Master Agreement for Contact Center Services – GDPR – Feb 2019

  • Verizon Proprietary and Confidential

  • Asurion_Internal_Use_Only maintenance, either electronically or via written logs. Logs must be available for review for at least

  • 180 days or for the maximum retention period permitted under local law

  • Workspace should be provided for storing personal items. All devices such as mobile phones, USB storage drives, CDs/DVD’s, and other electronic media, recording devices, iPods, MP3 players, and

  • CD players are prohibited. Any exceptions must be reviewed and approved by Verizon

  • 2.10. Use of paper, pens, pencils, and printed material in any form is not allowed inside the SWS, except pursuant to procedures specified by Verizon or as permitted by the Verizon Project Manager

  • 2.11. All personal items are restricted from entering the SWS. Secured lockers outside the Secured

  • 2.12. All personnel entering and exiting the restricted space will be screened by the guard via a metal preferred

  • 2.13. Security guards will monitor and document all activities in the SWS including housekeeping and

  • 2.14. Where servers and network devices associated with the SWS have distinct administrative staff, the

  • 2.15. Access to network cabling, electrical circuits and panels, or other infrastructure will be limited to

  • 2.16. Training rooms must meet the same criteria and standards as SWS. If the training room(s) is

  • 2.17. All personal computer CPUs must be secured with a cable lock. All CPU chassis must also be

  • 2.18. All offices and conference rooms within the SWS must have lockable doors and remain locked

  • 2.19. All rooms, doors and computer hardware secured by a physical key must be done so using an

  • All SWS systems must require unique user authentication and all access to such systems must be permitted under local law

  • Logical Security when unoccupied

  • Segregation of network and use of segregated VLAN for each project is required

  • MACCS: Master Agreement for Contact Center Services – GDPR – Feb 2019

  • Verizon Proprietary and Confidential

  • Asurion_Internal_Use_Only rule violations. Logs must be monitored and available for review for at least 180

  • Network segmentation must be done through a dedicated SWS firewall. Firewalls will log

  • Access to the Internet is not allowed from the SWS

  • 3.8. must be approved by Verizon in writing

  • 3.10. Personnel requiring both SWS and non-secure workspace access will be assigned separate access the SWS.)

  • 3.11. Personnel are not permitted to circumvent logical controls from within the SWS and Supplier shall

  • 3.12. Moving information outside of the Verizon virtual environment is prohibited and controls to prevent local copying and pasting must be implemented

  • 3.13. Remote access to SWS systems is prohibited

  • 3.14. Access to email within the SWS is prohibited

  • 3.15. Modems, Bluetooth or other wireless type connections to SWS systems are prohibited. This

  • 3.16. System administration of SWS systems will be performed from SWS locations

  • MACCS: Master Agreement for Contact Center Services – GDPR – Feb 2019

  • Verizon Proprietary and Confidential

  • Asurion_Internal_Use_Only printers

Compliance and Monitoring

  • Electronic logging must be performed for all network attached systems and devices to record the information specified in the individual controls. Logs must be monitored for suspicious activity

  • All security and access records must be available for review by Verizon upon request

  • MACCS: Master Agreement for Contact Center Services – GDPR – Feb 2019

  • Verizon Proprietary and Confidential

  • Asurion_Internal_Use_Only

EXHIBIT C-2 - SECURE WORK SPACE FOR VENDOR SHARED ENVIRONMENTS

  • REV 1/26/2016

  • This Exhibit C-2 provides requirements for Projects required to implement a secure work space (SWS) the existing SOW and/or Agreement, this Exhibit C-2 will control

Definitions

Physical Security and Access

  • Video Cameras must monitor the entrances and exits (both inside and out), as well as the general secured areas. Real-time active video monitoring by security personnel will cover 24x7x365

  • Electronic access will include anti-tailgating and anti-passback controls (swipe in, swipe out)

