User Entity Controls

The GLS systems have been designed with the assumption that certain controls would be placed in operation by our clients which complement the controls at GLS. These include:

 

User passwords provided to GLS staff

When providing GLS with user names and passwords to retrieve user data, clients are responsible for providing user names and passwords that use strong levels of security.

 

Passwords on GLS systems

Clients are responsible for periodically requesting password changes on accounts used to access GLS’ web-based systems such as SFTP, InSite, DirectConnect, WebHouse, Mediaplatter, etc.

 

Security of data files during transit to GLS

Clients are responsible for the security of the data files while they are in transit to GLS, including file encryption and address validation processes.

 

Security of data files after transmission from GLS

Clients are responsible for the security of the requested data files and physical media after they have been received from GLS. GLS encourages clients to implement appropriate physical and network security controls, along with user education programs.