Communications and Operations. Seller shall: (i) perform regular backups sufficient to restore services to Buyer within any agreed upon recovery times (or, if no specific recovery times have been agreed to by the parties, within a commercially reasonable period of time); (ii) encrypt all backup media transported off-site containing Buyer Data; (iii) not transmit, transfer or provide any Buyer Data to any third party, or provide any third party with access to any Buyer Data, without obtaining the prior consent of Buyer; (iv) transfer all Buyer Data via secure, encrypted protocol. Alternatively an encrypted file containing Buyer Data can be transferred without use of an encrypted protocol. (v) when erasing or destroying Buyer Data, employ data destruction procedures that meet or exceed the NIST800-88 standard; (vi) use hard drive encryption for all laptops on which any Buyer Data is stored or that are used by Seller personnel to access any Buyer Data; (vii) maintain up to date malware detection and prevention on Seller’s servers and/or end user platforms that transmit, access, process or store Buyer Data; (viii) maintain a hardened Internet perimeter and secure infrastructure using firewalls, antivirus, anti-malware, intrusion detection systems, and other protection technologies as is commercially reasonable; and (ix) implement regular patch management and system maintenance for all of Seller’s systems that transmit, access, process or store Buyer Data.
Appears in 3 contracts
Sources: Transition Services Agreement (LSC Communications, Inc.), Transition Services Agreement (Donnelley Financial Solutions, Inc.), Transition Services Agreement (LSC Communications, Inc.)