If Managed IT Services onboarding services are provided under the Quote, then the following services will be provided to you.
The foregoing list is subject to change if we determine, at our discretion, that different or additional onboarding activities are required.
If deficiencies are discovered during the onboarding process, we will bring those issues to your attention and discuss the impact of the deficiencies on the provision of our monthly managed services. Please note, unless otherwise expressly stated in the Quote, onboarding-related services do not include the remediation of any issues, errors, or deficiencies (“Issues”), and we cannot guarantee that all Issues will be detected during the onboarding process.
The following Services, if listed in the Quote, will be provided to you.
Support Services
Remote Help Desk & Onsite Support - 8 x 5
WEBIT will provide maintenance and support for the hardware and software in the environment as well as installed 3rd party software and line of business applications. WEBIT will make the best effort to resolve as many issues as possible remotely and will come On-Site in the event remote resolution is not possible.
Tickets are prioritized and scheduled according to our Service Level Agreement (SLA), see Service Level Agreement for more details.
Any Moves, Adds or Changes will be outside of the 8x5 support scope and will be quoted separately. See Professional Services - IT Project Work for more details.
Remote Help Desk & Onsite Support - 24 x 7 x 365
WEBIT will provide maintenance and support for the hardware and software in the environment as well as installed 3rd party software and line of business applications. WEBIT will make the best effort to resolve as many issues as possible remotely and will come On-Site in the event remote resolution is not possible.
Tickets are prioritized and scheduled according to our Service Level Agreement (SLA), see Service Level Agreement for more details.
Any Moves, Adds or Changes will be outside of the 24 x 7 x 365 support scope and will be quoted separately. See Professional Services - IT Project Work for more details.
Remote Help Desk & Onsite Support - After Hours & Holidays
Emergency support is available on weekdays from 5 pm - 10 pm, and on weekends and recognized national holidays from 8 am - 10 pm.
PSA License (Professional Services Automation)
WEBIT will provide a license for its PSA system for each client employee they designate to have access. The license will be limited to the Clients account and all tickets/information contained within.
Network Administration
24x7x365 Remote Monitoring and Management
Software agents installed in Covered Equipment (defined below) report status and events on a 24x7 basis; alerts are generated and responded to in accordance with the Service Levels described below.
Field Team Services (Virtual & Onsite Maintenance)
Additional scheduled visits can be added at per day cost; these can be weekly, bi-weekly, or monthly.
A field technician will come onsite and perform any or all the following tasks in accordance with our best practices to ensure your IT infrastructure is running smoothly:
Advanced Network Monitoring (ANM)
ANM is deployed to constantly monitor and poll the network from topology to config history to device performance. It gives a real-time look at the network at a single point in time. The network data ANM detects is stored for some time which allows for troubleshooting, analysis, planning, and reporting.
ANM scans network devices for configuration changes every 60 minutes. If the running-config has been altered, the latest config is automatically backed up. The old config gets logged into a version index that’s always available for review.
Traffic Insights leverages machine learning and traffic classification to show you which applications—like Dropbox, Netflix, or Slack—or protocols are using up the bulk of the network’s bandwidth, allowing our strategic advisors to help determine if network upgrade or expansion is necessary.
Traffic Insights also displays real-time traffic source and destination data in a simple world map. If traffic is being received from or delivered to an unauthorized or unexpected country, we can dig deeper to verify if the traffic is legitimate or malicious and take necessary steps to protect the network.
This service is additional and billable by the number of devices on a client infrastructure in the following categories:
These devices are also included in the service, but are not factored into the billing/pricing of the service:
Strategic Planning
vCIO (Virtual Chief Information Officer)
WEBIT will provide a dedicated virtual CIO (Chief Information Officer) who is your primary point of contact for anything related to your account or services. In addition to overseeing your account, the vCIO conducts quarterly meetings to review ongoing issues, go over upcoming project work, discuss changes in vendors, advise on best practices, create budgets, and plan the technology roadmap for the next period.
Other Services
Quoting & Procurement
WEBIT can provide all quoting and procurement of technology for the organization.
WEBIT Quotations Policy
When you engage with WEBIT, you are adopting our unique “WEBIT Way” for managing technology. This is a system of best practices designed to drive results for your business.
Only by implementing these best practices can we produce your desired results:
Best Practices include the adoption of the correct hardware and software.
When we propose a solution for you, we use the following criteria:
Our service offering includes only recommending the correct hardware and software for your business.
We provide free quotations for solutions only on this basis.
For example, (unless otherwise noted) our technology quotations always include the following services:
If you purchase products elsewhere, they are absent of our inclusions, and all are chargeable separately.
The reality is that this usually means it is more expensive and slower to implement.
If a client regularly abuses our free quotation service, we may withdraw this service or charge for the same at our discretion.
