Security Annex for 2FA Additional Terms for Two Factor Authentication Service

Similar documents
Security Annex for Firewalls Additional Terms for Firewall Service

Security Annex for Firewalls Additional Terms for Firewall Service

ADDITIONAL TERMS FOR VIRTUAL DATA CENTRE SERVICE SCHEDULE 2N

ADDITIONAL TERMS FOR HOSTED EXCHANGE SERVICES SCHEDULE 2Z

Interoute Application Management comprises the following managed services for application and database software:

How To Use Adobe Software For A Business

Rekoop Limited Standard Terms of Business

Schedule Document. Leased Lines & Ethernet Based Services. Node4 Limited 29/11/2007

schedule 2f additional terms for internet services

Schedule 2Z Virtual Servers, Firewalls and Load Balancers

TERMS AND CONDITIONS GOVERNING THE USE OF NBADS ONLINE TRADING

Egress Switch & File Encryption Service Description

SaaS Terms & Conditions

MANAGED SECURITY SERVICES RESPONSIBILITIES GUIDE July 2013

means the charges applied by Ancar B Technologies Limited which recur annually;

MAILGUARD, WEBGUARD AND ARCHIVING SERVICE SCHEDULE

January Brennan Voice and Data Pty Ltd. Service Level Agreement

Information Crib Sheet Internet Access Service Agreement

Point of Demarcation shall mean the physical point at which the Provider Network ends and the private network of the Customer begins.

EASYNET CHANNEL PARTNERS LIMITED PARTNER MASTER SERVICES AGREEMENT HYBRID CLOUD IT PRODUCT TERMS

Gilat Satcom Support Level Agreement ("SLA") This SLA shall apply only to Optical Fiber IP Connectivity Services and describes the support services

Maintenance and Service Level Agreement (SLA)

AAPT Business NBNPhone

CLOUD SERVICE SCHEDULE Newcastle

2. Our Conditions 2.1 When They Apply 2.2 Deposit 2.3 Your Account and On Line Sign Up 2.4 Minimum Period of Service 2.

RESIDENTIAL AND SMALL COMMERCIAL UNIFORM DISCLOSURE STATEMENT FOR ILLINOIS

Kinetic Internet Limited

TIMICO LIMITED SERVICE SPECIFIC SCHEDULES

Backup & Storage Service Terms & Conditions

XCEL ENERGY S ebill AND ebill PAYMENT TERMS OF USE

Electronic business conditions of use

SERVICE SCHEDULE FOR ETHERNET PASS-THROUGH SERVICES

CRM Support Services Agreement

CLOUD SERVICE SCHEDULE

Service Description. 3SKey. Connectivity

INFRASTRUCTURE AS A SERVICE (IAAS) SERVICE SCHEDULE Australia

INCIDENT MANAGEMENT SCHEDULE

Supplier IT Security Guide

July Brennan IT Voice and Data. Service Level Agreement

For the purpose of this agreement the following words and phrases shall have the meanings detailed below:

Community Anchor Institution Service Level Agreement

SCHEDULE DOCUMENT HOSTED TELEPHONY PUBLIC NODE4 LIMITED 03/02/2014

GRTGAZ NETWORK TRANSMISSION CONTRACT

TERMS AND CONDITIONS FOR PAYMENT CARDS SERVICING

Additional Terms for managed hosting services

Schedule 2 VoIP Service

Business Online Banking Client Setup Form

Greenway Customer Support SUPPORT POLICIES. To deliver world class client experiences that delight each and every time we interact with our clients.

QIPoint Software Technical Support Policies Effective Date: 01-December-2014

EASYNET CHANNEL PARTNERS LIMITED PARTNER MASTER SERVICES AGREEMENT HOSTED IP TELEPHONY SERVICE PRODUCT TERMS

How To Use Kendallville Internet For Free

PG Acquisition Information Package. Standard Terms and Conditions for Participant Gateway

3.1 Security Operations Centers. 3.2 Portal. 3.3 Services Contacts

SCOPE OF SERVICE Hosted Cloud Storage Service: Scope of Service

COUNTY OF ORANGE, CA Schedule 2D Service Desk Services SOW SCHEDULE 2D SERVICE DESK SERVICES SOW. for. Date TBD

Online Banking Agreement & Disclosure

ADDENDUM. Dedicated Servers v3.0

Dedicated Server Services Specific Terms and Conditions

SPINTEL MOBILE SERVICE DESCRIPTION

REPAIR SERVICES AND PROCESSING FEES.

