This Service Definitions document defines the product line items on your Proposal and Managed IT Service Agreement invoice. As you review these definitions, you will note that some mention specific partners while others do not. While we are happy to share our entire partner list, we reserve the right to change partners as needed. We strive to provide our clients with best-in-class services, which may require changing our partnerships occasionally.
The services are broken down into three areas as follows:
- Managed Services Site Fee
The site services fee covers IT services dedicated to a business's physical or virtual infrastructure rather than individual users or computers. These services include infrastructure management, network security, server maintenance, and site-wide software deployment. They are essential for ensuring the entire site operates efficiently and provides a secure and stable environment for all technology-related activities within the physical premises. - Managed Services Computer Fee
The computer fee covers IT services dedicated to a specific computer rather than an entire site or specific user. These services include monitoring and managing computers' security, health, and performance. - Managed Services User Fee
The user fee covers IT services dedicated to a specific user rather than an entire site or specific computer. These services include user account and group management and support for users regardless of their network device.
Service Definitions
Vendor Management – the process of overseeing and coordinating the relationships with external third-party vendors who provide services to a company, ensuring they meet the organization’s standards, deliver quality service, and comply with contractual agreements, all while optimizing costs and minimizing risks, essentially, it’s about selecting, managing, and monitoring the performance of vendors that contribute to the success of our client’s business.
Managed Firewall – taking full responsibility for configuring, monitoring, updating, and maintaining a company’s firewall infrastructure, ensuring its optimal security by proactively identifying and addressing potential threats, all without the need for in-house IT staff to manage it directly; essentially outsourcing firewall security management to your IT service provider.
SIEM - Threat Monitoring – A Security Information and Event Management (SIEM) system can significantly enhance an organization's network security by gathering security data from various sources, including firewalls, intrusion detection systems (IDS), servers, other network devices, and software. They then analyze this data to identify patterns, anomalies, and incidents. SIEM systems can detect suspicious activities using event correlation and signature-based detection techniques. Additionally, they prioritize the most critical issues and alert security analysts for prompt action. Moreover, SIEM systems assist in optimizing firewall rules or creating new ones, thereby fortifying the overall network security.
SIEM Threat Monitoring is applied per network device including servers, workstations, routers, switches, and applicable software application including Keeper Password Manager, DUO MFA, and others. It is also applied to each Microsoft 365 Mailbox.
Managed Server – Server management is a comprehensive process that involves maintaining and overseeing the operation of a company’s servers. This includes tasks such as monitoring performance, applying security updates, managing backups, and ensuring optimal functionality. Key aspects of server management in a managed IT service include continuous monitoring and alerting of server health metrics like CPU usage, memory, disk space, network connectivity, and system logs to identify potential issues before they impact operations. It also involves proactively applying software updates and security patches to maintain the latest security standards and prevent vulnerabilities. Robust backup and recovery strategies are implemented to ensure critical data can be restored quickly in case of system failures or data corruption. Security management is crucial, involving configuring firewalls, managing user access controls, and implementing security protocols to protect servers from unauthorized access and cyber threats. Performance optimization is achieved by analyzing server performance metrics to identify bottlenecks and implementing optimizations to improve response times and overall system efficiency. Additionally, proactive hardware management ensures server hardware health through preventative maintenance and timely replacement of failing components.
Remote Monitoring & Management (RMM) Agent – Provides remote oversight and maintenance of IT infrastructure such as servers, workstations, and networked devices. The RMM agent continuously monitors the health and performance of these assets, tracking metrics like CPU usage, memory utilization, and network connectivity. They automate routine maintenance tasks, including software updates and patch management, ensuring devices remain secure and up-to-date. Additionally, RMM solutions manage security settings, monitor for threats, and provide automated responses to mitigate risks. They integrate with backup solutions to ensure critical data is regularly backed up and can be quickly restored if needed. By analyzing performance data, RMM tools optimize system efficiency and reliability. They also enable remote support, allowing IT service providers to troubleshoot and resolve issues without on-site visits.
Advanced Threat Protection – Advanced threat protection distinguishes itself from other antivirus software through its cloud-based protection, allowing quick threat detection and minimal impact on device performance. Its lightweight installation is ideal for devices with limited storage. Advanced threat protection's real-time threat detection and behavioral analysis proactively identify and neutralize new threats, ensuring robust security. Additionally, its minimal system impact means users can enjoy strong protection without noticeable slowdowns, making it an efficient and effective choice for cybersecurity.