Down-payment Requirements & Net Terms
Materials Payment Requirements:
Labor Payment Requirements: 50% Due at Project Execution
Under $10,000
Over $10,000
Monthly Managed Services Agreement (MSA) Adjustments
The addition of New Equipment, or the addition of New Employees, may result in an increase to the Managed IT Services Agreement. The Contract True-Up process can occur at any time after the sale/installation of new equipment, and/or the onboarding of new employees to bring the cost for contracted services and coverage provided to a balanced state, however, no adjustments made will be retroactive and will only apply from the time of True-up going forward.
Concierge Service
User Experience & Account Management.
Co-managed IT services refer to an arrangement between the client and service provider in which both parties work together to manage and maintain the business's technology infrastructure.
This can include any quoted service(s) defined under Managed IT Services or in this section.
Support Services
Remote Desktop & User Support (Tier 1 & 2) - 8 x 5
WEBIT will provide initial remote support during normal business hours for desktops, laptops, and covered users in the environment as well as installed 3rd party software and line of business applications. When an issue cannot be resolved remotely it will be escalated to the client’s in-house team for review and remediation.
Tickets are prioritized and scheduled according to our Service Level Agreement (SLA), see Service Level Agreement for more details.
Moves, Adds or Change requests will be outside of the support scope and will be quoted separately. See Professional Services - IT Project Work for more details.
Onsite support is available at our current Professional Services rates provided the client service location is within the WEBIT service area.
Remote Desktop & User Support (Tier 1 & 2) - 24 x 7 x 365
WEBIT will provide initial remote support 24x7 for desktops, laptops, and covered users in the environment as well as installed 3rd party software and line of business applications. When an issue cannot be resolved remotely it will be escalated to the client’s in-house team for review and remediation.
Tickets are prioritized and scheduled according to our Service Level Agreement (SLA), see Service Level Agreement for more details.
Any Moves, Adds or Changes will be outside of the support scope and will be quoted separately. See Professional Services - IT Project Work for more details.
Onsite support is available at our current Professional Services rates provided the client service location is within the WEBIT service area.
Server & Infrastructure Support (Tier 3) - 8 x 5
WEBIT will provide remote and onsite support during normal business hours for servers and infrastructure in the environment. WEBIT will make the best effort to resolve issues remotely and will come On-Site in the event remote resolution is not possible.
Tickets are prioritized and scheduled according to our Service Level Agreement (SLA), see Service Level Agreement for more details.
Moves, Adds or Change requests will be outside of the support scope and will be quoted separately. See Professional Services - IT Project Work for more details.
Server & Infrastructure Support (Tier 3) - 24 x 7 x 365
WEBIT will provide remote and onsite support 24/7 for servers and infrastructure in the environment. WEBIT will make the best effort to resolve issues remotely and will come On-Site in the event remote resolution is not possible.
Tickets are prioritized and scheduled according to our Service Level Agreement (SLA), see Service Level Agreement for more details.
Moves, Adds or Change requests will be outside of the support scope and will be quoted separately. See Professional Services - IT Project Work for more details.
The following Services, if listed in the Quote, will be provided to you
SecureBIT Foundation
Risk Assessment Service
Security Framework Roadmap and Assessments. Alignment with either current NIST or CIS Controls published framework. We will continually monitor the entire attack surface, including end-user devices (laptops and computers) from 'work-from-home environments', for vulnerabilities, compliance, and misconfigurations. A prioritized remediation plan for addressing the discovered vulnerabilities and compliance gaps will be provided and discussed with Client.
SecureBIT Protect: People
End User Security Awareness Training
Security awareness training is a formal process for educating employees and third-party stakeholders, like contractors and business partners, on how to protect an organization's computer systems, along with its data, people, and other assets, from internet-based threats or criminals.
Multi-factor authentication (MFA or 2FA)
Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource such as an application, online account, or a VPN. Rather than just asking for a username and password, MFA requires one or more additional verification factors, which decreases the likelihood of a successful cyber-attack. The product or service such as an application or operating system must support MFA/2FA to be enabled.
Includes setup, configuration, and management of multi-factor authentication to all users.
Password Management
3rd party password management platform for preventing password-related data breaches and cyber threats. Protects passwords and sensitive data in secure, encrypted vaults. Provision, manage, and audit from a central admin console.
SecureBIT Protect: Devices
Endpoint Detection
Endpoint detection (EDR) is next-generation antivirus protection and is also referred to as next-gen AV. The EDR platforms continually monitor and respond to cyber threats. They are effectively a prevention against zero-day vulnerabilities including New or undetected malware. Next-generation antivirus (NGAV) differs from traditional antivirus solutions by incorporating many extra features, such as the ability to learn the behavior of the endpoint in which the solution is installed, and identifying any anomalous behavior without querying a signature database or vaccines.
