My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Reso 2021-3185
SIBFL
>
City Clerk
>
Resolutions
>
Regular
>
2021
>
Reso 2021-3185
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
7/28/2021 3:03:08 PM
Creation date
4/28/2021 10:18:49 AM
Metadata
Fields
Template:
CityClerk-Resolutions
Resolution Type
Resolution
Resolution Number
2021-3185
Date (mm/dd/yyyy)
04/15/2021
Description
P.O. for unleaded fuel using fuel card program. State of Florida contract with WEX Bank.
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
173
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
Continuity Plan ensures that WEX employees, and the physical and information assets entrusted <br />to us by our clients are protected by viable response and recovery plans. The Corporate BCP takes <br />an all hazards approach to the assessment of risk posed to critical business functions and develops <br />comprehensive plans that provide for effective recovery from a disruption of critical business <br />functions. The plans are tested before implementation and exercised regularly thereafter to <br />ensure their viability and continued improvement. <br />In instances of fraud or card skimming, WEX works in a similar manner to ensure accounts and <br />customer information is shut off and safeguarded. See discussion of WEX's fraud detection <br />system, SaferPayments, in our response to Question 15.4. <br />7.7 Contractor must provide and maintain an appropriate information security program to prevent <br />the unauthorized disclosure, misuse, alteration, or destruction of confidential information. <br />As part of the WEX BCP, WEX has in place an information security program that exists to safeguard <br />both WEX and WEX customers from the unauthorized disclosure of information, especially <br />sensitive information. This includes unauthorized disclosure, misuse, alteration or destruction of <br />confidential information. The WEX Information Security Program outlined below covers the <br />protection of cards, account numbers, passwords, PINS, transaction data, among many other <br />sensitive systems and information. <br />The WEX production data center is a secure facility, accessed by badge readers and monitored by <br />CCTV. The facility is staffed 24x7x365. The WEX data center has a Tier III rating as specified by the <br />uptime institute. WEX visitors and maintenance personnel are only allowed access to data center <br />facilities with an authorized escort and approved business need. <br />WEX has an ISO 27001/27002 based Information Security Program that includes robust access <br />controls, security monitoring controls, governance, risk and compliance, backup and recovery <br />capabilities, regular penetration testing and vulnerability scanning, strong physical and <br />environmental controls, policies and procedures, and security awareness training. Policies and <br />standards are reviewed and updated annually. Procedures are owned by the individual teams and <br />are required to meet the standards and also be approved by their management. <br />WEX also obtains a SSAE16 SOC1, PCI-DSS certification over our WEXOnline° platform, and is <br />subjected to regular reviews and oversight by Internal Audit, External Audit, FDIC Examiners, and <br />various third parties. <br />The SSAE16 SOC1, PCI-DSS certification governs WEX security protocols for how we handle <br />customer information like cards, account numbers, passwords, personal identification numbers <br />and transaction data. <br />Vendor Access <br />WEX has a Vendor program that establishes the following review and oversight areas: <br />Information Security service provider review, Procurement review, and Legal Department review <br />that must be performed prior to a third party being approved. Logical access is then requested by <br />the WEX manager that owns the relationship with the third party and provisioned by a systems <br />access group. <br />System Patches <br />System patches, including service packs and security fixes are reviewed and approved following <br />standard change management processes. Relevant patches are applied as soon as practical given <br />MASTER AGREEMENT No. 00819 — FLEET CARD SERVICES PAGE 106 OF 138 <br />
The URL can be used to link to this page
Your browser does not support the video tag.