Endpoint Detection & Response Agent – Endpoint Detection and Response (EDR) is a cybersecurity technology focused on detecting, investigating, and responding to suspicious activities and threats on endpoints, such as computers and mobile devices. EDR solutions provide continuous monitoring and analysis of endpoint data to identify potential security incidents. They offer threat detection, incident response, and remediation tools, helping organizations quickly address and mitigate cyber threats to protect their systems and data.
Zero Trust Threat Agent – This cybersecurity solution focuses on application whitelisting and ringfencing to enhance endpoint security. It allows organizations to control which applications can run on their systems, blocking unauthorized software and preventing malicious activities. Defining strict policies and monitoring application behavior helps protect against ransomware, zero-day attacks, and other threats, ensuring a secure and controlled IT environment.
Managed Server Backup – Managed server backup handles the backup and recovery of a company's server data. This includes regularly scheduled backups, monitoring the backup process, and ensuring data can be quickly restored in case of data loss or system failure. The backup process works by storing an image of the server on a local device (see BDR) and replicating a copy of that image offsite at a secure location. The image is updated every hour ensuring the most recent changes are protected. Data is retained for a period of one year. In the event of an emergency, data will be restored from the BDR. In the event of a flood, fire, or other event which caused the BDR to become unavailable data can be restored from the offsite location. The service ensures that critical business information is securely stored and easily retrievable, allowing businesses to focus on their core operations without worrying about data protection.
Backup & Disaster Recovery (BDR) Device – A BDR appliance is a special computer that keeps a copy of your data on-site. If your main server has a problem or is unavailable, the BDR device will stand in as your server until that problem is corrected. The BDR is essential to seamless business continuity and a key component of a successful disaster recovery plan.
Software Patching – Software patching is the process of updating software to fix bugs, enhance security, and improve performance. For Microsoft products like Windows and Office, this involves regularly releasing updates through Windows Update to address security vulnerabilities, resolve issues, and add new features. Third-party software developed by companies other than Microsoft also requires patching to fix problems, enhance functionality, and ensure security, with updates managed through various tools and platforms. Additionally, hardware components such as printers, routers, and graphics cards need firmware or driver updates to maintain compatibility with new software, fix bugs, and improve performance and security. Overall, software patching is essential for maintaining software and hardware systems' security, stability, and performance.
Domain Management – Domain management involves overseeing various technical aspects that ensure your website and email systems run smoothly and securely. This includes managing DNS (Domain Name System), which translates your website’s name into an IP address that computers can understand. It also involves setting up DMARC (Domain-based Message Authentication, Reporting & Conformance), DKIM (DomainKeys Identified Mail), and SPF (Sender Policy Framework). These email authentication protocols help protect your domain from being used for spam or phishing attacks. Domain management ensures that your website is accessible and that your emails are secure and trustworthy.
Managed Access Control – Managed access control is about deciding who in a company can access specific data and resources, like email, remote systems, and files. Employees are grouped based on their roles: technical staff, clerical workers, HR, admin, and finance. These groups and their access rights are listed in an Access Control List (ACL), a document showing how IT resources are set up to control who can access what. This helps ensure that only authorized people can access sensitive information and systems.
Cybersecurity Audit – Quarterly penetration testing, or pen testing, is conducted to maintain the security of information systems by identifying and addressing vulnerabilities before malicious actors can exploit them. By simulating real-world cyber attacks, these tests help uncover system defenses' weaknesses, such as software bugs, configuration errors, or other security gaps. Regularly performing these tests every quarter ensures that any new vulnerabilities introduced by updates or changes to the system are promptly detected and mitigated. This proactive approach helps organizations avoid potential threats, ensuring their information systems remain secure and resilient against cyber attacks.
Compliance Policy Package – Compliance policies are essential for protecting sensitive information and ensuring the safety of individuals by setting clear rules and expectations for behavior. They help organizations adhere to industry standards and regulatory requirements such as PCI, HIPAA, DFARS, FINRA, and others, reducing the risk of legal and financial repercussions. Effective compliance policies are integral to managing cybersecurity risks, providing a structured approach to identifying, assessing, and mitigating threats. They support robust organizational governance by integrating security into strategic and daily operations, vital for protecting assets and achieving mission goals. Additionally, organizations can implement standardized security and privacy controls by following established frameworks like NIST SP 800-53, ensuring a consistent approach to safeguarding information systems and enhancing overall security posture. These points underscore the importance of compliance policies in creating a secure, resilient, and legally compliant organizational environment.
