Maintaining a Secure Environment Clause Samples

Maintaining a Secure Environment. Access to Company facilities must be controlled, e.g., by electronic systems, security guards, receptionists or closed-circuit cameras at all entrances, visitor controls, and delivery truck/driver controls. The Company’s current card access and visitor control systems must satisfy the above requirements. Intuit must be notified of proposed changes to the Company’s current policies and practices with regard to facility access. All incoming supplies of goods and materials that may potentially affect Intuit Materials must be checked for compliance with production orders and shipping manifests and appropriate action taken if these supplies are not compliant. Intuit may, from time to time, advise Company of recent security threats that have come to its attention, and require Company, at Intuit’s sole expense, to implement specific modifications to its policies or procedures that may be necessary to counter these threats. Company must implement these modifications within a mutually-agreeable time, or must obtain written permission from Intuit to take some other course of action to ensure that the security of Intuit’s materials/packages is preserved. Notwithstanding the minimum standards set forth in this Agreement, Company must monitor and periodically incorporate reasonable direct mail industry-standard security safeguards. No scrap, overruns, nor returned Intuit Materials can be destroyed or disposed of without the pre-approval of Intuit. The Company’s current practices for shredding and/or disposal of all scrap, overruns, and returned material are considered satisfactory for this requirement and this agreement serves as pre-approval for the use of these practices for the destruction and disposition of all Intuit materials. The Company’s current manufacturing processes and procedures are considered sufficient to limit dust resulting from production operations in Intuit Materials.

Maintaining a Secure Environment. 1. To protect the accuracy and integrity of Confidential Information, all such data must be backed up regularly (no less often than weekly), and the backups stored in secure, environmentally-controlled, limited-access facilities. 2. Company must promptly install any security-related fixes identified by its hardware or software vendors, if the security threat being addressed by the fix is one that threatens the privacy or integrity of any Confidential Information covered by this Agreement. Such upgrades must be made as soon as they can safely be installed and integrated into Company’s existing architecture and systems. 3. Intuit may, from time to time, advise Company of recent security threats that have come to its attention, and require Company to implement specific modifications to its software, policies, or procedures that may be necessary to counter these threats. Company must implement these modifications within a mutually-agreeable time, or must obtain written permission from Intuit to take some other course of action to ensure that the privacy and integrity of any Confidential Information is preserved. 4. Company must immediately notify Intuit if it knows or suspects that Confidential Information has been compromised or disclosed to unauthorized persons, or if there has been any meaningful or substantial deviation from the requirements contained in the Agreement or this Exhibit. See Section F for contact information. 5. Notwithstanding the minimum standards set forth in this Exhibit, Company should monitor and periodically incorporate reasonable industry-standard security safeguards.

Maintaining a Secure Environment. 1. To protect the accuracy and integrity of Confidential Information, all such data must be backed up regularly (no less often than weekly), and the backups stored in secure, environmentally-controlled, limited-access facilities. 2. Company must run internal and external network vulnerability scans at least monthly and after any change in the network configuration (e.g., new system component installations, changes in network topology, firewall rule modifications, or product upgrades). 3. Company must promptly install any security-related fixes identified by its hardware or software Suppliers, if the security threat being addressed by the fix is one that threatens the privacy or integrity of any Confidential Information covered by this Agreement. Such upgrades must be made as soon as they can safely be installed and integrated into Company’s existing architecture and systems. 4. Intuit may, from time to time, advise Company of recent security threats that have come to its attention, and require Company to implement specific modifications to its software, policies, or procedures that may be necessary to counter these threats. Company must implement these modifications within a mutually-agreeable time, or must obtain written permission from Intuit to take some other course of action to ensure that the privacy and integrity of any Confidential Information is preserved. 5. Company must immediately notify Intuit if it knows or suspects that Confidential Information has been compromised or disclosed to unauthorized persons, or if there has been any meaningful or substantial deviation from the requirements contained in the Agreement or this Exhibit. See Section F for contact information. Company agrees that Intuit shall have the right to control and direct any response and / or correction of any such compromise or disclosure. 6. Notwithstanding the minimum standards set forth in this Exhibit, Company should monitor and periodically incorporate reasonable industry-standard security safeguards.

Maintaining a Secure Environment. 1. To protect the accuracy and integrity of Confidential Information, all such data must be backed up regularly (no less often than weekly), and the backups stored in secure, environmentally-controlled, limited-access facilities. 2. Contractor must promptly install any security-related fixes identified by its hardware or software vendors, if the security threat being addressed by the fix is one that threatens the privacy or integrity of any Confidential Information covered by this Agreement. Such upgrades must be made as soon as they can safely be installed and integrated into Contractor’s existing architecture and systems. 3. Intuit may, from time to time, advise Contractor of recent security threats that have come to its attention, and require Contractor to implement specific modifications to its software, policies, or procedures that may be necessary to counter these threats at Intuit’s cost. Contractor must implement these modifications within a mutually-agreeable time, or must obtain written permission from Intuit to take some other course of action to ensure that the privacy and integrity of any Confidential Information is preserved. 4. Contractor must immediately notify Intuit if it knows or suspects that Confidential Information has been compromised or disclosed to unauthorized persons, or if there has been any meaningful or substantial deviation from the requirements contained in the Agreement or this Exhibit. See Section F for contact information. 5. Notwithstanding the minimum standards set forth in this Exhibit, Contractor should monitor and periodically incorporate reasonable industry-standard security safeguards.