Software and Data Integrity Clause Samples

Software and Data Integrity. 6.2.9.1 Each Party shall use a comparable degree of care to protect the other Party’s software and data from unauthorized access, additions, changes and deletions as it uses to protect its own similar software and data. This may be accomplished by physical security at the work location and by access control software on the workstation.

Software and Data Integrity. Have current antivirus software installed and running to scan for and promptly remove or quarantine viruses and other malware.

Software and Data Integrity. In environments where antivirus software is commercially available and to the extent practicable, have current antivirus software installed and running to scan for and promptly remove or quarantine viruses and other malware. (Note: For the avoidance of doubt, this requirement also applies to Mobile and Portable Devices where antivirus software is commercially available.) (Scan and Remove Viruses)

Software and Data Integrity. In environments related to the ASP Solution where antivirus software is commercially available and to the extent practicable, have current antivirus software installed and running to scan for and promptly remove or quarantine ****CERTAIN INFORMATION HAS BEEN OMITTED AND FILED SEPARATELY WITH THE COMMISSION. CONFIDENTIAL TREATMENT HAS BEEN REQUESTED WITH RESPECT TO THE OMITTED PORTIONS. viruses and other malware. (Note: For the avoidance of doubt, this requirement also applies to Mobile and Portable Devices where antivirus software is commercially available.) (Scan and Remove Viruses)

Software and Data Integrity. The Supplier must scan for viruses.

Software and Data Integrity. User acknowledges that all software and data, including any data created, stored, obtained, or collected with the software, are susceptible to corruption, errors, and failure and that ▇▇▇▇▇▇▇ Software cannot guarantee that the software or the data will be and will remain free from any such defects. User is responsible for all the software data.

Software and Data Integrity. In environments where antivirus software is commercially available and to the extent practicable, (it being acknowledged that it is not practicable or required where a server merely hosts data for storage or retrieval but, itself, does not have access to such data), have current antivirus software installed and running to scan for and promptly remove or quarantine viruses and other malware. (Note: For the avoidance of doubt, this requirement also applies to Mobile and Portable Devices where antivirus software is commercially available.) Supplier fully complies with this requirement for laptop devices but other portable devices do not employ antivirus software due to usage of compensating control by using containerized software that limits access to the Information .(Scan and Remove Viruses)

Software and Data Integrity. The Supplier shall: 12.1 Have current antivirus and personal firewall software installed and running to scan for and promptly remove or quarantine viruses and other malware. For the avoidance of doubt, this requirement also applies to Mobile and Portable Devices where antivirus software is commercially available. Updates to signatures on anti-virus servers and on individual systems must occur at a minimum, once every 24 hours. 12.2 Separate non-production Information Resources from production Information Resources. 12.3 Use only synthetic or de-identified data in development and test environments. If this is not possible, the Supplier must obtain Subscriber’s written approval to use Subscriber Data and the Supplier warrants and undertakes that such environments have access controls as rigorous as those used in production. 12.4 Have a documented change control process including security impact review and back-out procedures for all production environments. 12.5 For applications which utilize a database that allows modifications to Subscriber Data, the Supplier shall have database transaction logging features enabled and retain database transaction logs for a minimum of twelve (12) months. 12.6 Review such software to find and remediate security vulnerabilities (static code analysis) prior to initial implementation and upon any modifications and updates for all software developed under an agreement with the Supplier. 12.7 Review such software to find and remediate security vulnerabilities (dynamic code analysis) prior to initial implementation and upon any modifications and updates, for all software used, furnished and/or supported under an agreement with the Supplier, where technically feasible. 12.8 Perform quality assurance testing for the security components (e.g., testing of identification, authentication and authorization functions), as well as any other activity designed to validate the security architecture, during initial implementation and upon any modifications and updates. 12.9 if the Supplier is developing an application for Subscriber, ensure that any solution it uses to process Subscriber Data is free of common web application security vulnerabilities as defined by, but not limited to, the OWASP top 10.

Software and Data Integrity. 7.11.1 Each Party shall use a comparable degree of care to protect the other Party’s software and data from unauthorized access, additions, changes and deletions as it uses to protect its own similar software and data. This may be accomplished by physical security at the work location and by access control software on the workstation. 7.11.2 All software or data shall be scanned for viruses before use on a Party’s corporate Facilities that can be accessed through the direct connection or dial up access to OSS interfaces. 7.11.3 Unauthorized use of copyrighted software is prohibited on each Party’s corporate systems that can be accessed through the direct connection or dial up access to OSS Interfaces. 7.11.4 Proprietary software or information (whether electronic or paper) of a Party shall not be given by the other Party to unauthorized individuals. When it is no longer needed, each Party’s proprietary software or information shall be returned by the other Party or disposed of securely. Paper copies shall be shredded. Electronic copies shall be overwritten or degaussed. 7.12 Monitoring and Audit Version: 3Q08 – Two Way Wireless Agreement 07/7/09 7.12.1 To deter unauthorized access events, a warning or no trespassing message will be displayed at the point of initial entry (i.e., network entry or applications with direct entry points). Each Party should have several approved versions of this message. Users should expect to see a warning message similar to this one: