IF YOU OPENED THIS LINK FROM YOUR PROPOSAL, CLICK THE ‘BACK’ BUTTON IN YOUR BROWSER TO RETURN TO THE PROPOSAL PREVIEW.

ONCE YOU HAVE REVIEWED THE PROPOSAL AS WELL AS THE TERMS AND CONDITIONS ON THIS PAGE, PLEASE CLICK THE LINK IN YOUR EMAIL TO SIGN AND APPROVE.

 Master Service Agreement for Managed Services

Terms and Conditions

Terms
This agreement applies to both Managed Services Clients as well as clients with a Basic Support Agreement, herein referred to as Client or signor, and MainStream Technologies, Inc. (dba Starkville Computers), hereinafter referred to as Managed Service Provider or MSP. Necessary modifications must be made in writing, approved by both parties and attached to specific client agreements. All agreements are considered effective on the day of signing and remain in effect for a period of three (3) years unless otherwise specified in signed proposal. For existing agreements, a net change of ten (10) percent or more of the monthly subtotal within a period of three (3) months automatically renews the affected agreement’s effective date unless otherwise specified in signed proposal. All agreements automatically renew for a term of three (3) years unless canceled within the provisions of the ‘Termination’ paragraph below.

Fees and Payment Schedule

• On-boarding fees are due at signing. The first monthly fee will be prorated from the date of signing through the end of the month. Invoices will be delivered via email to one or more email accounts of your choosing. Monthly Managed Service fees will total the amount proposed and approved will be due and processed on the first of each month via ACH. Invoices for monthly fees will be delivered prior to their due date (normally between the 12th and 15th of the month). Other services that may be approved throughout a month will be invoiced as they occur and will be processed in approximately 15 days. Any invoice not paid via ACH is subject to a $20 processing fee. Any invoice paid via credit or debit card will incur an additional 4% processing fee. Requests to onboard a new user or to setup a computer for an existing user (either new or repurposed) is considered approval to proceed. Requests to offboard regular users are a no fee service included in your agreement; however, in a case where the number of users falls below the number quoted and approved at signing, the approved amount will be billed.

• Invoices for the purchase of products (equipment, accessories, licenses, software, etc.) are due upon receipt of written approval (in the form of a signed online quote) to proceed and will be processed within 15 days. We only accept payments via ACH. We do not accept payment via checks or credit card. Rejected payments due to non-sufficient funds, closing of account, or otherwise will result in suspended services and a monthly late fee of any bank fees, plus no less than $10 per month, equal to the greater of 24% APR or the highest amount allowed by law (calculated on the remaining balance) will be assessed until account is paid in full. Any products and services described in this or your individual proposal must be included as a specific line item in your Managed Services recurring costs in order to be applicable.

• Proposed fees are based on the client's current network environment and are subject to change with the addition or removal of inventory, covered services, or price changes by 3rd party providers such as operating system developers, antivirus software, security appliance renewals, etc. Such changes may be added as an addendum to this agreement. Billing is reflected in approved proposal as well as any addendums and addition to inventory. Accurate billing is the responsibility of both parties herein, and any errors in billing are subject to any applicable back-charges to MSP or credits to Client. Errors resulting in charges or credits exceeding $500.00 may be settled with the gaining party at the rate of $500.00 per month with no interest fees or finance charges.

• Rates are set as indicated in approved proposal for the first year and are thereafter subject to an automatic annual increase without notice. Increases are based on expenses in addition to the Consumer Price Index (CPI) released by the Bureau of Labor Statistics (BLS) each year, with an annual maximum of 5%. Example: 2017 was closed with a documented CPI of 1.8%, so a $500.00 agreement would have increased to $509.00 plus expense increases.

• Rates indicated per line-item on your agreement are discounted and set based on your total proposal; therefore, reducing the amount of managed computers, services, application subscriptions, etc. may result in an immediate increase of pricing for any or all other line items.

• It is understood that any and all Services requested by Client that fall outside of the terms of this Agreement will be considered ‘Projects’ or ‘Excluded Services’, and will be billed as separate, individual Services at current rates - See excluded services.

• If Client requests onsite service and no problem is found or reproduced, Client shall be billed at the current applicable rates as indicated in proposed and approved service rates, otherwise MSP’s current standard rates apply.

• It is understood that any Federal, State or Local Taxes applicable shall be added to each invoice for services or materials rendered under this Agreement. Client shall pay any such taxes unless a valid exemption certificate is furnished to MSP for the state of use.

• Fees and pricing in approved proposal are based on client's existing network infrastructure, hardware, business workflow, and applications used at the time of MSP's initial assessments and interviews. Pricing is subject to increase in the event it is determined that all relevant factors affecting support were not completely disclosed or discovered during MSP's initial assessment or in the event any changes are made to these factors due to requirements, needs or desires. E.g.: Client has or requires implementation of complex software applications with unique needs; Client has or requires an added ability for secure remote user access to network environment's resources via VPN, etc.; Environment is not suitable for all required services. Either of these examples would likely require additional levels of support not considered in initial pricing of services.

• Subscriptions - Pricing is for your monthly recurring charge; however, for example, Microsoft now requires a 12-month commitment on all Microsoft 365 (Office) products/subscriptions... by purchasing any subscription-based products with such vendor/developer/manufacturer stipulations, you agree to a commitment to their terms, which auto-renew at the end of each period. Most subscription reductions or cancellations are only allowed with a minimum of 14 days from purchase moment or subscription renewal. Regarding some vendor pricing (Microsoft for example) - feature availability, and other options are subject to change beyond our control - these changes may affect your service and/or pricing at any time without notice.

• Migrations - Migrating user accounts from one platform to another (such as Google Workspace to Microsoft 365) will result in overlapping charges, during which there will be a period in which the client is billed for both services in order to assure completion of migration, allowing client ample time to verify data integrity. Client will be ultimately responsible for notifying MSP when to finalize accounts on their abandoned platform and delete all data, at which time billing will cease for said services. Optionally, the client may request a proposal for cold-storage backup of their data from the abandoned platform, which would result in a one-time flat fee (although this may be more cost-effective, online access of client’s old accounts and data is not possible with this option).

• Work cannot be scheduled until we have a signed proposal along with credit application and/or deposits as appropriate.

• If client has an existing agreement, it is understood that any approved proposals for products and/or services will be added to their existing agreement under the terms of this Master Service Agreement.

Coverage
All services provided will fall under the provisions of proposed and approved service rates, otherwise MSP’s current standard rates apply.

Support and Escalation Procedures
MSP will respond to Client’s Trouble Tickets under the provisions of our response and escalation times outlined in this agreement unless otherwise specified. Trouble Tickets will be processed and dispatched by any of MSP’s staff or client’s designated I.T. Contact Persons. Tickets may be created via the following means:

• Taskbar Icon (preferred) - this automatically assigns the computer submitting the request (as well as other pertinent information)

• Web-based Ticket Portal

• Email to our Help Desk (support@mstech.info)

• Phone (662.268.7705) if email is unavailable.

  Tickets will also be created automatically by our remote management and monitoring agents based on agreement requirements. Each ticket will be assigned a unique “Ticket number” for tracking of issue resolution and billing.
  Efficiency requires that client submit tickets ONLY via the means above. Failure to follow this procedure (e.g. calling or emailing technicians directly) will cause resolution delays and may result in additional charges.

Limitation of Liability
Client shall indemnify and hold harmless MSP, employees, national partners, and affiliates for damages or recovery resulting from performance or non-performance of services. In no event shall MSP be held liable for indirect, special, incidental or consequential damages arising out of service provided hereunder, including but not limited to loss of profits or revenue, loss of use of equipment, lost data, costs of substitute equipment, or other costs.

Suitability of Existing Environment - Minimum Standards Required for Services
In order for Client’s existing environment to qualify for MSP’s Managed Services, the following recommended requirements must be met:

1. At the signing of proposal, or by a date as indicated in an addendum, all Servers and workstations with Microsoft Windows Operating Systems must be running a valid, licensed installation of the applicable Operating System and have all of the latest Microsoft Service Packs and Critical Updates installed.

2. All software applications and operating systems are required to be currently under support (by Microsoft or other covered developers). Any applications and/or operating systems which are determined to be nearing end of life or end of support are required to be updated and installed by MSP or by any party authorized by MSP. In the event existing hardware does not meet recommended requirements of the new software, replacement hardware will be recommended. The cost of procuring, licensing, installing and configuration of needed software and/or hardware is NOT covered under this agreement and is subject to our current, standard billing rates unless otherwise specified in proposal.

3. All Server and Desktop Software must be Genuine, Licensed, and MSP-Supported.

4. The entire environment must have a currently licensed, up-to-date and MSP-Managed Antivirus Solution on each and every device connected to Client’s network at any given time. The Managed Antivirus Solution must be provided and managed by MSP, protecting all Servers, Desktops, Notebooks/Laptops, and Email as recommended. Attempted recovery from damages caused by any virus or malware infection is NOT covered under the terms of this Agreement under any circumstances. Pricing and provisions listed in proposal will be chargeable to client and is limited to only covered systems.

5. If backup monitoring and management is included, the environment must have a currently licensed, Vendor-Supported Server or Cloud-based Backup Solution provided and managed by MSP which can be monitored, and has the ability to send reliable, configurable notifications on job failures and successes.

6. The environment must have a currently licensed, MSP-Supported Hardware Firewall Security Appliance provided and managed by MSP between the Internal Local Area Network and the Internet. Note that subscription services for the Security Appliance may not be included in your Managed Services Plan unless specifically defined in proposal.

7. All Wireless data traffic in the environment must be securely encrypted and is to be provided and managed by MSP.

8. If required, static/outside IP address(es) may need to be assigned to some network device(s), allowing remote services, RDP or VPN access. Client is responsible for any related costs which may be necessary for the security, performance, and efficiency of all systems.

9. It is understood that initial setup, as well as costs required to bring Client’s environment up to these Minimum Standards are not included in this Agreement.

10. Client understands that standards and recommendations change over time and require updating in order to maintain security, performance and efficiency of all systems.
    Example: Microsoft discontinues updates and support for server and workstation operating systems determined by their product lifecycles. Windows 10 is expected to be end-of-life on 10/14/2025, and will no longer receive security updates and bug fixes after that date. End-of-life hardware or software may not conform to minimum standards as required by this agreement.

