Spector – Terms of Service – Supplementary Terms – Managed IT Services
- General Terms & Conditions
- Supplementary Terms – Supply of Subscription Services
- Supplementary Terms – Managed Backup Services
- Supplementary Terms – Managed IT Services
- Supplementary Terms – Managed Cloud Services
- Supplementary Terms – Professional Services
- Supplementary Terms – Sale of Goods
- Supplementary Terms – Subcontract Block Hours
Supplementary Terms – Managed IT Services
The Services set out in these Supplementary Terms shall be supplied by Spector to the Client on the terms and conditions set out in Spector’s General Terms and Conditions and the terms and conditions of these Supplementary Terms. All definitions set out in the General Terms and Conditions shall, unless otherwise specified below, have the same meaning when used in these Supplementary Terms.
- SUPPLEMENTARY DEFINITIONS
1.1 ‘Cloud-Based Utilities’ means the collection of ancillary third-party provided services, including backup, anti-Malware, and monitoring services which will be used by Spector in support of the Managed IT Services.
1.2 ‘Configuration’ means the configuration of the IT Equipment, including hardware, installed software and all associated settings and or parameters.
1.3 ‘Data Centre’ means a remote data storage facility.
1.4 ‘Data Security Event’ means a breach of the security of the Client’s infrastructure resulting in loss or damage, including loss of usernames, passwords, Personal Data; crypto-locking or other Malware-related damage.
1.5 ‘Desktop’ (‘Endpoint’) means all computing devices save Servers, including desktop computers and laptop computers which collectively form a sub-set of the IT Equipment.
1.6 ‘Emergency Maintenance’ means any period of maintenance for which, due to reasons beyond its reasonable control, Spector is unable to provide prior notice of.
1.7 ‘End User’ means a user of the IT Equipment.
1.8 ‘Hardware’ means IT equipment including Servers, routers, switches, desktop machines and other electronic devices.
1.9 ‘Helpdesk’ means Spector’s dedicated team of qualified support specialists.
1.10 ‘Hosted Services’ means Software that is hosted in a Microsoft365 tenant and accessed by the Client remotely.
1.11 ‘Hours of Cover’ means the hours of cover set out in the Service Schedule, unless amended on the Quote.
1.12 ‘IT Equipment’ means Servers, Endpoints and any other electronic devices that are installed or used at the Client’s Site, which are listed on the Quote and is/are to be supported under the terms of this Agreement.
1.13 ‘IT Infrastructure’ means the IT Equipment, Local Area Network and their respective configuration.
1.14 ‘Local Area Network’ (‘LAN’) means the network infrastructure at the Client’s Site.
1.15 ‘Line of Business Application’ means the software which is installed on the IT Equipment and is provided by the Client.
1.16 ‘Managed IT Services’ means IT support services set out on the Quote and described in the Service Schedule.
1.17 ‘Monitoring Agent’ means Software which is installed on the Client’s Server by Spector which enables system monitoring and performance reporting.
1.18 ‘Network Equipment’ means network components save cabling, including switches, routers, Wi-Fi controllers, Wi-Fi and access points, which comprise a sub-set of the IT Equipment.
1.19 ‘Planned Maintenance’ means any period of maintenance for which Spector provides prior notice.
1.20 ‘Service Package’ means the bundle of Service Components which make up the Managed IT Services which the Client subscribes to.
1.21 ‘Server’ means IT Equipment that functions as a Server that is listed on the Quote.
1.22 ‘Site’ means Client’s site at which IT Equipment is located, as set out in the Quote.
1.23 ‘Software’ means the software which is installed on the IT Equipment, as listed on the Quote.
1.24 ‘Vulnerability Test’ means an automatic or manual check of system’s configuration pertaining to cyber security which is performed by Spector.
2.1 This Agreement will come into effect on acceptance of the Client’s Quote by Spector and shall run until the RFS Date (the ‘Run-Up Period’) and following the RFS Date for a Minimum Term of twelve months unless otherwise set out in the Quote.
