Operations Security Supplier must enable logging and monitoring on all operating systems, databases, applications, and security and network devices that are involved in providing Deliverables. Supplier will maintain anti-malware controls that are designed to protect systems from malicious software, including malicious software that originates from public networks. In addition, Supplier will use anti-malware software (of Industry Standard or better quality), maintain such software at the then current major release, purchase maintenance & support available from the vendor for such software, and promptly implement new releases and versions of such software.
Protection The Asset Representations Reviewer will take reasonable measures to protect the secrecy of and avoid disclosure and unauthorized use of Confidential Information, including those measures that it takes to protect its own confidential information and not less than a reasonable standard of care. The Asset Representations Reviewer acknowledges that Personally Identifiable Information is also subject to the additional requirements in Section 4.09.