{"component": "clause", "props": {"groups": [{"size": 10, "snippet": "As a mitigating factor against malware, all Braze servers run LTS editions of Operation Systems, as well as the endpoint detection and response(EDR) service, Crowdstrike. \u2587\u2587\u2587\u2587\u2587 adopts the principle of least privilege for all accounts running application or database services. Proper change management ensures that only authorized packages are installed via a package management system containing only trusted software, and that software is never installed manually. All Braze employee computers have virus scanners installed and updated definitions sent out from a central device management platform.", "samples": [{"hash": "53aCRr4XS5b", "uri": "/contracts/53aCRr4XS5b#malware-prevention", "label": "Data Processing Addendum", "score": 35.4943618774, "published": true}, {"hash": "5LNt9joWHGm", "uri": "/contracts/5LNt9joWHGm#malware-prevention", "label": "Data Processing Addendum", "score": 35.3582191467, "published": true}, {"hash": "8KJCKX4MyXJ", "uri": "/contracts/8KJCKX4MyXJ#malware-prevention", "label": "Data Processing Addendum", "score": 35.257724762, "published": true}], "snippet_links": [{"key": "mitigating-factor", "type": "definition", "offset": [5, 22]}, {"key": "of-operation", "type": "clause", "offset": [75, 87]}, {"key": "principle-of-least-privilege", "type": "definition", "offset": [188, 216]}, {"key": "all-accounts", "type": "clause", "offset": [221, 233]}, {"key": "database-services", "type": "clause", "offset": [257, 274]}, {"key": "change-management", "type": "clause", "offset": [283, 300]}, {"key": "management-system", "type": "clause", "offset": [367, 384]}, {"key": "device-management", "type": "clause", "offset": [573, 590]}], "hash": "9202298329f19553b3cc285719fd56e7", "id": 1}, {"size": 8, "snippet": "We use industry standard practices to avoid the inclusion of any program, routine, subroutine, or data (including malicious software or \u201cmalware,\u201d viruses, worms, and Trojan Horses) in applications running within Genesys services.", "samples": [{"hash": "helxJ1KnMXs", "uri": "/contracts/helxJ1KnMXs#malware-prevention", "label": "Data Processing Addendum", "score": 36.4292324854, "published": true}, {"hash": "dTYBy92Zwz5", "uri": "/contracts/dTYBy92Zwz5#malware-prevention", "label": "Data Processing Addendum", "score": 36.2168579102, "published": true}, {"hash": "lAbL1Be4prK", "uri": "/contracts/lAbL1Be4prK#malware-prevention", "label": "Data Processing Addendum", "score": 36.1937446594, "published": true}], "snippet_links": [{"key": "industry-standard-practices", "type": "clause", "offset": [7, 34]}, {"key": "inclusion-of", "type": "clause", "offset": [48, 60]}, {"key": "malicious-software", "type": "clause", "offset": [114, 132]}], "hash": "2fa35df7342aaf3fb0cf4bc102c42374", "id": 2}, {"size": 3, "snippet": "As a mitigating factor against malware, all Braze servers run LTS Editions of Operation Systems as well as ClamAV and/or Sophos for virus and malware protection. Braze adopts the principle of least privilege for all accounts running application or database services. Proper change management ensures that only authorized packages are installed via a package management system containing only trusted software, and that software is never installed manually. All Braze employee computers have virus scanners installed and updated definitions sent out from a central device management platform.", "samples": [{"hash": "cjxvVNU7s5O", "uri": "/contracts/cjxvVNU7s5O#malware-prevention", "label": "Data Processing Addendum", "score": 32.017906189, "published": true}, {"hash": "dZ3XHoSdv05", "uri": "/contracts/dZ3XHoSdv05#malware-prevention", "label": "Data Processing Addendum", "score": 30.9913921356, "published": true}], "snippet_links": [{"key": "mitigating-factor", "type": "definition", "offset": [5, 22]}, {"key": "of-operation", "type": "clause", "offset": [75, 87]}, {"key": "malware-protection", "type": "clause", "offset": [142, 160]}, {"key": "principle-of-least-privilege", "type": "definition", "offset": [179, 207]}, {"key": "all-accounts", "type": "clause", "offset": [212, 224]}, {"key": "database-services", "type": "clause", "offset": [248, 265]}, {"key": "change-management", "type": "clause", "offset": [274, 291]}, {"key": "management-system", "type": "clause", "offset": [358, 375]}, {"key": "device-management", "type": "clause", "offset": [564, 581]}], "hash": "73507e65599b912521b2b4cc78e7f4bc", "id": 3}, {"size": 2, "snippet": "Applications running within Genesys Cloud were developed and are maintained utilizing industry standard secure coding practices, including