Updates & Patching
Patch management is the practice of identifying, acquiring, deploying, and verifying software updates for network devices. This includes updates for operating systems, application code, and embedded systems, including servers. Devices for entry-level personnel up to executive officers require updates to avoid unnecessary cyber risk. Failure to update software risks exposure to identified vulnerabilities. With every patch released, malicious threat actors take note and seek out those organizations that are slow to update their systems. Without patching, a critical flaw in code can disable system functionality and open the door to hackers.
DNS Security
Cloud-driven Secure Internet Gateway that provides protection from Internet-based threats, for users wherever they go. As a cloud-delivered service, DNS security provides the visibility needed to protect internet access across all network devices, office locations, and roaming users. Internet activity is logged and categorized by the type of security threat or web content, and whether it was blocked or allowed.
SecureBIT Protect: Communication
Email Security
We use industry-leading third-party services including an email gateway, which can be deployed as a cloud service or on-premises. It can catch both known and unknown threats that others miss. Advanced machine learning technology, Email Protection accurately classifies various types of email. It can detect and block threats that don’t involve malicious payload, such as impostor email—also known as business email compromise (BEC).
Additional Security Services
Managed Firewall
We will provide you with a firewall appliance (physical or virtual) and all necessary licensing to comply with our minimum requirements for perimeter security. We will also manage and maintain the device in accordance with our best practices.
Incident Response Plan (IRP)
WEBIT will assist Client in creating and updating their incident response plan (IRP). An IRP is defined by NIST as "The documentation of a predetermined set of instructions or procedures to detect, respond to, and limit consequences of a malicious cyber-attacks against an organization’s information system(s)."
IT Continuity Plan
WEBIT will assist Client in creating and updating their IT continuity plan. The Information Technology Service Continuity Plan is the collection of policies, standards, procedures, and tools through which organizations not only improve their ability to respond when major system failures occur but also improve their resilience to major incidents, ensuring that critical systems and services do not fail or that failures are recovered within acceptable process RTO limits.
Group Policy Framework Alignment
SecureBIT: IG1
Done for you Microsoft Group Policy implementation and management aligned with the most current CIS Controls Implementation Group 1
SecureBIT: IG2
Done for you Microsoft Group Policy implementation and management aligned with the most current CIS Controls Implementation Group 2
SecureBIT: IG3
Done for you Microsoft Group Policy implementation and management aligned with the most current CIS Controls Implementation Group 3
Backup Service
Basic Server Backup
Image-based backup of server(s), stored on a local designated appliance. All recovery attempts will be the best effort with no recovery time guarantees and no recovery point guarantees Data retention is subject to the available disk space of the local designated appliance.
Basic Server Backup plus offsite storage
Same as the Basic Server Backup service, plus the addition of offsite Data Center cold storage (not geo-redundant). Cold storage is not designed to spin up virtual environments for recovery.
BCDR (Business Continuity and Disaster Recovery)
Datto BCDR
Datto's all-in-one business continuity and disaster recovery (BCDR) solution. Virtualization can recover a system in the Datto Cloud, on local hardware, or the SIRIS (or current deployed appliance model).
Multiple recovery options. File restore to recover deleted or corrupted files or folders. Rapid Rollback to quickly undo widespread changes such as ransomware infection. Image Export for full virtual server restore. Bare Metal Recovery to re-image a server to new hardware.
Backup Data Security
All backed-up data is encrypted in transit and at rest in 256-bit AES encryption. All facilities housing backed-up data implement physical security controls and logs, including security cameras, and have multiple internet connections with failover capabilities.
Backup Retention
Backed-up data will be retained in accordance with current policy and is subject to the limitation of the available hard drive space on the BCDR appliance(s)
Cloud Continuity Backup for PC's
A comprehensive BCDR solution for desktops and laptops (only). It provides automated backup of your PCs directly to the Cloud.
Endpoint Backup protects against permanent data loss and provides for easy restoration of files and folders directly to your PC or to an alternate device.
In the event you lose access to your PC due to loss, theft, or hardware failure, Endpoint Backup can power up a virtual version of your PC directly in the Cloud, no matter where they are located, enabling it to quickly resume operations
Microsoft 365 Backup
Workplace (File Sync & Share)
The Workplace Server is a component of the Workplace service. It makes all your files accessible through Workplace while retaining local, centralized data storage so that your data is also available via your local area network (LAN). The Workplace service keeps all data on your LAN accessible internally and in sync with Workplace.
Data Center Hosting
WEBIT can provide a separate quote for Data Center Hosting and Services for the Client.
For each data center hosting client, WEBIT may allocate entirely separate data center resources or use a shared infrastructure depending on the Client's needs. The Client may access the data center and all resources from the Internet or through a secure network connection.
Cloud data centers and managed data centers are common models of data center hosting and are provided by a 3rd party. WEBIT can provide its services in conjunction with Data Center Hosting solutions.
