HomeMy WebLinkAboutLexisNexis Risk Solutions FL Inc Single Sign-on Addendum 6-6-2023 r
3/31/23
SINGLE SIGN-ON ADDENDUM
L
This Single Sign-On ("SSO") Addendum (the "Addendum") is effective as of��t,f1]� 20`g7�
_ (the "Addendum Effective Date") and is entered into by and between LexisNexis Risk
Solutions FL Inc. and its Affiliates (hereinafter, "LN"), with its End-User place of business
located at 1000 Alderman Drive, Alpharetta, Georgia 30005 and Fresno Police Department
through the City of Fresno (hereinafter, "Customer"), with its End-User place of business
located at 2323 Mariposa Street Fresno CA 93721, each individually referred to as the
"Party" and collectively as the "Parties."
WHEREAS, the Parties entered into that certain Agreement, dated Jl.khN,_ , 202,E (the
"Agreement");
WHEREAS, the Parties agree to add this Addendum to the Agreement; and
WHEREAS, Customer receives certain LN Services in the U.S. from LN under the Agreement
that involve electronic communication, transmissions and file transfers between LN and
Customer via internet or similar computerized means; and
WHEREAS, Customer requests LN to allow Customer's End-Users to access certain LN
Services using SSO capabilities (as further defined herein) to be managed by the Customer,
and
WHEREAS, LN agrees to allow the use of SSO by the Customer, strictly in accordance with the
terms and conditions of this Addendum and the Agreement.
NOW, THEREFORE, in accordance with the requirements of the Agreement, the Parties, for
good and valuable consideration, the receipt and sufficiency of which is hereby acknowledged,
do agree to add to the Agreement as follows:
1. Definitions.
a. "End-User" shall mean the actual authenticated user accessing the LN Services through
the Customer's Identity Provider Platform via LN SSO capabilities managed by the
Customer.
b. "End-User ID" shall mean the access identification used by an End-User to access the
SSO capabilities through the Customer's Identity Provider Platform.
c. "Identity Provider Platform" shall mean Customer's host platform which requests
service from LN and passes LN Authenticated End-Users.
d. "LN Services" shall mean those LN Services accessible via SSO as provided by LN to
Customer under the Agreement.
ADDM_SSO(Q4.16.v1)& Confidential 1 of 5
e. "Single Sign-On"or"SSO" shall mean the ability for an Authenticated End-User to access
the LN Services using the End-User ID asserted by the identity provider platform.
2. Customer Obligations. In the event Customer requests and receives permission to use
SSO from LN, Customer agrees to work with the LN Product Delivery Consultants (PDC) to
schedule implementation and:
a. Authentication of End-Users:
i. Authenticate an End-User that uses or accesses to Customer's networks and systems
according to a high level of assurance; and
ii. Provide an assertion to LN to denote that the End-User has been authenticated
according to a high level of assurance.
b. Ensure that all End-Users who are permitted access to the LN Services have been
properly authenticated using the SSO capabilities set forth herein.
c. Ensure that all End-Users use the LN Services that are accessed via SSO in accordance
with all of the terms and conditions of the Agreement.
d. Ensure End-User IDs are unique and constant for a given End-User and not reused.
e. Certify that the End-User can, and will, access the LN Services from the Customer's
internal corporate network and that the SSO is applied to End-User's access to such
internal corporate network prior to permitting access to the LN Services.
f. Certify that if the SSO capability is ever made accessible from outside of Customer's
internal corporate network subsequent to this Addendum being executed, that Customer
will thoroughly describe the nature of the access to LN and will seek written permission
from LN to use the capability described rigor to allowing access to the LN Services. In this
case, Customer certifies that the SSO capability requires strong authentication. Strong
authentication includes only the following options, unless separately approved in writing
by LN:
i. Certificate based authentication;
ii. One-time use token authentication (e.g. RSA SecurlD); or
iii. Out-of-band machine authentication (e.g. PhoneFactor or similar).
g. Track, at all times, the specific End-User originating each SSO transaction and, if
requested by LN, provide LN with information regarding the identity of the originating End-
User for such transaction and the purpose for which such transaction was ordered, within
twenty-four(24) hours of receipt of LN's request.
a. Failure to provide LN with such requested information within twenty-four (24) hours of
receiving LN's written request, LN may deny Customer access to all LN Services (by
suspending access at the account number level) until Customer has complied with
the foregoing.