11. When required, Client must allow MSP to perform any necessary upgrades or implement required changes within six months of written notice or MSP reserves the right to exclude the affected devices or services from any requirements in this agreement. These exclusions are not subject to any price reductions, rather may require a price increase in order to support sub-standard systems. Client understands

Excluded Services
Unless otherwise specified, services provided according to this agreement will not include the following:

• Parts, equipment or software not covered by vendor/manufacturer warranty or support.

• The cost of any parts, equipment, or shipping charges of any kind.

• The cost of any hardware, software, Licensing, Subscription Renewals or Upgrade Fees of any kind unless specified.

• Hardware or software orders are payable at 75% of products + 100% of shipping, remainder due upon delivery (based on management approval). Electronic software orders which are generally deliverable within 24hrs are to be billed at 100% at order time.

• The cost of any 3rdParty Vendor or Manufacturer Support or Incident Fees of any kind.

• The cost to bring/keep Client’s environment up to current minimum standards required for included services.

• Failure due to acts of God, building modifications, power failures or other adverse environmental conditions or factors.

• Service and repair made necessary by the alteration, modification, or update of equipment or software other than that authorized by MSP, including alterations, software installations, updates or modifications of equipment made by Client’s employees, software vendors or anyone other than MSP.

• Maintenance of applications and software packages, whether acquired from MSP or any other source unless as specified in the client proposal or addendums (including searching and restoring data, configuring user preferences, etc.).

• All support of 3rd party software applications is excluded. Complex usage of applications (e.g. performing GL entries, reporting, etc. in an accounting system) may be subject to our standard non-agreement rates

• Programming (modification of software code) and program (software) maintenance unless as specified in in the client proposal or addendums.

• Backup restoration or recovery.

• Training Services of any kind.

• Attempted recovery of data, business systems or functionality from damages caused by virus infection, ransomware, malware, etc. not detected and quarantined by the latest MSP approved Antivirus definitions is NOT covered under the terms of this Agreement.

• Installation or configuration of any software not defined in in the client proposal or addendums.

• Repairs or configuration necessary due to software conflicts or developer bugs.

• Installation of new equipment; moving or re-configuring hardware or software to meet Client’s needs (such as employees changing offices, moving printers, etc.)

• Service work, repair, monitoring, or modification of any services or equipment covered in this agreement by any party other than MSP or those approved by MSP.

• Service work requiring specialty or proprietary tools or software not otherwise needed by or readily available to MSP.

• User error or lack of effort after being provided instructions and assistance with common procedures.

• Other items or service specifically excluded in proposals, agreements, or addendums

• Some products and/or services (e.g. fractional CISO services) may be provided directly or indirectly by MSP’s national partners (such as Business Cyber Security Solutions). Aside from onboarding costs, any additional installation, configuration and support may carry additional costs and fees. Since these products and services may shift between MSP and partners, they may or may not be defined as as such in the agreement proposal, but provider information is available at any given time upon request. MSP provides oversight and assistance for project management, products and services throughout agreement period and is always client’s primary point of contact. All invoicing and payments for direct or partner-provided products and/or services must always be handled by MSP.

• Personal devices such as cell phones, etc. not specifically listed in your agreement

• Any legal discovery or audit responses

• Printer repairs (troubleshooting is included), non-VOIP phone system support, wiring repair, Data Recovery (e.g., failed hard drive or data not placed on server for proper backup), and fees from manufacturers for any warranty covered devices (e.g., shipping or fees for not covered damage)

• Supported software or hardware that is no longer covered by manufacturer support will receive two (2) repair attempts for the same problem before we require replacement, or continued support of that device converts to hourly excluded rates

• Support outside our normal business hours or days (holidays) not specifically listed in your agreement

• Some products or services provided by our national partners are subject to their agreements and may be excluded or limited.

Confidentiality

MSP and its agents will not use or disclose Client information, except as necessary to or consistent with providing the contracted services, and will protect against unauthorized use.

Client understands this proposal, as well as any attachments and related correspondence is confidential, which is further defined as:

• All pricing information, accounts and passwords, quotes/proposals, business and financial information, services, software platforms or agents, sales and supply details, marketing strategies, MSP or Client services and supplier listings, staff information, business listings, information concerning the MSP business, the Client, or services provided.

• All processes, procedures, techniques, concepts, systems, manuals, license agreements, disclosure documents, documents, agreements, contracts, notes, file and database structures and software relating to the services

• Any information which, by its nature, places or potentially places the Client at an advantage or disadvantage over its present or future business competitors or clients

• Any information that would otherwise at law be considered secret or confidential information; whether or not marked “Confidential” BUT does not include information which at the time of first disclosure by a party is or is reasonably known to be or to have been a part of the public domain; after disclosure by a party is or becomes part of the public domain otherwise than by disclosure in breach of the terms of the agreement; was in the possession, knowledge, custody, power or control of MSP prior to disclosure.

• Any information relating to the MSP, its members, customers, contributors or suppliers.

• Client is responsible in preventing ANY 3rd parties which may be considered a competitor of MSP, from accessing managed systems. Neither should any of the information considered confidential above be copied, replicated, duplicated, or verbally shared for the purpose of providing such information to a competitor of MSP. If client wishes to terminate services, see Termination section below - any and all confidential and proprietary information must be properly removed and offboarded prior to allowing access to your systems.

