Merge pull request #4044 from newrelic/toobagrrl-patch-2

Made continuity updates

src/content/docs/licenses/license-information/referenced-policies/security-policy.mdx

@@ -9,7 +9,7 @@ redirects:
   - /docs/licenses/license-information/referenced-policies/security-exhibit
 ---
 
-**Updated 16 September 2021.**
+**Updated 23 September 2021.**
 
 The below Security Policy applies only to customers with an existing New Relic agreement in place that explicitly references this Security Policy applying to the Service purchased in an Order. Capitalized terms not defined below shall take on the meaning set forth in such New Relic agreement.
 
@@ -47,7 +47,7 @@ formal, industry-recognized controls frameworks based on an external audit stand
 
 **3.2.** New Relic agrees to provide Customer, upon request, with applicable certifications or reports about New Relic systems. All information exchanged in connection with the audit activities described in this section is deemed to be the Confidential Information of New Relic.
 
-**3.3.** Additional information about New Relic’s security certifications are available on New Relic’s Security Guide.
+**3.3.** Additional information about New Relic’s security certifications are available on New Relic’s [Security Guide](docs/licenses/license-information/referenced-policies/security-guide).
 
 ## 4. Data Control and Encryption
 
@@ -57,7 +57,7 @@ formal, industry-recognized controls frameworks based on an external audit stand
 
 **4.3.** New Relic receives and processes data in accordance with the Agreement and the Services as described in the Documentation. New Relic permits customers to delete personal data in accordance with applicable privacy laws as further described in the Documentation. In the event of error in personal data sent in Customer Data Customers may request personal data deletion and re-send data that is accurate.
 
-**4.4.** Additional information for Customer data control and encryption, including encryption of data at rest, is available on New Relic’s Security Guide.
+**4.4.** Additional information for Customer data control and encryption, including encryption of data at rest, is available on New Relic’s [Security Guide](docs/licenses/license-information/referenced-policies/security-guide).
 
 ## 5. Facilities
 
@@ -73,7 +73,7 @@ formal, industry-recognized controls frameworks based on an external audit stand
 
 **5.2.4** maintain relevant access logs.
 
-**5.3.** Additional information about New Relic’s third party data centers are available on New Relic’s Security Guide.
+**5.3.** Additional information about New Relic’s third party data centers are available on New Relic’s [Security Guide](docs/licenses/license-information/referenced-policies/security-guide).
 
 ## 6. Employee Access, Screening and Controls.
 New Relic will have and maintain policies and practices that include, at a minimum, the following controls and safeguards applied to New Relic employees and contractors who may access Customer Data:
@@ -96,7 +96,7 @@ New Relic will have and maintain policies and practices that include, at a minim
 
 ## 7. Security Incident and Data Breach Response
 
-**7.1.** New Relic will take appropriate physical, technical, and administrative security measures that are commercially reasonable and consistent with industry standards to prevent a Data Breach, and as required by any applicable law or regulation. Without limiting the foregoing, New Relic will implement security measures at least as stringent as those set out in this Addendum.  New Relic will designate a senior representative to provide incident briefings, as needed in case of a Data Breach, and to respond to reasonable requests by Customer pertaining to privacy and data security issues within a commercially reasonable time frame.
+**7.1.** New Relic will take appropriate physical, technical, and administrative security measures that are commercially reasonable and consistent with industry standards to prevent a Data Breach, and as required by any applicable law or regulation. “Data Breach” means the theft, loss, or unauthorized access of Customer Data. Without limiting the foregoing, New Relic will implement security measures at least as stringent as those set out in this Addendum.  New Relic will designate a senior representative to provide incident briefings, as needed in case of a Data Breach, and to respond to reasonable requests by Customer pertaining to privacy and data security issues within a commercially reasonable time frame.
 
 **7.2.** New Relic will:
 
@@ -163,7 +163,7 @@ New Relic will have and maintain the following vulnerability management processe
 
 **12.4.** New Relic will provide Customer with redacted copies of its plan(s) and evidence of tests/reviews upon request, but not more frequently than once annually, and subject to confidentiality requirements.
 
-**12.5.** Additional information for Customer Data control and encryption are available on New Relic’s Security Guide.
+**12.5.** Additional information for Customer Data control and encryption are available on New Relic’s [Security Guide](docs/licenses/license-information/referenced-policies/security-guide).
 
 ## 13. Copies and Removal
 
@@ -175,9 +175,9 @@ New Relic will have and maintain the following vulnerability management processe
 New Relic may use third party vendors to provide the Services. New Relic performs a security risk-based assessment of prospective vendors before working with them to validate they meet New Relic’s security and business continuity standards, including the type of access and classification of data being accessed (if any), controls necessary to protect data, and legal/regulatory requirements. New Relic enters into written agreements with its vendors that process Customer Data which include confidentiality, privacy, and security obligations that provide an appropriate level of protection for Customer Data that these vendors may process for New Relic to maintain the security posture in this Policy, including following industry security standards.
 
 ## 15. Disclosure by Law
-In the event the New Relic is required by law, regulation, or legal process to disclose any Customer Data, New Relic will (a) give Customer, to the extent possible, reasonable advance notice prior to disclosure so Customer may contest the disclosure or seek a protective order, and (b) reasonably limit the disclosure to the minimum amount that is legally required to be disclosed. New Relic publishes its law enforcement requests report on New Relic’s Security Guide.
+In the event the New Relic is required by law, regulation, or legal process to disclose any Customer Data, New Relic will (a) give Customer, to the extent possible, reasonable advance notice prior to disclosure so Customer may contest the disclosure or seek a protective order, and (b) reasonably limit the disclosure to the minimum amount that is legally required to be disclosed. New Relic publishes its law enforcement requests report on New Relic’s [Security Guide](docs/licenses/license-information/referenced-policies/security-guide).
 
 ## 16. Updates
 As New Relic releases new products, services, functionality, and features, New Relic may update this Policy to account for such products, services, functionality, and features.
 
-For additional information, see our [security guide](docs/licenses/license-information/referenced-policies/security-guide).
+For additional information, see our [Security Guide](docs/licenses/license-information/referenced-policies/security-guide).