InfoTECH Solutions, LLC - Services Catalog
- Proactive Network Administration – An assigned Technical Alignment Manager (TAM) visits your site quarterly or annually to audit your network systems against customized best practices and standards to ensure optimal performance of your systems. Preventive maintenance and some remediation are performed during this process.
- Technology Consulting – A dedicated Virtual Chief Information Officer (vCIO) reviews the audit performed by theTechnical Alignment Manager and your network systems quarterly or annually to ensure delivery of high value technology consulting. We provide technology planning and budgeting while recommending the best technology for your I.T. investment.
- Hardware/software monitoring – A small software agent is installed on all computers and servers to monitor the health and security of your systems. The agent also allows end users to submit a support ticket when needed. Our support technicians will respond to any submitted or automated hardware/software alerts received from our monitoring agents to ensure your systems are always running at an optimal level.
- Managed Endpoint Protection for servers and workstations – Antivirus protection, which provides multi vector protection against malicious files, scripts, exploits and URLs, will be installed on each server and workstation. Our Centralized Services team will ensure that these agents stay up-to-date and operational.
- Patch Management – Windows and common third-party application (workstations only) updates will be automatically installed during scheduled maintenance windows. Workstations’ maintenance windows are daily during the 12:00 PM hour and will prompt for a reboot if necessary. These reboot prompts may be postponed by the end user for a total of three days. Servers’ maintenance windows will be on Monday mornings starting at 12:00AM and lasting for five hours. Automatic reboots will be performed during this time if necessary. Microsoft patches that are Critical or zero-day vulnerability will be installed immediately. Other Security Updates and Updates will be automatically installed 14 days after their release. This excludes service pack updates and feature updates, which may be installed periodically manually.
- Threat Hunting – Endpoint Detection and Response (EDR) protection that identifies breach vectors and footholds and offers automatic remediation in some cases and will alert our team to any incidents that are detected. Devices can be automatically isolated if necessary to protect other endpoints on the network.
- Identity Threat Detection and Response Managed Detection and Response (MDR) for Microsoft 365 secures your Microsoft 365 users, applications and environment by interpreting threat detections such as suspicious user behavior, unauthorized access, or email manipulation and delivering actionable remediations for recovery, providing protection 24/7.
- Ransomware Detection and Alerting – Two different systems will monitor servers and workstations for evidence of Ransomware. If ransomware is detected, our system will automatically isolate the system to help prevent the further spread of Ransomware to other systems. We will also be alerted to the detection so that remediation measures can be performed.
- Microsoft 365 Licensing – Licensing for Microsoft 365 services deemed necessary, including but not limited to hosted Exchange, OneDrive, Teams, SharePoint, and Office.
- SaaS Protection – Backup protection for Microsoft 365 or Google GSuite. Backups are performed three times daily and captures point-in-time snapshots of each users’ relevant application data. Retention is unlimited and stored in cloud-based storage maintained in a SOC 2 Type II data center. All HIPAA and GDPR compliance are maintained, and data is encrypted both at rest and in transit. New users are automatically detected and added to the backup. When licenses are removed from an email account, the backup data is automatically converted to an archive and will be permanently deleted.
- SaaS Defense – Advanced threat protection solution designed to provide protection against phishing emails and zero-day threats across the Microsoft 365 Suite. Suspect items will automatically be quarantined, and a report of quarantined items will be sent to end users daily with the option to release and whitelist the item.
- Business Continuity Service
Services Provided: (i) An on-site Business Continuity Appliance (“Appliance”) that acts as a local storage device; (ii) Incremental backups performed on Appliance; (iii) Secure Remote (Off-site) Storage provided at multiple geographically diverse data centers; (iv) Data recovery from the local Appliance with the most recent information stored on such Appliance; (v) Full management, monitoring, and testing of Appliance and remote storage in the form of a Systems Recovery Plan to be provided bi-annually.
Off-Site Virtualization: In a disaster where you should lose your physical servers and Appliance, servers and/or workstations may be virtualized off-site. (i) There is an additional cost for this service after 30 days; (ii) VPN/RDP access will be given to provide limited access to remote virtual machines.
Equipment: Client agrees to cease the use of any technology that remains the property of InfoTECH upon termination of this agreement. If Appliance is stolen, damaged or destroyed, Client must pay current market prices at the time of the loss for a replacement unit.
RoundTrip Service: To replicate large quantities of data from local appliances to the off-site cloud, a RoundTrip Service is provided that offers a physical RoundTrip device of various sizes shipped to the client site. A complimentary initial RoundTrip Service will be provided and up to one additional RoundTrip per quarter as needed. Additional RoundTrip Services will be billed at $100 per event plus applicable shipping charges.
