Managed Secure Infrastructure
1) Scope of Services
The following services and support (collectively, “Services”) may be, but are not necessarily provided under the terms of an SOW. Some services below are delivered on an as needed basis throughout the term of the SOW. Definitions of Services are provided for your review at www.entechUS.com/ims-sow-definitions, the terms of which are hereby incorporated by reference.
A. Services:
i. IT Strategy and Administration:
a) Account Management & Strategy Services
b) Best Practice Health Assessments
c) IT Planning & Budgeting
d) Procurement
e) IT Asset Management & Documentation
f) Centralized Reporting
ii. Centralized Managed Infrastructure:
a) Diagnostics / Auditing Services
b) Maintenance Services
c) Monitoring Services; Alert Services
d) Network Infrastructure Services
e) Tier 1 Telecommunication Support Services
iii. Standard Cybersecurity Services:
a) Next Generation Anti-Virus / Endpoint Detection & Response (EDR)
b) Patch Management
c) DNS Filtering
d) IT & Cybersecurity Policies
e) Ransomware Protection
f) Dark Web Monitoring
g) User Awareness Training
h) Security Policy Vault
i) Phishing Attack Testing & Reporting
j) Firewall Management and Maintenance
iv. Advanced Cybersecurity Services:
a) Multi-factor Authentication Software
b) Hard Drive Encryption for all mobile workstations
c) Active Directory Change Control
d) Internal & External Vulnerability Scanning
e) Annual Cybersecurity Threat Report & Roadmap
v) Complete Managed Cybersecurity:
a) Security Incident Event Management (SIEM)
b) Security Operations Center (SOC)
c) Remote Secure Gateway for all Mobile workstations
vi) Infrastructure Support:
Network Infrastructure Support is designed to provide seamless connectivity and optimal performance across your various technology systems. Our team of skilled technicians is on available during business hours to address any network-related concerns or queries your organization may encounter. Whether it's troubleshooting connectivity issues or optimizing network performance we're here to assist. In the event of a critical network outage, we are equipped to swiftly handle escalations and restore services promptly, minimizing downtime and ensuring uninterrupted operations.
Should your team detect an issue with a service or device outside standard business hours, you can contact the Emergency Support team to report the issue. Entech’s team (security or network, as appropriate) will investigate the issue and act appropriately.
a) As needed remote technical support will be provided during the hours of 7:30am – 5:30pm EST Monday through Friday.
b) As needed onsite technical escalation support will be provided during the hours of 7:30am – 5:30pm EST Monday through Friday. Service Provider reserves the right to determine whether issues require onsite support.
c) As needed remote after-hours technical support will be provided for “emergency” support issues during the hours of 7:00am - 9:00pm EST Monday through Friday and 8:00am – 6:00pm Saturday through Sunday. Emergency issues are defined as a substantial interruption in business process for a company executive, division or location, for which no reasonable workaround is readily available.
vii) End-user Support:
The End-User Service Desk provides a point of escalation for your staff when they have an issue or question. The Entech staff is available during business hours to log issues and support your team. You can contact the IT Service Desk via email or phone. We commit to responding to your question promptly (response times based on severity). If you are contacting us to escalate a service outage, we will route the call to our technical center for prompt attention.
Should your team detect an issue with a service or device outside standard business hours, you can contact the Emergency Support team to report the issue. Entech’s team (security or network, as appropriate) will investigate the issue and act appropriately.
a) As needed remote technical support will be provided during the hours of 7:30am – 5:30pm EST Monday through Friday.
b) As needed onsite technical escalation support will be provided during the hours of 7:30am – 5:30pm EST Monday through Friday. Service Provider reserves the right to determine whether issues require onsite support.
c) As needed remote after-hours technical support will be provided for “emergency” support issues during the hours of 7:00am - 9:00pm EST Monday through Friday and 8:00am – 6:00pm Saturday through Sunday. Emergency issues are defined as a substantial interruption in business process for a company executive, division or location, for which no reasonable workaround is readily available.
