SAFEGUARD STANDARD. Contractor agrees to protect the privacy and security of Protected Information according to all applicable laws and regulations, by commercially-acceptable standards, and no less rigorously than it protects its own confidential information, but in no case less than reasonable care. Contractor shall implement, maintain and use appropriate administrative, technical and physical security measures to preserve the confidentiality, integrity and availability of the Protected Information. All Protected Information that Customer backs up using the Software will be encrypted using 256-bit AES encryption as described in more detail on the Security Addendum. Contractor shall ensure that its security measures are regularly reviewed and revised to address evolving threats and vulnerabilities while Contractor has responsibility for the Protected Information under the terms of this Appendix. In addition, Contractor will ensure compliance with the requirements of ISO27001 and will ensure that its US data centers are SSAE-16 certified. Prior to execution of the Agreement, and periodically thereafter (no more frequently than annually) at the University's request, Contractor will provide assurance, in the form of a third party audit report or other documentation reasonably acceptable to the University, demonstrating that appropriate information security safeguards and controls are in place.
Appears in 4 contracts
Samples: Master Services Agreement, Master Services Agreement, Master Services Agreement
