SECURITY PROCESSES If requested by an Authorized User as part the Request for Quote process, Contractor shall complete a Consensus Assessment Initiative Questionnaire (CAIQ) including on an annual basis thereafter, if requested by the Authorized User. The CAIQ is available at Cloud Security Alliance (xxxxx://xxxxxxxxxxxxxxxxxxxxx.xxx/). The CAIQ may be used to assist the Authorized User in building the necessary assessment processes when engaging with Contractors. In addition to a request for a CAIQ, Contractor shall cooperate with all reasonable Authorized User requests for a Written description of Contractor’s physical/virtual security and/or internal control processes. The Authorized User shall have the right to reject any Contractor’s RFQ response or terminate an Authorized User Agreement when such a request has been denied. For example, Federal, State and local regulations and/or laws may require that Contractors operate within the Authorized User’s regulatory environment. In order to ensure that security is adequate and free of gaps in control coverage, the Authorized User may require information from the Contractor’s Service Organization Controls (SOC) audit report.
Security Program Contractor will develop and implement an effective security program for the Project Site, which program shall require the Contractor and subcontractors to take measures for the protection of their tools, materials, equipment, and structures. As between Contractor and Owner, Contractor shall be solely responsible for security against theft of and damage of all tools and equipment of every kind and nature and used in connection with the Work, regardless of by whom owned.
Security Protocols Both parties agree to maintain security protocols that meet industry standards in the transfer or transmission of any data, including ensuring that data may only be viewed or accessed by parties legally allowed to do so. Provider shall maintain all data obtained or generated pursuant to the Service Agreement in a secure digital environment and not copy, reproduce, or transmit data obtained pursuant to the Service Agreement, except as necessary to fulfill the purpose of data requests by LEA.
Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks.
Third Party Products 1. Third Party Hardware. We will sell, deliver, and install onsite the Third Party Hardware, if you have purchased any, for the price set forth in the Investment Summary. Those amounts are payable in accordance with our Invoicing and Payment Policy.
Third Party Products and Services Through its Product(s), Palo Alto Networks may make available to you third-party products or services (“third-party apps”) which contain features designed to interoperate with our Products. To use such features, you must either obtain access to such third-party apps from their respective providers or permit Palo Alto Networks to obtain access on your behalf. All third-party apps are optional and if you choose to utilize such third-party apps:
Custom Products Effective upon creation of Custom Products, Contractor hereby conveys, assigns and transfers to Authorized User the sole and exclusive rights, title and interest in Custom Product(s), whether preliminary, final or otherwise, including all trademark and copyrights. Contractor hereby agrees to take all necessary and appropriate steps to ensure that the Custom Products are protected against unauthorized copying, reproduction and marketing by or through Contractor, its agents, employees, or Subcontractors. Nothing herein shall preclude the Contractor from otherwise using the related or underlying general knowledge, skills, ideas, concepts, techniques and experience developed under a Purchase Order, project definition or work order in the course of Contractor’s business. Authorized User may, by providing written notice thereof to the Contractor, elect in the alternative to take a non-exclusive perpetual license to Custom Products in lieu of Authorized User taking exclusive ownership and title to such Products. In such case, Licensee on behalf of all Authorized Users shall be granted a non-exclusive perpetual license to use, execute, reproduce, display, perform, adapt and distribute Custom Product as necessary to fully effect the general business purpose(s) as stated in paragraph (b)(i)(2), above.
Existing Products 1. Hardware - Title and ownership of Existing Hardware Product shall pass to Authorized User upon Acceptance.
Security Technology When the service is accessed using a supported web browser, Secure Socket Layer (“SSL”), or equivalent technology shall be employed to protect data from unauthorized access. The service security measures shall include server authentication and data encryption. Provider shall host data pursuant to the DPA in an environment using a firewall that is periodically updated according to industry standards.
Product ACCEPTANCE Unless otherwise provided by mutual agreement of the Authorized User and the Contractor, Authorized User(s) shall have thirty (30) days from the date of delivery to accept hardware products and sixty (60) days from the date of delivery to accept all other Product. Where the Contractor is responsible for installation, acceptance shall be from completion of installation. Failure to provide notice of acceptance or rejection or a deficiency statement to the Contractor by the end of the period provided for under this clause constitutes acceptance by the Authorized User(s) as of the expiration of that period. The License Term shall be extended by the time periods allowed for trial use, testing and acceptance unless the Commissioner or Authorized User agrees to accept the Product at completion of trial use. Unless otherwise provided by mutual agreement of the Authorized User and the Contractor, Authorized User shall have the option to run testing on the Product prior to acceptance, such tests and data sets to be specified by User. Where using its own data or tests, Authorized User must have the tests or representative set of data available upon delivery. This demonstration will take the form of a documented installation test, capable of observation by the Authorized User, and shall be made part of the Contractor’s standard documentation. The test data shall remain accessible to the Authorized User after completion of the test. In the event that the documented installation test cannot be completed successfully within the specified acceptance period, and the Contractor or Product is responsible for the delay, Authorized User shall have the option to cancel the order in whole or in part, or to extend the testing period for an additional thirty (30) day increment. Authorized User shall notify Contractor of acceptance upon successful completion of the documented installation test. Such cancellation shall not give rise to any cause of action against the Authorized User for damages, loss of profits, expenses, or other remuneration of any kind. If the Authorized User elects to provide a deficiency statement specifying how the Product fails to meet the specifications within the testing period, Contractor shall have thirty (30) days to correct the deficiency, and the Authorized User shall have an additional sixty (60) days to evaluate the Product as provided herein. If the Product does not meet the specifications at the end of the extended testing period, Authorized User, upon prior written notice to Contractor, may then reject the Product and return all defective Product to Contractor, and Contractor shall refund any monies paid by the Authorized User to Contractor therefor. Costs and liabilities associated with a failure of the Product to perform in accordance with the functionality tests or product specifications during the acceptance period shall be borne fully by Contractor to the extent that said costs or liabilities shall not have been caused by negligent or willful acts or omissions of the Authorized User’s agents or employees. Said costs shall be limited to the amounts set forth in the Limitation of Liability Clause for any liability for costs incurred at the direction or recommendation of Contractor.