peer coding review, security and unit testing, and adherence to secure coding techniques. We use industry standard practices to avoid the inclusion of any program, routine, subroutine, or data (including malicious software or \u201cmalware,\u201d viruses, worms, and Trojan Horses) in applications running within Genesys Cloud.", "samples": [{"hash": "8J663wBta0K", "uri": "/contracts/8J663wBta0K#malware-prevention", "label": "Genesys Cloud Service Agreement", "score": 31.0598258972, "published": true}, {"hash": "8oUXH0z0y9d", "uri": "/contracts/8oUXH0z0y9d#malware-prevention", "label": "Genesys Cloud Service Agreement", "score": 26.0308017731, "published": true}], "snippet_links": [{"key": "secure-coding-practices", "type": "definition", "offset": [104, 127]}, {"key": "security-and", "type": "clause", "offset": [159, 171]}, {"key": "unit-testing", "type": "definition", "offset": [172, 184]}, {"key": "to-secure", "type": "clause", "offset": [200, 209]}, {"key": "industry-standard-practices", "type": "clause", "offset": [236, 263]}, {"key": "inclusion-of", "type": "clause", "offset": [277, 289]}, {"key": "malicious-software", "type": "clause", "offset": [343, 361]}], "hash": "b9c91fb0b30173718768666a908a4bc8", "id": 4}, {"size": 2, "snippet": "9.1. The school understands that malware can be damaging for network security and may enter the network through a variety of means, such as email attachments, social media, malicious websites or removable media controls.\n9.2. The ICT technician will ensure that all school devices have secure malware protection, including regular malware scans.\n9.3. The ICT technician will update malware protection on a termly basis to ensure they are up-to-date and can react to changing threats.\n9.4. Malware protection will also be updated in the event of any attacks to the school\u2019s hardware and software.\n9.5. Filtering of websites, as detailed in section 6 of this policy, will ensure that access to websites with known malware is blocked immediately and reported to the ICT technician.\n9.6. The school will use mail security technology, which will detect and block any malware that is transmitted by email. This will also detect any spam or other messages which are designed to exploit users.\n9.7. The ICT technician will review the mail security technology on a termly basis to ensure it is kept up-to-date and is effective.", "samples": [{"hash": "bvw11MzWLaU", "uri": "/contracts/bvw11MzWLaU#malware-prevention", "label": "Technology Acceptable Use Agreement", "score": 27.7568397522, "published": true}, {"hash": "cq9piHtZsAz", "uri": "/contracts/cq9piHtZsAz#malware-prevention", "label": "Technology Acceptable Use Agreement", "score": 27.6993541718, "published": true}], "snippet_links": [{"key": "security-and", "type": "clause", "offset": [69, 81]}, {"key": "the-network", "type": "definition", "offset": [92, 103]}, {"key": "social-media", "type": "definition", "offset": [159, 171]}, {"key": "removable-media", "type": "definition", "offset": [195, 210]}, {"key": "malware-protection", "type": "clause", "offset": [293, 311]}, {"key": "to-ensure", "type": "clause", "offset": [419, 428]}, {"key": "in-the-event-of", "type": "definition", "offset": [529, 544]}, {"key": "to-the-school", "type": "clause", "offset": [557, 570]}, {"key": "hardware-and-software", "type": "definition", "offset": [573, 594]}, {"key": "in-section-6", "type": "clause", "offset": [636, 648]}, {"key": "this-policy", "type": "definition", "offset": [652, 663]}, {"key": "access-to", "type": "definition", "offset": [682, 691]}, {"key": "the-school-will", "type": "clause", "offset": [784, 799]}, {"key": "security-technology", "type": "definition", "offset": [809, 828]}, {"key": "by-email", "type": "clause", "offset": [890, 898]}, {"key": "other-messages", "type": "definition", "offset": [934, 948]}], "hash": "b8c417754ab0bd6bfe3d88b5e566e053", "id": 5}, {"size": 1, "snippet": "Jostens ensures the installation and regular update of malware detection and repair software to scan systems and media as a precautionary control, or on a routine basis. The scan carried out should include:\na. Scan any files received over networks or via any form of storage medium, for malware before use;\nb. Scan electronic mail attachments and downloads for malware before use; and", "samples": [{"hash": "5v38s1b7KA2", "uri": "/contracts/5v38s1b7KA2#malware-prevention", "label": "Vendor Statement of Compliance Data Privacy and Protection", "score": 28.5725746155, "published": true}], "snippet_links": [{"key": "the-installation", "type": "clause", "offset": [16, 32]}, {"key": "form-of", "type": "clause", "offset": [259, 