Anytime Project or MAC work is identified, Client will be notified and will be provided with an electronic proposal and scope for the work to be performed. Client will never be invoiced for project work that Client did not approve.
For larger projects, we can provide a high-level budgetary analysis for you before fully scoping a project to ensure it will meet your budgetary needs.
Additional Description of Services
The following additional details further explain and define the scope of the Services.
Hardware as a Service (HaaS)
HaaS Equipment We will provide you with the HaaS Equipment described in the Quote or, if no hardware is expressly designated as HaaS Equipment in the Quote, then a complete list of HaaS Equipment will be provided to you under separate cover.
Deployment. We will deploy the HaaS Equipment within the timeframe stated in the Quote if you promptly provide all the information that we reasonably request from you to complete deployment. This deployment guarantee does not apply to any software, other managed services, or hardware devices other than the HaaS Equipment. If you wish to delay the deployment of the HaaS Equipment, then you may do so if you give us written notice of your election to delay no later than five (5) days following the date you sign the Quote. Deployment shall not extend beyond two (2) months following the date on which you sign the Quote. You will be charged at the rate of fifty percent (50%) of the monthly recurring fees for the HaaS-related services during the period of delay. Following deployment, we will charge you the full monthly recurring fee (plus other usage fees as applicable) for the full term indicated in the Quote.
Equipment Hardware Repair or Replacement. WEBIT will repair or replace HaaS Equipment by the end of the business day following the business day on which the applicable problem is identified by, or reported to, WEBIT and has been determined by WEBIT to be incapable of being remediated remotely.
This warranty does not include the time required to rebuild your system, such as the time required to configure a replacement device, rebuild a RAID array, reload the operating system, reload, and configure applications, and/or restore from backup (if necessary).
If WEBIT fails to meet the warranties in this section and the failure materially and adversely affects your hosted environment (“Hosted System”), you are entitled to a credit in the amount of 5% of the monthly fee per hour of downtime (after the initial one (1) hour allocated to problem identification), up to 100% of your monthly fee for the affected HaaS Equipment. In no event shall a credit exceed 100% of the applicable month’s monthly fee for the affected equipment.
Periodic Replacement of HaaS Equipment. From time to time and at our discretion, we may decide to swap out older HaaS Equipment for updated or newer equipment. (Generally, equipment that is five years old or older may be appropriate for replacement). If we elect to swap out HaaS Equipment due to normal, periodic replacement, then we will notify you of the situation and arrange a mutually convenient time for such activity.
Return of HaaS Equipment. Unless we expressly direct you to do so, you will not remove, disable, or attempt to remove or disable, any software agents that we installed in the HaaS Equipment. Doing so could result in network vulnerabilities and/or the continuation of license fees for the software agents for which you will be responsible, and/or the requirement that we remediate the situation at our then-current hourly rates, for which you will also be responsible. Within ten (10) days after the termination of HaaS-related Services, Client will provide WEBIT access to the premises at which the HaaS Equipment is located so that all such equipment may be retrieved and removed by us. If you fail to provide us with timely access to the HaaS Equipment or if the equipment is returned to us damaged (normal wear and tear excepted), then we will have the right to charge you, and you hereby agree to pay, the replacement value of all such unreturned or damaged equipment.
Covered Equipment / Hardware / Software
Managed Services will be applied to the equipment listed in the Quote (“Covered Hardware”).
The Services will apply to the software listed in the Quote (“Supported Software”) provided, however, all Supported Software must, always, be properly licensed, and under a maintenance and support agreement from the Supported Software’s manufacturer. In this Service Statement, Covered Hardware and Supported Software will be referred to as the “Environment” or “Covered Equipment.”
Covered Users
Managed Services will be applied to the number of users listed in the Quote (“Covered Users”).
Physical Locations Covered by Services
Services will be provided remotely unless, at our discretion, we determine that an onsite visit is required. Onsite visits will be scheduled in accordance with the priority assigned to the issue (below) and are subject to technician availability. Unless we agree otherwise, all onsite Services will be provided at Client’s primary office location listed in the Quote. Additional fees may apply for onsite visits: Please review the Service Level section below for more details.
Term; Termination
The Services will commence, and billing will begin, on the date indicated in the Quote (“Commencement Date”) and will continue through the initial term listed in the Quote (“Initial Term”). We reserve the right to delay the Commencement Date until all onboarding/transition services (if any) are completed, and all deficiencies/revisions identified in the onboarding process (if any) are addressed or remediated to WEBIT’s satisfaction.
The Services will continue through the Initial Term until terminated as provided in the Agreement, the Quote, or as indicated in this section (the “Service Term”).