2.2 This Agreement shall continue to run after the expiry of the Minimum Term (or subsequent Additional Term) for an Additional Term. The duration of the Additional Term shall be twelve months, unless otherwise set out on the Quote. Spector shall, not less than ninety days prior to the end of the Minimum Term or any Additional Term thereafter, notify the Client of changes to Charges and any other changes to the terms of this Agreement. In the event that:
2.2.1 The Client serves notice to terminate this Agreement in accordance with clause 11 of the General Terms and Conditions or clause 9 hereof, this Agreement shall terminate at the end of the Minimum Term or Additional Term thereafter;
2.2.2 The Client notifies Spector of acceptance of changes, the Agreement shall continue in force for an Additional Term;
2.2.3 The Client fails to notify Spector of acceptance of changes and fails to serve notice to terminate, such failure to notify Spector shall imply that the changes have been accepted and the Agreement shall continue in force for an Additional Term.
2.3 Notwithstanding the provisions of sub-clause 2.1, the Client may terminate this Agreement on written notice and without liability within one hundred and eighty days of the RFS Date if the Client is not satisfied with Spector’s performance of the Services.
- PROVISION OF SERVICES
3.1 Managed IT Services are provided to support the Client’s on-premise IT systems and Hosted Services. Managed IT Services will be provided by Spector remotely and if set out on the Quote, when required, visits shall be made to the Client’s Site. For the avoidance of doubt, Managed IT Services do not include the provision or support of network connectivity outside of the Client’s Site, nor do the Services include maintenance of hardware.
3.2 The Managed IT Services to be provided hereunder shall include those set out in the Quote and described in the Service Schedule. Managed services charges may vary based on the level of service usage. This is verified with each client on a monthly basis.
3.3 During the term of this Agreement, Spector shall be entitled to make alterations to the Configuration of the IT Equipment and / or Hosted Services. Such alterations may result in temporary disruption to the availability of the IT Equipment and / or Hosted Services and Spector will use reasonable endeavours to minimise such disruption and will provide as much notice as possible prior to such disruption.
3.4 Spector cannot guarantee and does not warrant that the Managed IT Services shall result in the IT Equipment or Hosted Services operating free from interruptions or temporary degradation performance quality.
3.5 Spector provides Cloud-Based Utilities under the terms of this Agreement; and:
3.5.1 Spector shall use reasonable endeavours to provide the Cloud-Based Utilities 24 x 7 x 365;
3.5.2 Spector cannot guarantee and does not warrant that the Cloud-Based Utilities will be free from interruptions, including:
- a) Interruption of the Cloud-Based Utilities for operational reasons and temporary degradation of the quality of the Server Monitoring services;
- b) Interruption of the network connection between the Cloud-Based and the IT Equipment; and
- c) Any such interruption of the Cloud-Based Utilities referred to in this sub-clause shall not constitute a breach of this Agreement.
3.5.3 Although Spector will use reasonable endeavours to ensure the accuracy and quality of the Cloud-Based Utilities, such are provided on an “as is” basis and Spector does not make any representations as to the accuracy, comprehensiveness, completeness, quality, currency, error-free nature, compatibility, security or fitness for purpose of the Cloud-Based Utilities.
- ACCEPTABLE USE
4.1 The Client agrees to use the IT Equipment and / or Hosted Services in accordance with the provisions of this Agreement, any relevant Service literature and all other reasonable instructions issued by Spector from time to time.