RSA SecurID Tokens Service Level Agreement (SLA)

Entee Global Services General Terms and Conditions

Module 3 Licensed Software TABLE OF CONTENTS. Version 3.0

SERVICE SCHEDULE ReachONE Internet Metro Ethernet (Version Issue Date: July 17, 2012)

Product Support and Maintenance Terms & Conditions

Service Level Agreement

Data Processing Agreement for Oracle Cloud Services

BUSINESS ONLINE BANKING ENROLLMENT FORM

Schweizerische Informatikkonferenz Conférence Suisse sur l'informatique Conferenza Svizzera sull Informatica

Mobile Banking Service Agreement (Addendum to your Primary Online Banking Service Agreement)

BUSINESS ONLINE BANKING AGREEMENT

Schedule 2i. All the terms indicated above in capital letters are defined below.

HP Software as a Service

(c) Support Response Time Target 30 minute Support Response Time Target for Emergency Incidents; and

Technical Help Desk Terms of Service

Managed Service for MaaS360 Helpdesk to Helpdesk Support Service Charter

SALEM FIVE ONLINE BANKING AGREEMENT

Transcription:

CONTENTS 1 Glossary of Terms & Definitions... 2 2 Service Description... 2 2.1 Provisioning... 2 2.2 Setup... 2 2.3 Technical Support... 3 2.4 Administrator Responsibilities... 3 2.5 Devices... 3 3 Vendor Change... 3 4 Charges... 3 4.1 Charges payable by the... 3 4.2 Additional Charges... 3 5 Service Levels... 4 5.1 Availability... 4 5.2 Service Unavailability... 4 6 Service Credits... 4 6.1 Claiming Service Credits... 4 6.2 Calculation of Service Credits... 4 7 Responsibilities... 5 7.1 Technical Representatives... 5 7.2 Other Responsibilities... 5 8 Service Operation... 5 8.1 Incident Management... 5 8.2 Exclusions... 5 Page 1

1 GLOSSARY OF TERMS & DEFINITIONS 2FA means the technology involved in the provision of the Two Factor Authentication Services, this can include Hardware Devices, Software Devices and third party services; 2FA Administration Portal means an Internet portal that allows the Administrator, through a web browser, to perform administrative functions including, but not limited to, assigning and de-assigning Devices to End Users; Administrator means any person the designates to administer the Service by the ; Authentication Node means any item of Equipment that is configured to receive access requests from End Users and to forward same along with the End Users credentials to 2FA for verification; Device means Hardware Devices and Software Devices; End User means the actual end user of the Service; Event means when any monitored component of the Supported Software is not operating pursuant to its standard functionality, as identified by a Monitoring Agent and indicated by alerts on s monitoring systems; Hardware Device means a hardware token which may incorporate firmware (such as a key-fob token); Incident means an unplanned interruption to a Service or deterioration in the normal quality of a Service; Incident Management means the Incident management Service provided by pursuant to this Annex to investigate an Event or Incident; SLO means Service Level Objective, which is a specific target within the Service Level Agreement; Software means (i) Software Devices; and/or (ii) all other software provided to ; and Software Device means a software token installed on generic hardware such as a PC, mobile phone or personal digital assistant. Two Factor Authentication Service means the internet based authentication service, that validates the credentials of End Users passed to by the Authentication Node, provided by on behalf of s third party supplier; Any other terms in capital letters shall have the meaning set forth in Schedule 1. 2 SERVICE DESCRIPTION The Two Factor Authentication Service uses 2FA secure Devices to access the s network. In order to permit access to the s resources or network, the End User must have their username, password and (if applicable) the Device in their possession. 2.1 PROVISIONING will ensure the Devices are initialised for use on the Two Factor Authentication Service and will deliver any Hardware Devices to the at a single delivery address outlined on the relevant Purchase Order. It shall be the s responsibility to distribute Hardware Devices or any Software Devices to their End Users. 2.2 CUSTOMER SETUP will create an account for the Administrator on the 2FA Administration Portal in order for the Administrator to add the Authentication Node details into the 2FA Administration Portal. Page 2

2.3 TECHNICAL SUPPORT will provide a first line support service to the Administrator which shall include call logging only. shall provide the first line support service during Working Hours. All other support shall be provided by the third party supplier. Except as set out in this Agreement, shall have no further liability in relation to these Services. 2.4 ADMINISTRATOR RESPONSIBILITIES For the avoidance of doubt, the Administrator is solely responsible for the following: a. Managing profiles, permissions and other aspects in respect of setting up and maintaining End Users within the system; b. Providing information and instructions to End Users to enable authentication using the Two Factor Authentication Service; c. Unlocking, resetting and re-synchronising Devices; d. Diagnosing and replacing faulty and broken or lost Devices; e. Setting up and managing the operation of the Authentication Node(s); f. Gaining usage reports from the 2FA Administration Portal. 2.5 DEVICES 2.5.1 Devices are provided to the on an as is basis. 2.5.2 It is the responsibility of the to satisfy itself that the Devices will function in the way required and with the equipment it wishes to use them on. does not support any issues that may be caused by the use of the Devices and will not deal with issues relating to them directly. 2.5.3 Software Devices are provided to the directly by s third party supplier. 2.5.4 Hardware Devices are provided to the by. 2.5.5 The third party supplier validates the use of the Devices on the generally available versions of the operating systems as advised by. 3 VENDOR CHANGE may from time to time change its third party supplier of these Services. Such change will not require the s consent except where such change is likely to have a material adverse effect on the Service Levels following its implementation. 4 CHARGES 4.1 CHARGES PAYABLE BY THE CUSTOMER Charges for the Service comprise of an initial on-boarding Installation Charge, a Fixed Rate Charge and any additional Charges set out within the Purchase Order. 4.2 ADDITIONAL CHARGES 4.2.1 Unless otherwise agreed between the Parties in writing, any Additional Charges will be charged according to the Professional Service Charges. 4.2.2 In addition to clause 4.2.1 above, any additional work agreed outside of a Working Day, will incur Professional Service Charges calculated on an hourly basis. Page 3