Auto-Renewal. After the expiration of the initial Service Term, the Service Term will automatically renew for contiguous terms equal to the initial Service Term unless either party notifies the other of its intention to not renew the Services no less than thirty (30) days before the end of the then-current Service Term.
Assumptions / Minimum Requirements / Exclusions
The scheduling, fees, and provision of the Services are based upon the following assumptions and minimum requirements. If the environment is out of alignment, WEBIT will provide a quote to bring the environment into alignment within the first 90 days of support.
Exclusions. Services that are not expressly described in the Quote will be out of scope and will not be provided to Client unless otherwise agreed, in writing, by WEBIT. Without limiting the foregoing, the following services are expressly excluded, and if required to be performed, must be agreed upon by WEBIT in writing:
Service Levels
Automated monitoring is provided on an ongoing (i.e., 24x7x365) basis; response, repair, and/or remediation services (as applicable) will be provided only during business hours unless otherwise specifically stated in the Quote. We will respond to problems, errors, or interruptions in the provision of the Services in the timeframe(s) described below. Severity levels will be determined by WEBIT at our discretion after consulting with the Client. All remediation services will initially be attempted remotely; WEBIT will provide onsite service only if remote remediation is ineffective and, under all circumstances, only if covered under the Service plan selected by Client.
Normal Business Hours: Monday – Friday, 8 AM to 5 PM
Extended Hours2: Holidays, Non-Normal Business Hours
Email and portal support is for non-critical requests.
Examples of non-critical requests are:
Response Times1
1 Response time is calculated from the time that the request for help is received by us through our designated support channels. Requests received in any other manner may result in delayed or non-responses.
2 Extended Hours are not included. If Extended Hours support is provided, Client will be billed for such support at two times (2x) our then-current hourly rates, with a minimum of one (1) hour. All partial hours after the first hour are billed in fifteen (15) minute increments, with partial increments billed to the next higher increment.
Fees
The fees for the Services will be as indicated in the Quote.
Changes to Environment. Initially, you will be charged the monthly fees indicated in the Quote. Thereafter, if the managed environment changes, or if the number of authorized users accessing the managed environment changes, then you agree that the fees will be automatically and immediately modified to accommodate those changes.
Minimum Monthly Fees. The initial Fees indicated in the Quote are the minimum monthly fees (“MMF”) that will be charged to you during the term. You agree that the amounts paid by you under the Quote will not drop below the MMF regardless of the number of users or devices to which the Services are directed or applied unless we agree to the reduction. All modifications to the amount of hardware, devices, or authorized users under the Quote (as applicable) must be in writing and accepted by both parties.
Increases. In addition, we reserve the right to increase our monthly recurring and data recovery fees; provided, however, if an increase is more than five percent (5%) of the fees charged for the Services in the prior calendar year, then you will be provided with a sixty (60) day opportunity to terminate the Services by providing us with written notice of termination. You will be responsible for the payment of all fees that accrue up to the termination date and all pre-approved, non-mitigate expenses that we incurred in our provision of the Services through the date of termination. Your continued acceptance or use of the Services after this sixty (60) day period will indicate your acceptance of the increased fees.
Travel Time. If onsite services are provided, we will travel up to 45 minutes from our office to your location at no charge. Time spent traveling beyond 45 minutes (e.g., locations that are beyond 45 minutes from our office, occasions on which traffic conditions extend our drive time beyond 45 minutes one-way, etc.) will be billed to you at our then current hourly rates. In addition, you will be billed for all tolls, parking fees, and related expenses that we incur if we provide onsite services to you.
Appointment Cancellations. You may cancel or reschedule any appointment with us at no charge by providing us with notice of cancellation at least one business day in advance. If we do not receive timely a notice of cancellation/re-scheduling, or if you are not present at the scheduled time or if we are otherwise denied access to your premises at a pre-scheduled appointment time, then you agree to pay us a cancellation fee equal to two (2) hours of our normal consulting time (or non-business hours consulting time, whichever is appropriate), calculated at our then-current hourly rates.
Automated Payment. You may pay your invoices by credit card and/or by ACH, as described below. If you authorize payment by credit card and ACH, then the ACH payment method will be attempted first. If that attempt fails for any reason, then we will process payment using your designated credit card.
Additional Terms
Monitoring Services; Alert Services
Unless otherwise indicated in the Quote, all monitoring and alert-type services are limited to detection and notification functionalities only. Monitoring levels will be set by WEBIT, and Client shall not modify these levels without our prior written consent.
Remediation
Unless otherwise provided in the Quote, remediation services will be provided in accordance with the recommended practices of the managed services industry. Client understands and agrees that remediation services are not intended to be, and will not be, a warranty or guarantee of the functionality of the Environment, or a service plan for the repair of any piece of managed hardware or software.