Responsibilities

1. As your Managed Services Provider, we have a responsibility to ensure the services we provide you are up and running with our best efforts. Technicians are available via our Help Desk Ticketing platform - using the ticket portal or email to support@mstech.info. Our typical hours are 8am - 6pm (CST) Monday-Thursday and 8am - 5pm Friday, however 24x7x365 after-hours options are available.

2. Client must submit support requests or known problems to MSP in a timely manner, allowing sufficient time for the response, escalation and resolution process necessary to provide the necessary required up-time and efficiency. Tickets will be worked and prioritized based on critical business systems and key positions initially identified and agreed upon by both parties.

3. Client is required to provide availability of one primary point of contact with substantial knowledge and experience. After-hours access or additional contact information for a designated internal resource, if different from primary point of contact. Client must notify MSP as soon as possible of any changes in key personnel or management involved in operations of managed services.

4. Client must follow proper procedures of requesting ANY AND ALL assistance or support: Support Tickets must be created for all questions, assistance or support requests using the proper channels - preferred methods include using the ticket portal or email to support@mstech.info - if those methods are inconvenient, you may call our helpdesk staff, who will create a ticket for you.

5. Aside from any responsibilities of MSP in your agreement, LOA, and/or addendums, client is responsible to provide a best effort on ensuring your devices, internet connection, security, and software are configured and working properly so that they can communicate with our systems. In general, if there is a self-service option available for your service (e.g. software installation, password resets, troubleshooting user error, any system which provides an end-user portal and it’s included functionality, etc.), your responsibility extends to utilizing it and we are most willing to provide instructions or guidance. In the event there is a problem where we are unsure of the source, we will work with you to determine whether the issue is on our side of responsibility or yours. This troubleshooting will initially be done remotely or via phone at no charge. If the problem is determined to be on your side of responsibility or cannot be determined through these means, it will possibly require a billable onsite service call (travel charges may apply).

6. Client must maintain adequate broadband access to systems necessary for proper rendering of services

7. All managed systems must be connected to broadband and powered on at all times (updates and configuration changes are generally performed outside of Client's regular business hours).

8. Client is required to provide MSP access to any necessary resources such as, but not limited to:

   1. Information on all local as well as remote users

   2. Physical and cyber-security information

   3. Software, to include operating systems as well as 3rd-party applications

   4. Hardware systems

   5. Vendor information and support

9. Client must not hold MSP responsible if client opts not to implement MSP recommendations (e.g. hardware upgrades, support and warranty services, security recommendations, etc.). This includes hardware, software, licenses, products, or services not provided by or approved by MSP.

10. Client must provide, in writing, MSP with business priorities. workflow, and critical operations in order for effective processing of ticket response and resolution.

11. Client hereby grants MSP authorization, with administrative access to all systems and client devices in order to install and maintain monitoring and management software as well as maintain necessary updates to software, security systems, firmware, warranties, etc. Any exceptions must be documented in writing.

12. Client must notify MSP prior to any 3rd party activities which may affect managed systems (e.g. software updates, ANY changes by Internet Service Providers, hardware upgrades or changes, policies and requirements, etc.).

13. Client shall not approach employees or subcontractors of MSP for the purpose of hiring, recruiting, or any type of work (paid or unpaid) which may conflict with any aspect of MSP's business operations and services defined in this agreement or otherwise without written permission. Client may not hire employees or subcontractors of MSP for a period of twelve months after working with MSP. Such actions are subject to the higher of 100% of the entire contract amount or the last twelve months average of the employee/subcontractor wages.

14. It is the Client's responsibility to enforce workplace policies to disallow local connectivity of any computers or media which may not be properly protected. Workplace policies must also clearly define unacceptable usage of company systems which unnecessarily exposes the environment to hackers, viruses, malware, etc. Consult MSP for example policies or training suitable for your environment.

15. In the event of a sale or transfer of the Client’s business/organization, It is the Client’s responsibility to transfer this and any other existing agreements and responsibilities with MSP to the (new) owner(s)/manager(s) assuming control of other business operations. In the event responsibilities are not properly transferred and documented as belonging to new owner(s)/manager(s), the original signor of agreement or responsible party at the time of sale/transfer will be held responsible for any and all payments, expenses, terms and conditions herein. Note that MSP’s services and equipment maintained may hold great value that we will gladly appraise equipment and services as a asset in order for you to include it with the valuation of your business/organization. MSP is also available to assist in transition of data, accounts, and services, as well as the transfer of this agreement, etc. as an excluded service.

    1. In the event the original signor is unavailable or no longer to assume the requirements of this agreement, any party providing payment/compensation for any agreement with products and/or services provided by MSP for no less than 3 months will be assumed as a signor for such products and/or services, therefore bound to the terms and conditions of this Master Service Agreement regardless of terms between original signor and new owner(s)/manager(s).

16. Client must make provisions for offboarding any managed machines which are the property of (or become the property of) any staff member, subcontractor, etc. leaving client’s managed organization. It is the client’s responsibility to create a ticket with MSP and schedule having the machine online in order to have it offboarded, otherwise client is responsible for MSP charges to track down the machine and have it brought online to properly offboard and remove any of MSP’s credentials, policies, applications, etc.

Termination

This Agreement may be terminated by the Client upon ninety (90) days written notice if the MSP (for clarification, billing would be due through the end of the month in which the 90 days falls with no proration):

1. Fails to fulfill in any material respect its obligations under this Agreement and does not cure such failure within sixty (60) days of receipt of such written notice.