Managed Network Printer – Managing network printers is essential for maintaining centralized control, simplifying monitoring, and troubleshooting across multiple devices. It enhances security by allowing you to implement measures like user authentication and data encryption, protecting sensitive information. Additionally, it helps reduce costs by optimizing resource use and minimizing waste. Efficient management ensures printers are always available and functioning correctly, boosting productivity. It also offers user convenience, as employees can access printers from various locations. Lastly, it promotes eco-friendly practices, reducing the environmental impact. Overall, managing network printers streamlines operations enhances security, and improves cost efficiency.
Managed Network Switch – Managing a network switch is crucial for ensuring your network's efficient and secure operation. It allows you to control and optimize data traffic, reducing congestion and improving overall network performance. Proper management helps identify and resolve issues quickly, minimizing downtime and maintaining productivity. It also enhances security by enabling you to monitor and restrict unauthorized access, protecting sensitive information. Additionally, managing a network switch can help scale your network infrastructure smoothly as your organization grows. Effective switch management ensures a reliable, secure, and high-performing network environment.
Managed Wireless Access Point – Managing a wireless network is essential for ensuring a reliable and secure wireless network. It allows you to optimize coverage and performance, reducing dead zones and improving user connectivity. Proper management helps monitor network traffic and identify potential issues, ensuring quick resolution and minimal downtime. It also enhances security by enabling strong encryption, controlling access, and detecting unauthorized devices. Additionally, managing access points supports scalability, allowing your network to grow seamlessly with your organization. It also allows you to provide wireless internet access to vendors and guests without fearing compromising the business wireless network. Effective management ensures a high-performing, secure, and user-friendly wireless network environment.
Managed Network Device – Managing IoT devices is crucial for maintaining a secure and efficient network. It allows you to monitor and control various connected devices, ensuring they operate correctly and securely. Proper management helps identify and mitigate potential security vulnerabilities, protecting sensitive data from unauthorized access. It also enables you to optimize device performance, ensuring they function efficiently and reliably. Additionally, managing IoT devices supports scalability, allowing your network to grow and adapt as new devices are added. Overall, effective IoT device management ensures a secure, reliable, scalable network environment, enhancing operational efficiency and security.
Microsoft 365 Business Standard - A comprehensive productivity suite for small to medium-sized businesses. It includes desktop, web, and mobile versions of popular Office applications like Word, Excel, PowerPoint, and Outlook. Users also get business-class email with a custom domain, 1TB of OneDrive cloud storage per user, and access to collaboration tools such as Microsoft Teams, SharePoint, and Exchange. Additionally, it supports up to 300 users and offers features like online meetings, webinars, and advanced security measures to protect sensitive information. This plan helps businesses enhance productivity, streamline communication, and ensure data security.
Advanced Email Threat Protection - Advanced Email Threat Protection (AETP) is a comprehensive security solution designed to safeguard email communications from various threats. It employs multi-layered filtering to automatically block malicious emails, including phishing, impersonation, malware, ransomware, and spam while allowing legitimate emails to pass through. To enhance security, AETP features advanced link protection, attachment sandboxing, and message retraction. It also includes real-time threat analysis and continuous updates to defend against emerging threats. With an intuitive interface and customizable settings, AETP ensures robust email security, helping organizations maintain productivity and protect sensitive information.
Email Encryption - Advanced Email Encryption is a security solution that automatically scans the content of all outbound emails and encrypts or quarantines them based on predefined policies. This ensures that sensitive information is protected and only accessible to intended recipients. This approach enhances security by preventing unauthorized access and simplifies compliance with regulations such as HIPAA and FINRA.
Microsoft 365 Business Backup - A comprehensive cloud-to-cloud backup solution that protects business-critical data stored in SaaS applications like Microsoft 365. It provides automated daily backups of email, SharePoint, OneDrive, and Teams with unlimited storage and retention, ensuring that data can be recovered anytime. This service helps maintain business continuity by safeguarding against accidental data loss, malicious attacks, and system failures. M365 Backup also supports compliance with regulations such as GDPR and HIPAA by offering secure, redundant storage and robust data protection measures. It ensures that organizations can quickly restore their data and continue operations smoothly during a disruption.