Upgrades and Expansion: Upgrades to different appliances to support changing data storage requirements will incur additional appliance and/or provisioning fees and updated monthly service fees, to be agreed upon by both InfoTECH and Client in the form of a signed proposal.
Security: All data is fully encrypted during transmission off-site and while stored off-site. All data is stored off-site, in encrypted form, on multiple servers in multiple geographically diverse secure data center facilities. (i) Each file is encrypted using 256-bit AES and SSL key-based encryption technology. 256-bit AES encrypted data cannot be read without the corresponding keys, so encrypted data cannot be misused; (ii) The on-site Appliance communicates with off-site remote servers using SSL (Secure Socket Layers) technology. As a result, the online backup of data is encrypted twice. It is encrypted at all times using the 256-bit AES encryption and it is encrypted again while it’s being sent over the Internet; (iii) Data stored off-site remains encrypted at all times
Backup Frequency: Servers and/or workstations will be backed up several times a day to Appliance. Local retention policies can be customized to create as many archived versions of data and full recovery points as needed, as long as enough storage space is available on Appliance. Appliance will synchronize at least one backup point off-site daily, depending on Internet bandwidth limitations. Off-site backup frequency is ultimately dependent on total data size, data changes, and available Internet bandwidth. Off-site retention is one (1) year, unless additional monthly fee for unlimited off-site retention has been agreed upon.
Remote Storage provided at multiple geographically diverse Data Centers: (i) Highly redundant storage in multiple redundant cluster nodes at multiple data centers; (ii) Connectivity provided by multiple providers with automatic failover capabilities; (iii) Facilities power is supplemented with both battery backup and diesel generation capabilities;(iv) Full physical security at each facility including global biometric authentication access methodology to track all authenticated data center personnel and prohibit the entry of any unauthorized persons; (v) Fire suppression and environmental control provided. - Breach Prevention Platform – Service that provides employee security training annually and supplements with weekly micro training videos. Also provided is the ability to complete an annual risk assessment. A risk profile and remediation steps are provided. Company policies concerning technology may also be created and stored here. All of these services combine in an effort to educate employees to reduce the risk of a security breach.
- HSN Breach Prevention Platform – All of the services provided with Breach Prevention Platform, but more HIPAA focused.
- HSN Breach Prevention Platform with Consulting – All of the services provided by HSN Breach Prevention Platform plus access to HIPAA Risk Assessment consultations with the HIPAA Secure Now Experts.
- Managed Disk Encryption – Service that allows us to manage whole disk encryption, including automatically enabling encryption and maintaining recovery keys. This protects data on devices in the event of a theft, etc. Only available for Windows Pro/Enterprise and MacOS 10.12 or higher.
- Spam Filtering (Inbound and Outbound) and Bracket Encryption Service – Robust inbound and outbound email spam filtering. Bracket Encryption services provide the ability to send emails with sensitive data securely and provides the ability to secure share files with external parties.
- MSP Backup – Managed local and offsite system backups of workstations containing critical data that cannot be hosted on a server. This service provides a maximum of 28 days of retention.
- Datto Workplace – HIPAA, GDPR, and SOC 2 compliance cloud hosting keeping business data safe and available 24/7. Data is encrypted in transit and at rest with 265-bit AES encryption – including on users’ devices. Multi-factor authentication, credential rotation, and session expiration ensure only authorized users can access the data. Data centers in USA, Canada, Europe and Australia are geo-redundant, and advanced policies and device management ensure data access is controlled and managed. 180-day versioning ensures that you can quickly recover accidentally deleted files or revert to a previous version.
- IT/365 Two-Factor Authentication – Enterprise level two-factor authentication ensures protection of remote access methods such as Remote Desktop Gateway and VPN. In certain high risk environments, this service may also be deployed to protect individual workstation logins and applications.
- Ticketing – Utilize our established ticketing system to manage and track support requests. Ticketing can be temporarily redirected to InfoTECH Solutions when Internal IT is not available.
- IT/365 DNS Protection – Agent based Internet Content Filtering that keeps end users from accessing potentially malicious and/or inappropriate websites that may compromise your business.
- Virtual Private Cloud – A server infrastructure designed specifically for your needs, privately hosted in the cloud, and maintained by our engineers.
- Documentation Platform – Utilize our Information Technology specific documentation system to securely store information about your IT Infrastructure.