Common use of Management of Authentication Credentials Clause in Contracts

Management of Authentication Credentials. Licensee agrees to ensure that each Authentication Credential is securely maintained and used only by the Authorized User to whom or which the Authentication Credential has been issued. Licensee further agrees to immediately notify ▇▇▇▇▇▇ ▇▇▇ and take immediate steps to disable a previously issued Authentication Credential if (a) an Authorized User ceases to be an Authorized User for any reason, including as a result of such User no longer being employed, retained or used by Licensee, or (b) in the event of any loss, theft or unauthorized disclosure or use of any Authentication Credential. Authentication Credentials shall not be transferred between or among Authorized Users or other individuals or systems, and Licensee shall implement all necessary and appropriate measures to ensure that (i) such transfers do not occur, and (ii) these and all other requirements of this Section 5.5 (including its subsections) are met, including, without limitation, apprising its employees and Independent Contractors with a need to know of the requirements of this Section. ▇▇▇▇▇▇ ▇▇▇ may make available functionality such that Licensee is able to review the systems access available to each of its Authorized Users. To the extent such functionality is available, Licensee shall periodically review the appropriateness of such access and, where a discrepancy is identified, immediately take all measures necessary to correct the discrepancy, including without limitation providing notice to ▇▇▇▇▇▇ ▇▇▇.. ▇▇▇▇▇▇ ▇▇▇ shall be under no obligation to provide access to the Licensed Application to any Authorized User, and expressly reserves the right at any time and from time to time to change and/or revoke Authentication Credentials. Licensee agrees that it shall periodically revoke and/or reset Authentication Credentials as and to the extent prescribed by ▇▇▇▇▇▇ ▇▇▇, but in no event less than: (A) every ninety calendar days for individuals, (B) annually for systems and

Management of Authentication Credentials. Licensee agrees to ensure that each Authentication Credential is securely maintained and used only by the Authorized User to whom or which the Authentication Credential has been issued. Licensee further agrees to immediately notify ▇▇▇▇▇▇ ▇▇▇ and take immediate steps to disable a previously issued Authentication Credential if (a) an Authorized User ceases to be an Authorized User for any reason, including as a result of such User no longer being employed, retained employed or used by Licensee, or (b) in the event of any loss, theft or unauthorized disclosure or use of any Authentication Credential. Authentication Credentials shall not be transferred between or among Authorized Users or other individuals or systems, and Licensee shall implement all necessary and appropriate measures to ensure that (i) such transfers do not occur, and (ii) these and all other requirements of this Section 5.5 (including its subsections) are met, including, without limitation, apprising its employees and Independent Contractors with a need to know of the requirements of this Section. ▇▇▇▇▇▇ ▇▇▇ may make available provide functionality within the Licensed Application or otherwise such that Licensee is able to review the systems access available to each electronically compare its list of its Authorized Users. To the extent Users with such functionality is available, Licensee shall periodically review the appropriateness of such access and, where a discrepancy is identified, immediately take all measures necessary to correct the discrepancy, including without limitation providing notice to list maintained by ▇▇▇▇▇▇ ▇▇▇.. . To the extent such functionality is provided, Licensee shall conduct periodic comparisons of the separately maintained lists, and Licensee shall immediately notify ▇▇▇▇▇▇ ▇▇▇ of any discrepancy revealed by any such comparison. ▇▇▇▇▇▇ ▇▇▇ shall be under no obligation to provide access to the Licensed Application to any Authorized User, and expressly reserves the right at any time and from time to time to change and/or revoke Authentication Credentials. Licensee agrees that it shall periodically revoke and/or reset Authentication Credentials as and to the extent prescribed by ▇▇▇▇▇▇ ▇▇▇, but in no event less than: (A) every ninety calendar days for individuals, (B) annually for systems andand (C) notwithstanding (A), annually for Authentication Credentials issued by a third party.