Minimum Compliance Standards:
-
All servers and workstations with Microsoft Windows, Linux, or Apple operating systems must be running a version of the software with active support under Microsoft’s Modern Lifecycle Policy, Apple’s Lifecycle Policy, or be a version of Linux covered under long-term support and have all the latest quality updates and supported feature updates installed.
-
Hypervisor hosts must have active support and all the latest critical updates installed.
-
All server and desktop applications must be genuine, licensed, and vendor supported.
-
All network and server equipment must be business or enterprise grade and must have an active hardware warranty.
-
All supported hardware must be business or enterprise class. If not purchased from In-Touch IT, prior approval is required.
-
The environment must have a currently licensed, up-to-date and vendor supported server-based antivirus solution protecting all servers, desktops, notebooks/laptops, and e-mail.
-
The environment must have a currently licensed, vendor supported server-based backup solution.
-
The environment must have a currently licensed, vendor-supported business or enterprise grade hardware firewall with a publicly routable static IP address between the internal network and the Internet.
-
All network hardware, cabling (minimum rating of Cat5e and meets IEEE engineering specifications for speed), or configuration changes must be facilitated by In-Touch IT or have prior approval.
-
Any wireless data traffic in the environment must be secured with a minimum of 128bit data encryption.
-
A broadband or equivalent ‘always on’ internet connection with at least 50Mbps download and 10Mbps upload speeds is required. For sites with more than 10 PCs or other bandwidth considerations, a higher specification may be required.
-
Client web domain name(s) will be transferred to In-Touch IT's domain name management service.
-
All Computers must be left on continuously where possible.
-
All Computers must have all required In-Touch IT security and management tools (this is provided by In-Touch IT).
-
Proof of Cyber Insurance coverage.
-
All users must participate in annual security awareness trainings.
-
Administrator rights will only be granted if required to perform assigned duties and upon prior In-Touch IT approval.
-
Multi-Factor Authentication (MFA) must be enabled.
-
All storage devices connected to or installed in managed equipment must be encrypted.
Excluded Services:
-
Parts, equipment or software not covered by vendor/manufacturer warranty or support.
-
The cost of any parts, equipment, or shipping charges of any kind.
-
The cost of any Software, Licensing, or Software Renewal or Upgrade Fees of any kind.
-
The cost of any 3rd Party Vendor or Manufacturer Support or Incident Fees of any kind.
-
The cost to bring Client’s environment up to minimum standards required for Service Compliance.
-
The cost of remediating a cyber-attack and ransomware if client did not accept advanced security suite.
-
Failure due to building modifications, power failures or other adverse environmental conditions or factors. Service and repair made necessary by the alteration or modification of equipment other than that authorized by MID, including alterations, software installations or modifications of equipment made by Client’s employees or anyone other than MID.
-
Maintenance of application software packages, whether acquired from MID or any other source unless as specified in this SOW.
-
New hardware obtained outside of MID may be subject to setup fees.
Minimum Compliance Standards are subject to change. Client will be notified at least 90 days prior to any minimum compliance changes that will affect their network and devices.
The most up-to-date version of these standard can be found at https://www.intouchit.com/it-services/managed-it-department/standards