5 SERVICE LEVELS Further to the Service Levels set out within the Schedule 2 to which this Annex is appended, Service Levels are defined for the following Service performance measurements: a. Two Factor Authentication Service Availability 5.1 AVAILABILITY Service Availability SLO Two Factor Authentication Service 99.95% uses the following formula to calculate monthly Availability: For the purpose of Availability measurement, Service Unavailability excludes any Planned Outage. 5.2 SERVICE UNAVAILABILITY The Two Factor Authentication Service is considered to be Unavailable where the 2FA Administrator Portal is not accessible by Administrator(s). 6 SERVICE CREDITS 6.1 CLAIMING SERVICE CREDITS 6.1.1 Failure to meet a Service Level Objective (SLO) for a Service entitles the to claim Service Credits (subject to the exceptions set out herein and in Schedule 1). The must provide to all reasonable details regarding the relevant Service Credits claim, including but not limited to, detailed descriptions of the Incident, its duration and any attempts made by to resolve it. will use all information reasonably available to it to validate claims and make a good faith judgment on whether the Service Levels apply to the claim. 6.1.2 Unavailability of the Service cannot be used to claim failure of another service. shall not be responsible for any cross default. 6.1.3 is entirely dependent on agreement from our third party supplier that there has been an issue or service performance problem. is unable to recognise Service Credits against the SLO without the third party supplier agreeing the failure of the service to perform. 6.2 CALCULATION OF SERVICE CREDITS Where Availability falls below target during any Monthly Review Period, the will be entitled to Service Credits as follows: Availability for the Service during Monthly Review Period falling below target by: Service Credits as % of the applicable 2FA Fixed Rate Charge Up to 1% 5% 1% 2.5% 10% 2.5% 5% 15% More than 5% 20% Page 4

7 CUSTOMER RESPONSIBILITIES 7.1 TECHNICAL REPRESENTATIVES The must designate one or more qualified persons as their technical representatives and support points of contact with. These technical contacts can be updated online, by phone, or email and must be provided for both pre and post installation, and during Incident Management. 7.2 OTHER RESPONSIBILITIES undertakes that it shall: a. report any Incidents or problems with the Services to the Contact Centre as soon as such problems have been identified; b. provide feedback on any maintenance approval requests passed to the within the reasonable times specified within such requests; c. do such other things and provide such information as may reasonably request in order for to provide the Service; d. not initiate a penetration test without agreeing and complying to the current Penetration Test Agreement. In case a penetration test is undertaken and no respective Penetration Test Agreement was signed, herby agrees that the Penetration Test Agreement is deemed to have been signed and that its stipulations bindingly apply. 8 SERVICE OPERATION 8.1 INCIDENT MANAGEMENT 8.1.1 Depending on the impact an Event or Incident has on the Service, each Event or Incident is categorized pursuant to paragraph 8.1.2 into one of three priority levels: priority level 1 (Critical), priority level 2 (Major) or priority level 3 (Standard). 8.1.2 Any Events or Incidents relating to a security incident which requires post-restoration investigation are considered out of scope for the Incident Management Service. Priority Description Hours of Operation Response Time Critical (1) When the Service is Unavailable. 24/7 30 minutes Major (2) Standard (3) The performance of the Service is degraded, but it is still Available A system or component of the Service is not available and a temporary fix may be available. Where there is not a critical need and no impact to the delivery or use of the Service. Working Day 2 hours Update Frequency 2 hours 4 hours N/A If responds to and works on a reported Incident and it is subsequently found not to be an Incident with the Service then Professional Service Charges will apply. 8.2 EXCLUSIONS acts as a reseller of the Two Factor Authentication Service only. shall not be liable to the for the direct support of End Users of the Service. Should any issues with the Devices arise, the must contact and will forward issues to the third party supplier. Except as set out above, shall have no further responsibility and/or liability to the in relation to the Two Factor Authentication Service. Page 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information