2. Breaches any material term or condition of this Agreement and fails to remedy such breach within sixty (60) days of receipt of such written notice.

3. Terminates or suspends its business operations, unless it is succeeded by a permitted assignee under this Agreement.

This Agreement may be terminated by the MSP upon sixty (60) days written notice if the Client:

1. Fails to fulfill in any material respect its obligations under this Agreement and does not cure such failure within sixty (60) days of receipt of such written notice.

2. Breaches any material term or condition of this Agreement and fails to remedy such breach within sixty (60) days of receipt of such written notice.

3. Terminates or suspends its business operations, unless it is succeeded by a permitted assignee under this Agreement.

Any termination request by Client requires a meeting between Client and MSP within fifteen (15) days in order to discuss and possibly resolve any disputes. If unable to resolve dispute with Client, MSP reserves the right to request legal mediation for a remedy with Client responsibility of any and all associated legal fees accrued by Client and MSP.

If either party terminates this Agreement, MSP will assist Client in the orderly termination of services, including timely transfer of the services to another designated provider. Client agrees to pay MSP the actual full-priced rates of rendering such assistance. A termination fee of the 80% average past three months of service under this agreement and any sub-agreements for the remaining term of the contract will be assessed unless termination is legally deemed acceptable or agreed to by both parties. Offboarding of all machines, software, agents, etc. will be necessary and is time-dependent on number of machines and services provided with a minimum of 15 business days. Some services may be bound under a 3rd-party agreement (e.g. Microsoft accounts, Google accounts and some other services are defined based on their own terms and may not be canceled or transferred based on the terms of that vendor). Billing of any and all services will continue until all offboarding, transfers and/or cancellations are complete.

If Client requests early termination without cause legally deemed acceptable, MSP may agree without requiring legal mediation, in which case a termination fee not less than 80% of the average past three months of service under this agreement and any sub-agreements for the remaining term of the contract will be assessed.

Miscellaneous
This Agreement shall be governed by the laws of the State of Mississippi. It constitutes the entire Agreement between Client and MSP for monitoring/maintenance/service of all equipment listed in attached appendices. Its terms and conditions shall prevail should there be any variance with the terms and conditions of any order submitted by Client.

Acceptance of Agreement
This agreement covers only those services and equipment initially (or currently) defined and inventoried. An inventory of covered items may be provided to Client at any time upon request. The addition or modification of equipment/services not listed in this Proposal at signing, if acceptable to MSP, shall result in an adjustment to the Client’s monthly estimate.

Services covered are priced based on normal weekdays (Monday-Friday) during our regular business hours, which as of January 1, 2022 are 9am-6pm Monday-Thursday and 9am-5pm Friday. Services provided outside these times are subject to higher rates and/or any specific project terms included in the client proposal or addendums.

Response and Escalation Targets
The following table shows the targets of response and escalation times for each priority level, as determined by MSP.

Priority: 1
Trouble: Service Not Available - all users and business functions are unavailable
Target Response Time: Within 2 business hours
Escalation Threshold: 4 business hours

Priority: 2
Trouble: Significant degradation of service - large percentage of users or business critical functions affected
Target Response Time: Within 4 business hours.
Escalation Threshold: 8 business hours

Priority: 3
Trouble: Limited degradation of service - limited number of users or business functions affected
Target Response Time: Within 2 business hours.
Escalation Threshold: 4 business hours

Priority: 4
Trouble: Minor service degradation - business processes continue (e.g. 1 user affected)
Target Response Time: Within 16 business hours.
Escalation Threshold: 24 business hours

Note: “Escalation Threshold” is the time in which an issue is given to be resolved at each tier (level) of support as defined below:

Tier 1 Support
All support incidents begin in Tier 1, where the initial trouble ticket is created, the issue is identified and clearly documented, and basic hardware/software troubleshooting is initiated.

Tier 2 Support
All support incidents that cannot be resolved with Tier 1 Support are escalated to Tier 2, where more complex support on hardware/software issues can be provided by more experienced Engineers.

Tier 3 Support
Support Incidents that cannot be resolved by Tier 2 Support are escalated to Tier 3, where support is provided by the MSP Owner or most qualified and experienced Engineers who have the ability to collaborate with 3rd Party (Vendor) Support Engineers to resolve the most complex issues.

Service Request Escalation Procedure

1. Support Request is Received via email (support@mstech.info), ticket portal, or phone

2. Trouble Ticket is created

3. Issue is Identified and documented in our Help Desk Ticketing system

4. Issue is qualified to determine if it can be resolved through Tier 1 Support

If issue can be resolved through Tier 1 Support:

1. Level 1 Resolution - issue is worked to successful resolution

2. Quality Control –Issue is verified to be resolved to Client’s satisfaction

3. Trouble Ticket is closed, after complete problem resolution details have been updated in Help Desk system

If issue cannot be resolved through Tier 1 Support:

1. Issue is escalated to Tier 2 Support

2. Issue is qualified to determine if it can be resolved by Tier 2 Support

If issue can be resolved through Tier 2 Support:

1. Level 2 Resolution - issue is worked to successful resolution

2. Quality Control –Issue is verified to be resolved to Client’s satisfaction

3. Trouble Ticket is closed, after complete problem resolution details have been updated in Help Desk system

If issue cannot be resolved through Tier 2 Support:

1. Issue is escalated to Tier 3 Support

2. Issue is qualified to determine if it can be resolved through Tier 3 Support

If issue can be resolved through Tier 3 Support:

1. Level 3 Resolution - issue is worked to successful resolution

2. Quality Control –Issue is verified to be resolved to Client’s satisfaction

3. Trouble Ticket is closed, after complete problem resolution details have been updated in Help Desk system

If issue cannot be resolved through Tier 3 Support:

1. Issue is escalated to Onsite Support

2. Issue is qualified to determine if it can be resolved through Onsite Support

If issue can be resolved through Onsite Support:

1. Onsite Resolution - issue is worked to successful resolution

2. Quality Control –Issue is verified to be resolved to Client’s satisfaction

3. Trouble Ticket is closed, after complete problem resolution details have been updated in Help Desk system

If issue cannot be resolved through Onsite Support:

1. I.T. Manager Decision Point– request is updated with complete details of all activity performed and passed
   to manager for resolution or a meeting request with client. Hardware or software vendor support or consultation may be recommended.

   Note: Regarding Service Level Agreements, escalation and resolution process and times may differ for products and/or services provided by our national partners.

MSP Shared Responsibility Model

As your Technology Solutions Provider, we have a responsibility to ensure the service we provide you are up and always running. Technicians are available via email: support@mstech.info. Our typical hours are 9am - 6pm Central time Monday-Friday, however 24x7x365 after-hours options are available.

As the customer, it is your responsibility to make sure your devices, internet connection, security, and software are configured and working properly so that they can communicate with the necessary platforms. Unless of course, you have contracted us for that!

In general, if there is a self-service option available for your service, your responsibility extends to using it and we are happy to provide instructions or guidance. However, if you need additional assistance, we may provide those services at your agreement rate or you may contact us to discuss your options for contracting our support services.

When there is a problem where we are unsure of the source, we will work with you to determine if the problem is on our side, your side (or coming from a 3rd party). This troubleshooting will initially be done at your agreement rate. If the problem is determined to be on your side, we will either perform all means necessary within our agreed area of responsibility. When problems exist with your ISP or another 3rd party, additional fees may be assessed (also refer to “Excluded Services” in our agreement above).

———————————— END OF AGREEMENT ————————————

Examples of Managed Services which may be included in your proposal and agreement

Managed Workstations:

·    Antivirus up to date and functioning correctly on all systems with and alerting of any detected threats

·    Patches and security updates, bug fixes, etc. updated twice weekly (or immediately if there is an eminent threat to the environment) for Microsoft products, as well as antivirus and other necessary system processes and software such as Java

·    Stability of information system environment – continuous testing of network speeds and resiliency

·    Management of users, shares, permissions, print queues; hard drive monitoring, cleanup and defragmentation; auto- restart of problematic services; updates and maintenance of supported software such as java, .net framework, runtimes, pdf reader

·    All software changes are logged, blacklisted applications are flagged, whether installed by a user or by another process

·    Alerting of dangerous conditions such as low memory, hard drive failure or low disk space, unusual network communications, etc.

·    Disk defragmentation as well as other maintenance processes are run automatically (generally weekly) when fragmentation reaches a given threshold on any computer; continuous file corruption monitoring

·    Continuous monitoring of critical file server services, processes, directory structure

·    Backup status: monitoring and testing of successful backups (provided you have a supported managed backup solution)

·    Continuous monitoring for unusual activity among network users

·    Ensure supported critical software applications are functioning as designed on workstations (Microsoft Office, Bookkeeping Applications, Adobe, Java, etc.)

·    Weekly reboot of all systems – to include servers, ensuring they all boot properly, is done on weekends, ensuring a fresh start to your week

·    Continuous monitoring of bad processes and failure of running services on all computers and servers

·    There are over 900 monitors provided in our Managed Services system that we can customize and enable for any given computer or server

·    Please refer to your complete agreement for details and terms of services

Office General:

·    Internet connectivity monitoring for efficiency and uptime

·    Security Appliance functionality of real-time intrusion prevention; updates and validity of current subscription (if applicable), firmware updates and backup, VPN accessibility

·    Wi-Fi functionality, security and efficiency, firmware updates and backup, basic configurations such as 2 customer- defined SSIDs for isolated secure and guest networks; troubleshooting for connectivity issues with devices covered by agreement; reporting and monitoring of signal strength, connected devices, etc.

·    Network printer management

·    Management of smart network switches for connectivity, efficiency and security; firmware updates and backup

EDR / Antivirus / Antimalware / Anti-ransomware:

·    Control access to websites as well as local networks and hardware with strict policies developed by MSP and client, which will be applied to and enforced on all machines.

·    Policies may be customized based on users as well as types and roles of computers.

·    Real-time policy changes, reporting, scans and customization is performed by our technicians in our advanced cloud console.

·    Bitdefender has been rated #1 for the last 6 years, best in protection and performance.

·    It maximizes the protection against Ransomware, and is light years ahead of the industry in NEX-GEN behavioral heuristics.

·    Several new add-on features are available including Email Security, Endpoint Detection and Response, Full Disk Encryption, and Pre-Execution AI Technology that enables Bitdefender to out-perform all NexGen and traditional antivirus applications.

 Support, Ticketing and Alerts:

·    Alerts on any of the managed items above items automatically create tickets and notify our technical team, who work quickly to correct issues - generally BEFORE they affect your productivity and efficiency!