B) Locations/Buildings Covered:
i) Services, as defined in an SOW, are available for all client locations as follows:
a) On-Site Services – Available to all client staff & locations within Entech current serviceable area.
b) Remote Services – Available to all client staff & locations with internet connectivity.
ii) Any client staff or locations that require on-site support, but are outside of Entech’s current serviceable area, Entech will coordinate & schedule support services with a qualified local resource, and client will be invoiced for service rendered directly by local provider.
2) Assumptions / Minimum Requirements / Exclusions
The scheduling, fees and provision of the Services are based upon the following assumptions and minimum requirements are that all computers on the Client network must have an Entech management agent installed on them.
The following services are expressly excluded under managed SOW’s:
A) Onsite or remote support required to remediate issues resulting from inadequate or deficient Client hardware or arising from Client’s failure to implement the Minimum Requirements. Service Provider will notify Client in writing any time Client’s network, equipment or environment falls outside of the Minimum Requirements, either end-of-life, or standard best practice.
B) Entech requires support agreements be maintained and up to date with any of Client’s Line of Business application providers. Entech will facilitate support and act as liaison on Client’s behalf with these providers.
C) Software Licensing – Entech does not support unlicensed software. Client represents and warrants that all installed software is licensed, and shall indemnify and hold Entech harmless for the use or installation of any unlicensed software that results in damages or liability, or the threat of damages or liability, including but not limited to the termination of Entech’s rights or contracts, together with costs and attorney fees to defend such claims. In the event that Client has any unlicensed software on premises, Client is responsible for notifying Entech of such so that a remediation plan can be prepared and implemented to assist Client in achieving 100% license compliance. Cost of consumables, replacement parts, hardware, software, shipping, network upgrades and associated services are outside the scope of this Agreement. Entech will provide consultative specification, sourcing guidance and/or Time and Material/Project offerings.
D) Labor expended on troubleshooting custom applications or devices that do not have active support agreements. This includes software, hardware, phone systems, network copiers, etc.
E) Restoration of lost data from a device, not managed and captured via a managed data protection (DR/BC) statement of work, is outside the scope of any and all agreements.
F) Service or repairs made necessary by the alteration or modification of equipment other than as authorized or performed by Service Provider.
G) ISP / Telephony provider outage – Entech does not maintain or support any external ISP (Internet Service Provider) or telephone service provider connectivity. This service is solely the responsibility of the ISP or telephone service provider. Entech can act as technical contact on Client’s behalf in communication to outside vendors.
H) Remediation of cybersecurity events, incidents, or breaches. While our services encompass proactive maintenance, support, optimization, and protection of network infrastructure, any and all remedial actions necessitated by cybersecurity events fall outside the scope of this agreement. This includes but is not limited to incident response, containment, forensic analysis, and mitigation measures. If a cyber event is to arise, Entech will provide guidance to Client on which 3rd party specialists (insurance, legal, law enforcement, etc) is appropriate to engage to address such situations, with any costs incurred being borne separately from any SOW.
I) Remediation of network/device Vulnerabilities identified through internal or external vulnerability scans. While our services focus on proactive maintenance, support, optimization, and security of network infrastructure, addressing vulnerabilities discovered via scans falls outside the scope of this agreement. Example of such vulnerabilities include intricate patching, sophisticated configuration adjustments, and potentially intricate system alterations. However, it's important to note that standard Microsoft Windows patching and vulnerability management are included within the scope of an SOW.
J) Support services required or requested outside the scope of this agreement may not be exchanged for days or services within this Agreement. Outside of scope support services are available and will be provided on either a Time and Material, or Project basis.
K) Projects: A Project is defined as a temporary (defined beginning/end) and planned one-time endeavor. Projects are unique in that it is not routine operation, but a specific set of operations designed to accomplish a singular goal. Projects are out-of-scope under an SOW, and must be agreed upon and managed in a separate SOW. Examples of Projects can be, but are not limited to: server installations or migrations, server reconfigurations, cloud migrations, workstation installations, moves, or rebuilds, (if workstations are not procured through Service Provider), structured wiring, equipment relocation, new software installations, software upgrades, core network upgrades and replacements (routers, firewalls, switches, core battery backups, power distribution units, wireless access points), regulatory/compliance/legal audits (eg. PCI, HIPAA, software compliance, Microsoft SAM audits, etc.) and/or endeavors that require multiple Service Provider resources.