Configuration of Third-Party Services
Certain third-party services provided to you under this Service Statement may provide you with administrative access through which you could modify the configurations, features, and/or functions (“Configurations”) of those services. However, any modifications of Configurations made by you without our knowledge or authorization could disrupt the Services and/or or cause a significant increase in the fees charged for those third-party services. For that reason, we strongly advise you to refrain from changing the Configurations unless we authorize those changes. You will be responsible for paying any increased fees or costs arising from or related to changes to the Configurations.
Dark Web Monitoring
Our dark web monitoring services utilize the resources of third-party solution providers. Dark web monitoring can be a highly effective tool to reduce the risk of certain types of cybercrime; however, we do not guarantee that the dark web monitoring service will detect all actual or potential uses of your designated credentials or information.
Modification of Environment - Managed IT Services
Changes made to the Environment without our prior authorization or knowledge may have a substantial, negative impact on the provision and effectiveness of the Services and may impact the fees charged under the Quote. You agree to refrain from moving, modifying, or otherwise altering any portion of the Environment without our prior knowledge or consent. For example, you agree to refrain from adding or removing hardware from the Environment, installing applications on the Environment, or modifying the configuration or log files of the Environment without our prior knowledge or consent.
Modification of Environment - Co-Managed IT Services
We will coordinate with your internal IT personnel (“Your Personnel”) as necessary to help ensure that the Services are delivered efficiently and effectively. That said, we are not responsible for the remediation of issues beyond the scope of the Quote caused by any activities undertaken by Your Personnel, such as modifications to hardware or software configurations, installation of software, firmware upgrades, etc. unless we pre-authorized those activities.
Anti-Virus; Anti-Malware
Our anti-virus / anti-malware solution will generally protect the Environment from becoming infected with new viruses and malware (“Viruses”); however, Viruses that exist in the Environment at the time that the security solution is implemented may not be capable of being removed without additional services, for which a charge may be incurred. We do not warrant or guarantee that all Viruses and malware will be capable of being detected, avoided, or removed, or that any data erased, corrupted, or encrypted by malware will be recoverable. To improve security awareness, you agree that WEBIT or its designated third-party affiliate may transfer information about the results of processed files, information used for URL reputation determination, security risk tracking, and statistics for protection against spam and malware. Any information obtained in this manner does not and will not contain any personal or confidential information.
Breach/Cyber Security Incident Recovery
Unless otherwise expressly stated in the Quote, the scope of the Services does not include the remediation and/or recovery from a Security Incident (defined below). Such services, if requested by you, will be provided on a time and materials basis under our then-current hourly labor rates. Given the varied number of possible Security Incidents, we cannot and do not warrant or guarantee (i) the amount of time required to remediate the effects of a Security Incident (or that recovery will be possible under all circumstances), or (ii) that all data impacted by the incident will be recoverable. For the purposes of this paragraph, a Security Incident means any unauthorized or impermissible access to or use of the Environment, or any unauthorized or impermissible disclosure of Client’s confidential information (such as user names, passwords, etc.), that (i) compromises the security or privacy of the information or applications in, or the structure or integrity of, the Environment, or (ii) prevents normal access to the Environment, or impedes or disrupts the normal functions of the Environment.
Environmental Factors
Exposure to environmental factors, such as water, heat, cold, or varying lighting conditions, may cause installed equipment to malfunction. Unless expressly stated in the Quote, we do not warrant or guarantee that installed equipment will operate error-free or in an uninterrupted manner, or that any video or audio equipment will clearly capture and/or record the details of events occurring at or near such equipment under all circumstances.
Fair Usage Policy
Our Fair Usage Policy (“FUP”) applies to all Services that are described or designated as “unlimited.” An “unlimited” service designation means that subject to the terms of this FUP, you may use the service as reasonably necessary for you to enjoy the use and benefit of the service without incurring additional time-based or usage-based costs. However, unless expressly stated otherwise in the Quote, all unlimited services are provided during our normal business hours only and are subject to our technicians’ availabilities, which cannot always be guaranteed. In addition, we reserve the right to assign our technicians as we deem necessary to handle issues that are more urgent, critical, or pressing than the request(s) or issue(s) reported by you. Consistent with this FUP, you agree to refrain from (i) creating urgent support tickets for non-urgent or non-critical issues, (ii) requesting excessive support services that are inconsistent with normal usage patterns in the industry (e.g., requesting support in lieu of training), (iii) requesting support or services that are intended to interfere, or may likely interfere, with our ability to provide our services to our other customers.
Hosted Email
You are solely responsible for the proper use of any hosted email service provided to you (“Hosted Email”).