·    We are constantly writing and updating scripts and monitors to keep your systems running smoothly.

·    Remote assistance during business hours is always available and is at our fingertips – with someone able to help within a couple of minutes of your ticket creation. Plus, many tasks can be performed in the background without us having to take over your screen and interrupt your users’ workflow.

·    Onsite service calls may sometimes be necessary. If applicable, your agreement will define any included onsite hours, but all additional time will be billed at your discounted rate, which is generally $100 - $150 per hour for most Managed Services plans, depending on terms. You may opt to include a number of onsite hours with your recurring monthly charges in order to budget costs more effectively. Unless otherwise specified, a minimum of 1 hour is billed for any onsite service call, then billed in increments of each half hour. Travel charges will generally apply for sites outside of Oktibbeha county. Minimum travel charge is $30, travel in excess of 60 miles is billed at $1 per mile.

·    Weekly or monthly detailed reports may be provided with an overview of service tickets that we have worked for your systems, network health, any deficiencies that should be addressed, etc.

·    We also have a ticket portal, where you may review and edit your organization's tickets.

Microsoft 365 Licenses are available in the form of web and/or desktop applications, as well as email accounts. Managed email accounts are encouraged for business efficiency and security.

Email encryption is also an option we are able to provide in order to send secure messages with personally identifiable information.

Password Vault: Our Password Vault is the optimal way for you to store all your passwords and MFA (2FA) keys for your entire company.

Features:

·    1. Allow users to store all their passwords in one place, never write a password on a slip of paper again!

·    2. Allow users to store all their MFA (2fa) Keys in one place - securely backed up to the cloud in case your phone is lost!

·    3. Automatic fill features available in all popular browsers - not more typing long complicated passwords!

·    4. Available on your phone and/or computer

·    5. Employers can automatically lock down users who have been terminated with a simple click they are locked out!

Our Business Password Manager is a must-have product for your organization Mitigates Risk of Data Breaches. It creates random, high-strength passwords for all your websites and applications then stores them in a secure vault on all your

devices. Bolsters Password Security and Privacy: Each employee gets a private, encrypted vault for storing and managing their passwords, credentials, files and private client data.

-   Boosts Employee Productivity: Saves employees time, frustration and eliminates the need for them to reset, reuse and remember passwords.

-   Strengthens Compliance Standards: Supports role-based controls, 2FA, auditing, event reporting and industry compliance with HIPAA, DPA, FINRA, GDPR and more.

-   World-class features that protect your business: Zero-Trust and Zero-Knowledge Security Architecture

Enterprise Vault: Utilizes best-in-class security with a zero-trust framework and zero-knowledge security architecture to safeguard your information and mitigate the risk of a data breach.

Record-Level Encryption: Data is encrypted at the customer-device level using layered, record-level encryption to provide world-class protection for credentials, metadata and files.

Private Vaults for Each Employee: Everyone gets a private vault to store and manage their passwords, files and private client data.

Password Generator: Generates strong, unique passwords and automatically fills them into apps and websites for your employees.

Shared Folders, Subfolders and Passwords: Securely create, share and manage both individual records and encrypted folders across teams or individual users.

Managed in our Admin Console: Distributes, manages and monitors our password vault across your entire organization and enforces password security, 2FA and other data security policies.

Role-Based Access: Employee permissions can be fully customized through fine-grained access controls based on the role and

responsibilities of team members.

 Version Control and Record History: A full history of records, previous versions, what changed, etc. is available

Password Security Audit Score and Reporting: Our Business Password Manager provides visibility into your password security with robust reporting and auditing tools to enforce internal controls and maintain compliance standards.

Cybersecurity Training

Training your staff is your one stop solution to bridge the gap left between even the best IT Security solutions and the hackers working to defeat them. In 2017, 63% of breaches in 2017 were due to users1. To truly harden your network, you need to close this gap. This is your one stop solution:

1.  Weekly security briefing emails to your users, along with a short quiz to verify they learned something. Scores are automatically recorded in your Manager Portal.

2.  Monthly Simulated Phishing emails are sent. Those users who “fall” for it will receive a notice that this was a fake and a short explanation on how they could have identified it. Results are automatically recorded in your Manager Portal.

3.  A security policy library where users can go and read and acknowledge corporate policies. Scores are automatically recorded in your Manager Portal.

4.  Monthly Dark web Scanning to see which of your users have been compromised and where. This will alert them to change their passwords and alert you to new exposures.

5.  Our unlimited access security video library (with testing) is available in case additional training needed for select users.

Disaster Recovery Foundational Plan

Project Summary

·    A Business Continuity Plan that identifies the critical processes and systems within your organization.

·    A Disaster Recovery Plan that will be used to restore IT services in case of an outage caused by facilities or systems being unavailable.

·    An Incident Response Plan that will guide the organization through responding to a cybersecurity event.

·    Include gap analysis and recommendations for improvement

Foundational - Through a combination of interviews, worksheets and/or surveys we will evaluate your organization and prepare a Disaster Recovery plan that fulfills NIST Cybersecurity Framework Identify, Respond and Recover objectives.

·    Organization knows they need a plan, but have not developed one.

·    Require guidance in collecting internal information and producing a set of plans that meet insurance/client/standards requirements

·    Need a baseline examination of critical processes/systems/facilities/personnel before they contemplate a more thorough plan.