Microsoft Entra P1 - Microsoft Entra P1, formerly known as Azure Active Directory P1, is a comprehensive identity and access management solution. It provides essential features for managing user identities and securing access to resources. Key capabilities include conditional access, which allows you to enforce policies based on user and device conditions, and multi-factor authentication (MFA) to enhance security. P1 also supports advanced group management, dynamic groups, and self-service password reset, making managing user access easier and improving productivity. This solution is available as a standalone product or with Microsoft 365 E3 and Business Premium packages.
SSLVPN Remote Access - SonicWall's SSL VPN remote access solution provides remote users with secure and easy access to internal network resources. It utilizes the SonicWall NetExtender client, which allows users to connect securely to the company network and access applications, upload and download files, and mount network drives as if they were on the local network. This solution supports various devices, including Windows, Linux, iOS, macOS, Android, and Chrome OS, ensuring broad compatibility. SonicWall's SSL VPN also offers robust security features, such as user authentication and data encryption, to protect sensitive information and maintain network integrity. Overall, it delivers a seamless and secure remote access experience, enhancing productivity and security for remote work environments.
Cybersecurity Awareness Training - The BSN (Breach Secure Now) platform, is a comprehensive security solution designed to enhance cybersecurity awareness and compliance. It offers continuous monitoring and real-time management of security risks, focusing on the human element of security. Key features include dark web monitoring, automated phishing simulations, and ongoing security training. The platform also provides an Employee Vulnerability Assessment (EVA) dashboard, which tracks and improves employee security behavior through metrics and friendly competition. This holistic approach helps organizations strengthen their weakest links and maintain a robust security posture.
Password Manager - Keeper Enterprise is a robust password and secret management solution to protect organizations from data breaches and cyber threats. It employs a zero-trust and zero-knowledge security architecture, ensuring only authorized users can access sensitive information. The platform provides comprehensive visibility, control, and compliance, integrating seamlessly with existing IT infrastructure, including SIEM, MFA, and identity management systems. Keeper Enterprise offers advanced features such as record-level encryption, multi-factor authentication, and secure file storage. Credentials can be shared across the organization on a need-to-know basis making access to secure resources more efficient and safe. It also supports automated provisioning and detailed reporting, making it easy to manage and secure credentials across the entire organization.
Managed Workstation Backup - Managed workstation backup handles the backup and recovery of a company's workstation data. This includes regularly scheduled backups, monitoring the backup process, and ensuring data can be quickly restored in case of data loss or system failure. The backup process works by replicating a complete image of the workstation offsite at a secure location. The image is updated every two hours ensuring the most recent changes are protected. Data is retained for a period of ninety days ensuring accidentally deleted files can be recovered. The entire workstation can be restored from the offsite location in an emergency. The service ensures that critical business information is securely stored and easily retrievable, allowing businesses to focus on their core operations without worrying about data protection.
Dark Web Monitoring - The Dark Web is a hidden part of the internet that is not indexed by traditional search engines and requires special software, such as Tor (The Onion Router), to access. While it hosts legitimate content and supports privacy-focused communication, it is also known for harboring illicit activities, including the sale of stolen data, credentials, and other cybercriminal services. Dark Web Monitoring is a cybersecurity service that continuously scans the Dark Web for your organization's sensitive information-such as email addresses, passwords, financial data, and intellectual property-that may have been exposed or stolen.
Managed Deep Packet Inspection of Secure Socket Layer
In today's digital environment, the majority of internet traffic is encrypted to protect sensitive data. While this encryption is essential for privacy, it also creates a blind spot for traditional security tools, which can no longer inspect the contents of that traffic for threats.
Our DPI-SSL service solves this problem by enabling secure, real-time inspection of encrypted data. It works by temporarily decrypting the traffic, scanning it for malware, data leaks, or unauthorized access attempts, and then re-encrypting it before it continues to its destination. This process is seamless and secure, ensuring that your data remains protected while allowing us to detect and block potential threats that would otherwise go unnoticed.
By implementing DPI-SSL, we help your organization maintain a strong security posture without compromising performance or user privacy. It's an essential layer of defense in a world where cyber threats are increasingly hidden within encrypted channels.