Hosted Email solutions are subject to acceptable use policies (“AUPs”), and your use of Hosted Email must comply with those AUPs. In all cases, you agree to refrain from uploading, posting, transmitting or distributing (or permitting any of your authorized users of the Hosted Email to upload, post, transmit or distribute) any prohibited content, which is generally content that (i) is obscene, illegal, or intended to advocate or induce the violation of any law, rule or regulation, or (ii) violates the intellectual property rights or privacy rights of any third party, or (iii) mischaracterizes you, and/or is intended to create a false identity or to otherwise attempt to mislead any person as to the identity or origin of any communication, or (iv) interferes or disrupts the services provided by WEBIT or the services of any third party, or (v) contains Viruses, trojan horses or any other malicious code or programs. In addition, you must not use the Hosted Email for the purpose of sending unsolicited commercial electronic messages (“SPAM”) in violation of any federal or state law. WEBIT reserves the right, but not the obligation, to suspend Client’s access to the Hosted Email and/or all transactions occurring under Client’s Hosted Email account(s) if WEBIT believes, in its discretion, that Client’s email account(s) is/are being used in an improper or illegal manner.
Patch Management
We will keep all managed hardware and managed software current with critical patches and updates (“Patches”) as those Patches are released generally by the applicable manufacturers. Patches are developed by third-party vendors and, on rare occasions, may make the Environment, or portions of the Environment, unstable or cause the managed equipment or software to fail to function properly even when the Patches are installed correctly. We will not be responsible for any downtime or losses arising from or related to the installation or use of any Patch. We reserve the right, but not the obligation, to refrain from installing a Patch if we are aware of technical problems caused by a Patch, or we believe that a Patch may render the Environment, or any portion of the Environment, unstable.
Backup (BDR) Services
All data transmitted over the Internet may be subject to malware and computer contaminants such as viruses, worms, and trojan horses, as well as attempts by unauthorized users, such as hackers, to access or damage Client’s data. Neither WEBIT nor its designated affiliates will be responsible for the outcome or results of such activities.
BDR services require a reliable, always-connected internet solution. Data backup and recovery time will depend on the speed and reliability of your internet connection. Internet and telecommunications outages will prevent the BDR services from operating correctly. In addition, all computer hardware is prone to failure due to equipment malfunction, telecommunication-related issues, etc., for which we will be held harmless. Due to technology limitations, all computer hardware, including communications equipment, network servers, and related equipment, has an error transaction rate that can be minimized, but not eliminated. WEBIT cannot and does not warrant that data corruption or loss will be avoided, and Client agrees that WEBIT shall be held harmless if such data corruption or loss occurs. Client is strongly advised to keep a local backup of all stored data to mitigate against the unintentional loss of data.
Procurement
Equipment and software procured by WEBIT on Client’s behalf (“Procured Equipment”) may be covered by one or more manufacturer warranties, which will be passed through to Client to the greatest extent possible. By procuring equipment or software for Client, WEBIT does not make any warranties or representations regarding the quality, integrity, or usefulness of the Procured Equipment. Certain equipment or software, once purchased, may not be returnable or, in certain cases, may be subject to third-party return policies and/or re-stocking fees, all of which shall be Client’s responsibility in the event that a return of the Procured Equipment is requested. WEBIT is not a warranty service or repair center. WEBIT will facilitate the return or warranty repair of Procured Equipment; however, Client understands and agrees that (i) the return or warranty repair of Procured Equipment is governed by the terms of the warranties (if any) governing the applicable Procured Equipment, for which WEBIT will be held harmless, and (ii) WEBIT is not responsible for the quantity, condition, or timely delivery of the Procured Equipment once the equipment has been tendered to the designated shipping or delivery courier.
Technology Business Review; IT Strategic Planning
Suggestions and advice rendered to Client are provided in accordance with relevant industry practices, based on Client’s specific needs and WEBIT’s opinion and knowledge of the relevant facts and circumstances. By rendering advice, or by suggesting a particular service or solution, WEBIT is not endorsing any manufacturer or service provider.
VCTO or VCIO Services
The advice and suggestions provided to us in our capacity as a virtual chief technology or information officer will be for your informational and/or educational purposes only. WEBIT will not hold an actual director or officer position in Client’s company, and we will neither hold nor maintain any fiduciary relationship with Client. Under no circumstances shall Client list or place WEBIT on Client’s corporate records or accounts.
Sample Policies, Procedures
From time to time, we may provide you with sample (i.e., template) policies and procedures for use in connection with Client’s business (“Sample Policies”). The Sample Policies are for your informational use only and do not constitute or comprise legal or professional advice, and the policies are not intended to be a substitute for the advice of competent counsel. You should seek the advice of competent legal counsel prior to using or distributing the Sample Policies, in part or in whole, in any transaction. We do not warrant or guarantee that the Sample Policies are complete, accurate, or suitable for your (or your customers’) specific needs, or that you will reduce or avoid liability by utilizing the Sample Policies in your (or your customers’) business operations.