This report is intended to bring awareness and act as a launching pad for future improvements to your disaster recovery capabilities.The final report will include:

·    a high level business continuity assessment identifying all core functional areas within your organization,

·    a prioritized order of operations for restoration of the core functional areas should a disaster occur,

·    strategic responses to possible outcomes resulting from a disaster incident,

·    high level steps to be done to restore operations,

·    identification of gaps between current and desired resilience and restoration capabilities,

·    a strategic incident response plan in case of disaster.

·    ONE complete disaster recovery plan

·    ONE complete incident response plan

·    ONE complete business continuity plan

Disaster Recovery Foundational Plan - Foundational Detail

Process

o  Business Continuity

§ Process and Systems Inventory

§ Plan Management

o  Disaster Recovery

§ Facility Inventory

§ Systems Inventory

§ Communications Plan

§ Plan Management

o  Incident Response

§ Detection Controls

§ Communications Plan

§ Plan Management

§ Deliverables

§ Business Continuity

§ Emergency Contact Information

§ Introduction

§ Office and Facility Locations

§ Priority Process Inventory

§ Updates and Annual Review Process

§ Distribution

§ Senior Manager Approval

§ Disaster Recovery

§ Introduction

§ Office and Facility Locations

§ Disaster Detection and Determination

§ Communications Plan (Internal/External)

§ Initiation of Plan

§ Activation of Backup Facilities

§ Disaster Recovery Strategy

§ System InventoryRecovery Team Descriptions

§ Updates and Annual Review Process

§ Distribution

§ Senior Manager Approval

§ Incident Response

§ Adverse Event Definition

§ Detection Controls

§ Communications Plan (Internal/External)

§ Recovery Team Descriptions

§ Incident Response Framework

§ Updates and Annual Review Process

§ Distribution

§ Senior Manager Approval

Compliance as a Service

·    Brings Enterprise Level Compliance capabilities to the small/medium business without the burden of full time staff

·    Allows you to comply with many regulatory requirements such as HPAA, GDPR, NIST CSF, CMMC

·    Cyber Insurance Management tool allows you to easily respond to Cyber Insurance surveys to minimum your policy costs

·    Monthly assistance for any compliance deviations during the remediation phase of an event

·    Fraction CISO Compliance Officer monitoring your compliance status every month

·    Automated Asset Discovery - Automatically detect and monitor new devices that connect to the network and roll them into the overall plan

·    Compliance Report and Management - Easily pull reports and other essential data to display compliance at any time

Standardized internal assessment methodology

• Our approach walks you through the process

• Repeatable and non-arbitrary approach to performing a compliance assessment

Scans

• Technical scans are performed monthly

• Using our tool removes human error by having a specialized network appliance perform technical data collection

Role-Based assignments

• Divides the workload into three primary roles: Internal Auditor, Technician, and Site Admin.

• Allows flexibility in assignment of responsibilities in performing compliance assessments

Online forms and worksheets

• Complete worksheets and forms to provide critical information that cannot be collected automatically

• Easy to use, web-based forms filled at your convenience in order to centrally collect and manage your compliance data

Augment data found from automated scans

• Forms are created using data from the actual network layout rather than a generic checklist used by most providers

• These answer questions about your actual environment, users, and computers to provide critical and easily accessible details

Task notification

• As tasks are assigned, stakeholders are notified via email

• Makes performing the assessment process easy to track and develop

Auditor checklists

• Summary of documents for compliance with cross- references to other related information and documents

• Easily assesses your compliance position and gives you a document to show auditors as a starting point in order to help them easily visualize how you are performing your compliance measures. Speeds up the process by providing auditors what they need to have your audit completed in record time!

Evidence of compliance

• Detailed document showing information from both automated scans, augmented data, and questionnaires

• Gathers evidence into one document to back up the Auditor Checklists with real data

Information Policies and Procedures

• A standardized Policies and Procedures (P&P) that is designed as a starting place for organizations that might not have a P&P

• One of the first requirements is to have a P&P. Most organizations don’t have one that conforms to compliance standards. We provide an out of the box version for those organizations.

Scheduled Scans

• We perform re-scans monthly

• Looks for when you might need to update your compliance documentation to stay current

Risk Treatment Plans

• Shows issues found and tracks issues addressed based upon risk scoring methodology

• Track remediation efforts and provide a paper trail in the event of an audit or request for documentation

 Compliance Standard Specific Scans

• Scans system looking for information pertinent to the specific compliance standards

• Compliance standards require specific deeper scans looking for specific information. For certain regulatory requirements (such as GDPR), helps identify where personal data resides. For HIPAA, scans are performed looking for instances of ePHI

External Vulnerability Scans

• Scan external IP addresses of the organization

• Identify weaknesses that an external attacker can exploit within your network. This is not a substitute for a full penetration test, but is a good interim test

Report Archiving

• Compliance Manager software stores past assessments and reports

• Comply with retention requirements and be able to demonstrate not only current compliance, but ongoing compliance

Collaborative Compliance

• Invite others to collaborate in completing compliance assessments

• Subject Matter Experts are often required to assist in completing worksheets, forms, and providing information that cannot be discovered automatically. We provide a framework for inviting others to assist in the assessment process

The terms of this agreement are subject to change. Subscribe to this page with a service such as this one to track any changes.