|
e. "Cloud" means data storage on servers hosted by an entity other than the Contractor and on a
<br />network outside the control of the Contractor. Physical storage of data in the cloud typically spans
<br />multiple servers and often multiple locations. Cloud storage can be divided between consumer
<br />grade storage for personal files and enterprise grade for companies and governmental entities.
<br />Examples of consumer grade storage would include iTunes, Dropbox, Box.com, and many other
<br />entities. Enterprise cloud vendors include Microsoft Azure, Amazon Web Services, and Rackspace.
<br />f. "Confidential Information" means to encode Confidential Information into a format that can only be
<br />read by those possessing a "key'; a password, digital certificate or other mechanism available only
<br />to authorized users. Encryption must use a key length of at least 256 bits for symmetric keys, or
<br />2048 bits for asymmetric keys. When a symmetric key is used, the Advanced Encryption Standard
<br />(AES) must be used if available.
<br />g. "Data" means DCYF's records, files, forms, information and other documents in electronic or hard
<br />copy medium. "Data" includes, but is not limited to, Confidential Information, Category 4 Data,
<br />Sensitive Personal Information, or Materials.
<br />h. "Encrypt" means to encode Confidential Information into a format that can only be read by those
<br />possessing a "key"; a password, digital certificate or other mechanism available only to authorized
<br />users. Encryption must use a key length of at least 256 bits for symmetric keys, or 2048 bits for
<br />asymmetric keys. When a symmetric key is used, the Advanced Encryption Standard (AES) must
<br />be used if available.
<br />I. "FedRAMP" means the Federal Risk and Authorization Management Program (see
<br />https://www.fedramp.gov/), which is an assessment and authorization process that federal
<br />government agencies have been directed to use to ensure security is in place when accessing
<br />Cloud computing products and services.
<br />j. "Hardened Password" means a string of at least eight characters containing at least three of the
<br />following four character classes: Uppercase alphabetic, lowercase alphabetic, numeral, and special
<br />characters such as an asterisk, ampersand, or exclamation point.
<br />k. "Mobile Device" means a computing device, typically smaller than a notebook, which runs a mobile
<br />operating system, such as iOS, Android, or Windows Phone. Mobile Devices include smart phones,
<br />most tablets, and other form factors.
<br />"Multi -factor Authentication" means controlling access to computers and other IT resources by
<br />requiring two or more pieces of evidence that the user is who they claim to be. These pieces of
<br />evidence consist of something the user knows, such as a password or PIN; something the user has
<br />such as a key card, smart card, or physical token; and something the user is, a biometric identifier
<br />such as a fingerprint, facial scan, or retinal scan. "PIN" means a personal identification number, a
<br />series of numbers which act as a password for a device. Since PINs are typically only four to six
<br />characters, PINs are usually used in conjunction with another factor of authentication, such as a
<br />fingerprint.
<br />m. "Portable Device" means any computing device with a small form factor, designed to be transported
<br />from place to place. Portable devices are primarily battery powered devices with base computing
<br />resources in the form of a processor, memory, storage, and network access. Examples include, but
<br />are not limited to, mobile phones, tablets, and laptops. Mobile Device is a subset of Portable
<br />Device.
<br />Department of Children, Youth & Families
<br />2017C= County Program Agreement 6-24-20 Page 9
<br />
|