266]}, {"key": "storage-medium", "type": "definition", "offset": [267, 281]}, {"key": "electronic-mail", "type": "clause", "offset": [315, 330]}], "hash": "a4bb36fc860665ada678287e4a1631fb", "id": 6}, {"size": 1, "snippet": "Insider adopts the principle of least privilege for all accounts running application or database services. Proper change management ensures that only authorized packages are installed via a package management system containing only trusted software, and that software is never installed manually. All Insider employee computers have virus scanners installed and updated definitions sent out from a central device management platform.", "samples": [{"hash": "bf0Il27LTzh", "uri": "/contracts/bf0Il27LTzh#malware-prevention", "label": "Data Processing Addendum", "score": 32.8528022766, "published": true}], "snippet_links": [{"key": "principle-of-least-privilege", "type": "definition", "offset": [19, 47]}, {"key": "all-accounts", "type": "clause", "offset": [52, 64]}, {"key": "database-services", "type": "clause", "offset": [88, 105]}, {"key": "change-management", "type": "clause", "offset": [114, 131]}, {"key": "management-system", "type": "clause", "offset": [198, 215]}, {"key": "device-management", "type": "clause", "offset": [406, 423]}], "hash": "2b8e8016be7e5747124b07524eb03a45", "id": 7}, {"size": 1, "snippet": "The Solution shall block malware pre-execution using the Solution's anti- malware prevention program.", "samples": [{"hash": "1QpPZI8cH2L", "uri": "/contracts/1QpPZI8cH2L#malware-prevention", "label": "Agency Term Contract", "score": 27.6789875031, "published": true}], "snippet_links": [{"key": "the-solution", "type": "clause", "offset": [0, 12]}, {"key": "prevention-program", "type": "definition", "offset": [82, 100]}], "hash": "fc1ab7162da3a35962a6b419fdd6881d", "id": 8}, {"size": 1, "snippet": "Inkit adopts the principle of least privilege for all accounts running application or database services. Proper change management ensures that only authorized packages are installed via a package management system containing only trusted software, and that software is never installed manually. All Inkit employee computers have virus scanners installed and updated definitions sent out from a central device management platform.", "samples": [{"hash": "cTSCLE6CcAe", "uri": "/contracts/cTSCLE6CcAe#malware-prevention", "label": "Data Processing Addendum", "score": 33.6849632263, "published": true}], "snippet_links": [{"key": "principle-of-least-privilege", "type": "definition", "offset": [17, 45]}, {"key": "all-accounts", "type": "clause", "offset": [50, 62]}, {"key": "database-services", "type": "clause", "offset": [86, 103]}, {"key": "change-management", "type": "clause", "offset": [112, 129]}, {"key": "management-system", "type": "clause", "offset": [196, 213]}, {"key": "device-management", "type": "clause", "offset": [402, 419]}], "hash": "dd154546dd5299d371734a05e2b2a5b4", "id": 9}, {"size": 1, "snippet": "Provider will implement detection and prevention controls to protect against malicious software and appropriate user awareness procedures. Provider will keep and update technical controls and must regularly evaluate all systems for the existence of malware.", "samples": [{"hash": "grXN94FwCt9", "uri": "/contracts/grXN94FwCt9#malware-prevention", "label": "Security Exhibit", "score": 25.3682403564, "published": true}], "snippet_links": [{"key": "malicious-software", "type": "clause", "offset": [77, 95]}, {"key": "technical-controls", "type": "clause", "offset": [169, 187]}], "hash": "3d3d3a34354dfbd2d97e0b470778b242", "id": 10}], "next_curs": "ClsSVWoVc35sYXdpbnNpZGVyY29udHJhY3RzcjcLEhZDbGF1c2VTbmlwcGV0R3JvdXBfdjU2IhttYWx3YXJlLXByZXZlbnRpb24jMDAwMDAwMGEMogECZW4YACAA", "clause": {"size": 32, "parents": [["security-program", "Security Program"], ["entire-agreement-conflict", "Entire Agreement; Conflict"], ["final-provisions", "FINAL PROVISIONS"], ["your-users", "Your users"], ["scope-and-purpose-of-data-processing", "Scope and Purpose of Data Processing"]], "children": [], "title": "Malware Prevention", "id": "malware-prevention", "related": [["fire-prevention", "Fire Prevention", "Fire Prevention"], ["fraud-prevention", "Fraud Prevention", "Fraud Prevention"], ["accident-prevention", "ACCIDENT PREVENTION", "ACCIDENT PREVENTION"], ["data-loss-prevention", "Data Loss Prevention", "Data Loss Prevention"], ["accident-prevention-health-and-safety-committee", "Accident Prevention Health and Safety Committee", "Accident Prevention Health and Safety Committee"]], "related_snippets": [], "updated": "2025-07-10T04:27:38+00:00"}, "json": true, "cursor": ""}}