L) Risk of Data Loss - Client assumes all risk of data loss from any and all causes or in any way related to or resulting from the repair or service of computer hardware, software or other equipment by Entech. Client hereby releases Entech from any claim or liability related to data loss for any reason whatsoever.
M) After-hours, non-emergency support labor. After-hours support will be billed at 1.5x the Service Provider’s then-current standard hourly rate if required.
N) Non-emergency support labor performed on Entech observed Holidays (listed below). If required, non-emergency support will be billed at 2x the Service Provider’s then-current standard hourly rate.
i. Entech observed holidays
• New Year’s Day
• Memorial Day
• Independence Day
• Labor Day
• Thanksgiving Day
• Thanksgiving Friday
• Christmas Day
3) Amendment and Application
Entech may amend or modify these Terms and Conditions in its sole discretion, at any time, upon written notice to Client (which notice may be provided in any invoice provided to Client), and such amendment or modification shall become effective fifteen (15) calendar days following such notice. These Terms and Conditions, and any subsequent amendment or modification, shall supersede any and all previous Terms and Conditions of the same nature between the parties; provided that in the event of amendment or modification of these Terms and Conditions, all then-effective SOWs and the Master Services Agreement shall remain in place subject to any amended or modified terms herein.
4) Users & Equipment Covered
Entech reserves the right to renegotiate rates based on additions of locations, users, hardware, software, hardware support requirements, and/or services as well as modify this Agreement (or any portion thereof) with a 30-day notice.
Any additional devices added to the network without the consent or acknowledgement of Entech will not be honored or supported by Entech under this agreement..
5) Health Insurance Portability and Accountability Act (HIPAA)
Entech understands that some of our clients in the Healthcare industry are “Covered Entities” under the Health Information Portability and Accountability Act (“HIPAA”) privacy regulations. As HIPAA Covered Entities, such clients are legally obligated to maintain the privacy of all individually identifiable patient information that they create or receive. While Entech is not a HIPAA Covered Entity, we recognize the impact that the HIPAA privacy regulations have on our clients. Entech remains committed to interacting with our clients in a responsible manner, and to maintaining the privacy of individually identifiable patient information that we receive on-the-job, consistent with applicable law and regulations. Entech has implemented an information security program and is committed to protecting PHI in accordance with the SOC 2 Security Principle and Criteria.
Entech has trained our employees and subcontractors about the requirements of the HIPAA privacy and security regulations. When visiting a client’s site, Entech employees and subcontractors endeavor to comply with customer requests designed to minimize the occurrence and effect of incidental disclosures of individually identifiable patient information.
6) Downtime & Maintenance Expectations
Scheduled Downtime. For the purposes of these Terms and Conditions, Scheduled Downtime will mean those hours, as determined by Entech but which will not occur between the hours of 7 AM and 6:00 PM EST (or EDT, as applicable), Monday through Friday without your authorization or unless exigent circumstances exist, during which time Entech will perform scheduled maintenance or adjustments to its network. Entech will use its best efforts to provide you with at least twenty-four (24) hours of notice prior to scheduling Scheduled Downtime.
Client-Side Downtime. Entech will not be responsible under any circumstances for any delays or deficiencies in the provision of, or access to, the Services to the extent that such delays or deficiencies are caused by your actions or omissions (“Client-Side Downtime”).
Integration Project Exception. You acknowledge and agree that for the first thirty (30) days following the commencement date of a SOW, the Response Time commitments described in these Terms and Conditions will not apply to Entech, it being understood that there may be unanticipated delays due to Entech’s initial startup activities with you (the “Integration Project Exception”).
Last revised May 5, 2024.