Common use of Security Program Requirements Clause in Contracts

Security Program Requirements. Axcient will maintain a security program that contains organisational, technical, and physical safeguards appropriate to the complexity, nature, and scope of its activities. Axcient’s security program shall be appropriate to the risks that are presented by the processing and designed to protect the security and confidentiality of Customer Data against unlawful or accidental access to, or unauthorized processing, disclosure, destruction, damage or loss of Customer Data. At a minimum, Axcient’s security program shall include: (a) limiting access of Customer Data to Authorized Persons; (b) managing authentication and access controls of the system components that provide the services, back-up systems, operating systems, storage media and computing equipment (excluding Bring Your Own Device (BYOD) equipment of personnel of Customer, its Affiliates or its contractors); (c) implementing network, application, database, and platform security; (d) means for securing information transmission, storage, and disposal within Axcient’s possession or control; (e) means for encrypting Customer Data stored on media within Axcient’s possession or control by using modern acceptable ▇▇▇▇▇▇▇ and key lengths, including backup media; (f) means for encrypting Customer Data transmitted by Axcient over public or wireless networks by using modern acceptable ▇▇▇▇▇▇▇ and key lengths; and (g) means for keeping firewalls, routers, servers, personal computers, and all other resources current with appropriate security-specific system patches.

Security Program Requirements. Axcient Axcient/eFolder will maintain a security program that contains organisationaladministrative, technical, and physical safeguards appropriate to the complexity, nature, and scope of its activities. Axcient/eFolder’s security program shall be appropriate to the risks that are presented by the processing and designed to protect the security and confidentiality of Customer Data against unlawful or accidental access to, or unauthorized processing, disclosure, destruction, damage or loss of Customer Data. At a minimum, Axcient/eFolder’s security program shall include: (a) limiting access of Customer Data to Authorized Persons; (b) managing authentication and access controls of the system components that provide the services, back-up systems, operating systems, storage media and computing equipment (excluding Bring Your Own Device (BYOD) equipment of personnel of Customer, its Affiliates or its contractors); (c) implementing network, application, database, and platform security; (d) means for securing information transmission, storage, and disposal within Axcient/eFolder’s possession or control; (e) means for encrypting Customer Data stored on media within Axcient/eFolder’s possession or control by using modern acceptable ▇▇▇▇▇▇▇ and key lengths, including backup media; (f) means for encrypting Customer Data transmitted by Axcient Axcient/eFolder over public or wireless networks by using modern acceptable ▇▇▇▇▇▇▇ and key lengths; and (g) means for keeping firewalls, routers, servers, personal computers, and all other resources current with appropriate security-specific system patches.