Penetration Testing; Vulnerability Assessment
You understand and agree that security devices, alarms, or other security measures, both physical and virtual, may be tripped or activated during the penetration testing process, despite our efforts to avoid such occurrences. You will be solely responsible for notifying any monitoring company and all law enforcement authorities of the potential for “false alarms” due to the provision of the penetration testing services, and you agree to take all steps necessary to ensure that false alarms are not reported or treated as “real alarms” or credible threats against any person, place, or property. Some alarms and advanced security measures, when activated, may cause the partial or complete shutdown of the Environment, causing substantial downtime and/or delay to your business activities. We will not be responsible for and will be held harmless and indemnified by you against, any claims, costs, fees or expenses arising or resulting from (i) any response to the penetration testing services by any monitoring company or law enforcement authorities, or (ii) the partial or complete shutdown of the Environment by any alarm or security monitoring device.
No Third-Party Scanning
Unless we authorize such activity in writing, you will not conduct any test, nor request or allow any third party to conduct any test (diagnostic or otherwise), of the security system, protocols, processes, or solutions that we implement in the managed environment (“Testing Activity”). Any services required to diagnose or remediate errors, issues, or problems arising from unauthorized Testing Activity is not covered under the Quote, and if you request us (and we elect) to perform those services, those services will be billed to you at our then-current hourly rates.
HaaS
You will use all WEBIT-hosted or WEBIT-supplied equipment and hardware (collectively, “Infrastructure”) for your internal business purposes only. You shall not sublease, sublicense, rent, or otherwise make the infrastructure available to any third party without our prior written consent. You agree to refrain from using the infrastructure in a manner that unreasonably or materially interferes with our other hosted equipment or hardware, or in a manner that disrupts or is likely to disrupt the services that we provide to our other clientele. We reserve the right to throttle or suspend your access and/or use of the infrastructure if we believe, in our sole but reasonable judgment, that your use of the infrastructure violates the terms of the Quote, this Service Statement, or the Agreement.
Domain Name Services
If you register, renew, or transfer a domain name through WEBIT, we will submit the request to the applicable domain name services provider (the “Registrar”) on your behalf. Our sole responsibility is to submit the request to the Registrar, and we are not responsible for any errors, omissions, or failures of the Registrar.
Obsolescence
If at any time any portion of the managed environment becomes outdated, obsolete, reaches the end of its useful life, or acquires “end of support” status from the applicable devices or software’s manufacturer (“Obsolete Element”), then we may designate the device or software as “unsupported” or “non-standard” and require you to update the Obsolete Element within a reasonable time period. If you do not replace the Obsolete Element reasonably promptly, then at our discretion we may (i) continue to provide the Services to the Obsolete Element using our “best efforts” only with no warranty or requirement of remediation whatsoever regarding the operability or functionality of the Obsolete Element, or (ii) eliminate the Obsolete Element from the scope of the Services by providing written notice to you (email is sufficient for this purpose). In any event, we make no representation or warranty whatsoever regarding any Obsolete Element or the deployment, service level guarantees, or remediation activities for any Obsolete Element.
Hosting Services
You agree that you are responsible for the actions and behaviors of your users of the Services. In addition, you agree that neither Client, nor any of your employees or designated representatives, will use the Services in a manner that violates the laws, regulations, ordinances, or other such requirements of any jurisdiction.
In addition, Client agrees that neither it, nor any of its employees or designated representatives, will: transmit any unsolicited commercial or bulk email, will not engage in any activity known or considered to be "spamming" and carry out any "denial of service" attacks on any other website or Internet service; infringe on any copyright, trademark, patent, trade secret, or other proprietary rights of any third party; collect, attempt to collect, publicize, or otherwise disclose personally identifiable information of any person or entity without their express consent (which may be through the person or entity's registration and/or subscription to Client’s services, in which case Client must provide a privacy policy which discloses any and all uses of information that you collect) or as otherwise required by law; or, undertake any action which is harmful or potentially harmful to WEBIT or its infrastructure.
Client is solely responsible for ensuring that its login information is utilized only by Client and Client’s authorized users and agents. Client’s responsibility includes ensuring the secrecy and strength of user identifications and passwords. WEBIT shall have no liability resulting from the unauthorized use of Client’s login information. If login information is lost, stolen, or used by unauthorized parties or if Client believes that any hosted applications or hosted data have been accessed by unauthorized parties, it is Client’s responsibility to notify WEBIT immediately to request the login information be reset or unauthorized access otherwise be prevented. WEBIT will use commercially reasonable efforts to implement such requests as soon as practicable after receipt of notice.
Licenses
If we are required to re-install or replicate any software provided by you as part of the Services, then it is your responsibility to verify that all such software is properly licensed. We reserve the right, but not the obligation, to require proof of licensing before installing, re-installing, or replicating software into the managed environment. The cost of acquiring licenses is not included in the scope of the Quote unless otherwise expressly stated therein.
.svg)
