§ 521.3. Security.
(a) Primary responsibility. The LDPC has primary responsibility for maintaining security for the service. In response to a security attack or exploit or in response to a well-founded threat to the security of the service, the LDPC may take action it deems necessary, including suspension of the service on a user, agency or entity or network-wide basis, to preserve the integrity of the service.
(b) Agency and entity responsibility.
(1) Each agency or entity that connects to the service shall ensure that its connection to and use of the service does not jeopardize the security of the service.
(2) With regard to individual users, each agency or entity shall ensure that only authorized users from its local environment are able to access the service. For accountability purposes in the event of a security threat or breach, the LDPC has the right to trace the route from a user to points within the service. Each agency or entity shall maintain and, upon request, shall make available to the LDPC a secure log of access events. The log shall be in a format and be for a period as the LDPC prescribes.
(c) User responsibility. A user may not knowingly engage in an action that undermines the security of the service or interferes with use of the service by another user.
No part of the information on this site may be reproduced for profit or sold for profit.
This material has been drawn directly from the official Pennsylvania Code full text database. Due to the limitations of HTML or differences in display capabilities of different browsers, this version may differ slightly from the official printed version.