  • Where possible, physical controls such as turnstiles are preferred

  • MACCS: Master Agreement for Contact Center Services – GDPR – Feb 2019

  • Verizon Proprietary and Confidential

  • Asurion_Internal_Use_Only

  • 2.13. Security guards will monitor and document all activities in the SWS including housekeeping and least 180 days or for the maximum retention period permitted under local law

  • 2.14. Where servers and network devices associated with the SWS have distinct administrative staff, (e.g., cabinet locks)

  • 2.15. Access to network cabling, electrical circuits and panels, or other infrastructure will be limited to authorized individuals

  • 2.16. Training rooms must meet the same criteria and standards as SWS. If the training room(s) is training rooms require electronic access cards with anti-passback controls

  • 2.17. All Personal Computer CPUs must be secured with a cable lock. All CPU chassis must also be secured to prevent unauthorized chassis removal/dismantling

  • 2.18. All offices and conference rooms within the SWS must have lockable doors and remain locked when unoccupied

  • 2.19. All rooms, doors and computer hardware secured by a physical key must be done so using an auditable key control system

  • Logical Security

  • MACCS: Master Agreement for Contact Center Services – GDPR – Feb 2019

  • Verizon Proprietary and Confidential

  • Asurion_Internal_Use_Only

  • Login credentials must meet industry best practices for complexity and expiration periods

  • Network segmentation must be done through a Firewall. Firewalls will log attempted rule violations. Logs must be monitored and available for review for at least 180 days as requested by

  • 3.10. Remote access to SWS systems is prohibited

  • 3.11. Access to email within the SWS is prohibited

  • 3.12. Modems, Bluetooth or other wireless type connections to SWS systems are not allowed. This includes connections to external systems via wireless data connection (broadband, LTE, 3G, 4G, WiFi, etc)

  • 3.13. System administration of SWS systems will be performed from SWS locations

  • In the event the vendor permits printing by users in the SWS, printing must be to printers located in the SWS environment and not to printers located outside the SWS. Printers inside the Secure

  • Workspace must not be accessible from outside the SWS environment. Printers must not be

  • MACCS: Master Agreement for Contact Center Services – GDPR – Feb 2019

  • Verizon Proprietary and Confidential

  • Asurion_Internal_Use_Only near printers

3.15. Compliance and Monitoring

  • 3.17. Logs and other documentation related to physical access control will be reviewed on a periodic under local law

  • 3.18. Project team may designate one person responsible for user access provisioning and this is not feasible, one person may perform both functions

  • 3.19. Electronic logging will be performed for all network attached systems and devices to record the information specified in the individual controls. Logs will be monitored for suspicious activity

  • 3.20. Systems such as intrusion prevention/detection systems and content filters will be implemented to improve the security of the SWS. Security logging will be performed by all security systems

  • 3.21. Pertinent security and access records will be available for review by Verizon upon request

  • 3.22. When requested by Verizon, periodic access to Verizon-specific monitoring logs will be arranged

  • MACCS: Master Agreement for Contact Center Services – GDPR – Feb 2019

  • Verizon Proprietary and Confidential

  • Asurion_Internal_Use_Only

EXHIBIT C-1 - SECURE WORK SPACE REQUIREMENTS
hannica ain valdezco

EXHIBIT C-1 - SECURE WORK SPACE REQUIREMENTS

Use this Template
The templates available in our Public Library have been created by our customers and employees to help get you started using SafetyCulture's solutions. The templates are intended to be used as hypothetical examples only and should not be used as a substitute for professional advice. You should seek your own professional advice to determine if the use of a template is permissible in your workplace or jurisdiction. You should independently determine whether the template is suitable for your circumstances.

Related checklists

KPI Site Scorecard Survey - Dayton Specific
Kent Walton
KPI Site Scorecard Survey - Dayton Sp...
7 Downloads
back arrow for carousel
back arrow for carousel
iAuditor Logo Icon ©SafetyCulture 2022