ADDM_SSO(Q4.16.v1)& Confidential 2 of 5
h. To cooperate with any End-User ID suspensions and/or terminations requested by LN in
accordance with the Agreement.
i. Certify, in writing, the date and time of the suspension or termination once access has
been revoked, if LN requests an End-User ID suspension or termination.
j. Be solely liable for the acts or omissions of the End-Users, including, but not limited to,
unauthorized access to, receipt of, and/or use of the LN Services. Customer
acknowledges that LN is justifiably relying on Customer to ensure that the SSO capabilities
employed by Customer are strong enough to ensure that the End-Users have been
authenticated at the highest level of assurance.
k. Without limiting or modifying any of the indemnification obligations set forth in the
Agreement, Customer (the "Indemnifying Party") shall indemnify, defend and hold
harmless LN, its affiliates, and their respective officers, directors, employees, and agents
(the "Indemnified Parties") against and from losses, liabilities, damages, actions, claims,
demands, settlements,judgments, and any other expense including, reasonable attorneys'
fees, which are asserted against the Generally Indemnified Party(ies) by third parties,
arising out of(i) Customer's failure to comply with its obligations with respect to the use of
the SSO capabilities set forth herein; (ii) the acts or omissions of the End-Users in using
the LN Services; or (iii) a) End-User's unauthorized use or disclosure of the LN Services;
b) a third party's unauthorized access to, use or disclosure of the LN Services when such
third party obtains access to the LN Services through the SSO capability, or c) LN's
reliance upon and acts in accordance with any such instructions, guidelines, or information
provided to LN by Customer, including access through the SSO capability, under this
Addendum, provided that the Indemnified Party(ies) notify the Indemnifying Party promptly
of any such claims or suits. The Indemnifying Party shall have the right to conduct the
defense of any such demand, claim or action and all negotiations for settlement or
compromise, unless otherwise mutually agreed to in writing by the Parties hereto.
However, the Indemnified Party(ies), shall have the right to participate, at its own expense,
in the defense of any such demand, claim or action through counsel of its choosing.
I. Acknowledge that permission to utilize SSO does not relieve Customer of any other access
requirements implemented by LN to ensure the security of the access to the LN Services.
Customer agrees that it will comply with any other reasonable requirements that LN
requires in order to allow the use of the SSO capabilities.
3. The Parties intend that the terms and conditions of this Addendum are incorporated into and
made a part of the Agreement. This Addendum, together with the Agreement, constitutes the
entire agreement between the Parties on the subject matter contained herein and therein.
Except as modified by this Addendum, the Agreement shall otherwise remain in full force and
effect.
4. All capitalized terms used herein but not defined in this Addendum shall have the meanings
ascribed to them in the Agreement. If any provision of this Addendum or the application of
any such provision shall be held contrary to law, the remaining provisions shall remain in full
ADDM_SSO(Q4.16A)& Confidential 3 of 5
force and effect. In the event of a conflict between the terms of the Agreement and this
Addendum, this Addendum shall prevail solely as to the subject matter herein. This
Addendum may be executed by any legally permissible means, including electronic means
(i.e., PDF or facsimile).
5. Term
The SSO Addendum terms herein shall remain in effect for any mutually agreed upon LN
Service(s) until terminated by either Party per the terms of the Agreement. For any LN
Service(s) Customer continues to utilize after terminating SSO access, the following shall
apply:
a. Customer agrees to cooperate with LN and to pay all costs and/or fees associated with
terminating the SSO access for any affected LN Service that Customer continues to use
without SSO access.
b. Prior to terminating the SSO Addendum terms for the affected LN Service(s), Customer
and LN shall implement mutually agreeable alternative identity management methods and
procedures for the affected LN Services.
IN WITNESS WHEREOF, the authorized representative of the Customer has duly
executed and delivered this Addendum effective as of the Addendum Effective Date.
CUSTOMER
F
(S1?XC'6
ature of Authorized Representative)
—�>XLA>`r-V-AKA
(Name — Please Print)
(Title) (Date)
ADDM_SSO(Q4.16A)& Confidential 4 of 5
CITY OF FRESNO,
A California municipal corporation
By:
GEOR ANNE A. WHITE
CITY MANAGER
APPROVED AS TO FORM:
ANDREW JANZ
City Attorney
By:
Y
Y:
Date 24 Z3
Supv./Senior Deputy City Attorney
ATTEST:
TODD STERMER, CMC
City Clerk
By: 6 -6 -Z-bZ.3
Date
Deputy
ADDM_SSO(Q4.16.v1) Confidential 5 of 5