4.2 The Client agrees to ensure that the IT Equipment and / or Hosted Services are not used by its End Users to:
4.2.1 Post, download, upload or otherwise transmit materials or data which is abusive, defamatory, obscene, indecent, menacing or disruptive;
4.2.2 Post, download, upload or otherwise transmit materials or data uploads or make other communications in breach of the rights of third parties, including but not limited to those of quiet enjoyment, privacy and copyright;
4.2.3 Carry out any fraudulent, criminal or otherwise illegal activity;
4.2.4 In any manner which in Spector’s reasonable opinion brings Spector’s name into disrepute;
4.2.5 Knowingly make available or upload file that contain Malware or otherwise corrupt data;
4.2.6 Falsify true ownership of software or data contained in a file that the Client or End User makes available via IT Equipment or Hosted Services;
4.2.7 Falsify user information or forge addresses;
4.2.8 Act in any way which threatens the security or integrity of the IT Equipment or Hosted Services, including the download, intentionally or negligently, of Malware;
4.2.9 Violate general standards of internet use, including denial of service attacks, web page defacement and port or number scanning;
4.2.10 Connect to the IT Equipment or Hosted Services insecure equipment or services able to be exploited by others to carry out actions which constitute a breach of this Agreement including the transmission of unsolicited bulk mail or email containing infected attachments or attempts to disrupt websites and/or connectivity or any other attempts to compromise the security of other users of our network or any other third-party system;
4.3 The Client acknowledges that it responsible for all data and/or traffic originating from the IT Equipment and /or Hosted Services.
4.4 The Client agrees to immediately disconnect (and subsequently secure prior to reconnection) equipment generating data and/or traffic which contravenes this Agreement upon becoming aware of the same and/or once notified of such activity by Spector.
4.5 Subject to the provisions of sub-clause 10.13 of the General Terms and Conditions, the Client shall indemnify Spector against any third-party claims arising from the Client’s breach of the terms of this clause 4.
- CLIENT’S OBLIGATIONS
5.1 During the term of this Agreement, the Client shall:
5.2 Pay all additional Charges levied by Spector, including those arising from usage-based components of the Services.
5.3 Use reasonable endeavours to ensure that user-names, passwords and personal identification numbers are kept secure and:
5.3.1 On a regular basis, change access passwords for all IT Equipment and / or Hosted Services that in the Client’s reasonable opinion may be liable to access by unauthorised persons.
5.4 Agree that in all instances where it attaches equipment that has not been provided by Spector to the IT Equipment or Hosted Services that such equipment shall be technically compatible and conforms to any instruction issued by Spector in relation thereto.
5.5 Accept that if it attaches equipment that does not comply with the provisions of sub-clause 5.4 (‘Unauthorised Equipment’) and such Unauthorised Equipment in the reasonable opinion of Spector is causing disruption to the functionality of the IT Equipment, Spector shall be entitled to:
5.5.1 If technically possible, reconfigure the Unauthorised Equipment, and charge the Client for the work at its prevailing rate;
5.5.2 Charge the Client at its prevailing rate for any additional work arising from, or in connection with the Unauthorised Equipment;
5.5.3 Request that the Client disconnect the Unauthorised Equipment from the IT Equipment or Hosted Services; and if such request is not agreed by the Client within thirty days, terminate this Agreement forthwith.
5.6 Accept that is the Client’s sole responsibility to take all reasonable steps, including the implementation of anti-virus systems, firewalls and staff training to prevent the introduction of Malware into the IT Equipment or Hosted Services.
5.7 Be solely responsible for ensuring compliance with the terms of licence of any Software that is a component of the IT Equipment that has been provided by the Client.
5.8 Be responsible for providing external network connectivity, including access to the Public Internet, as required for the correct functioning of the IT Equipment and / or Hosted Services.
5.9 During term of this Agreement maintain a level of cyber-breach insurance cover that is appropriate to the risks associated with accidental destruction, damage, loss or disclosure of Client Data; general insurance to cover loss of or damage to the IT Equipment; and
5.9.1 In response to reasonable requests made by Spector, provide evidence to show compliance with this sub-clause;
5.9.2 Not do or omit to do anything which would destroy or impair the legal validity of the insurance;
5.9.3 If the Client suffers a Data Security Event and subsequently requests assistance from Spector, ensure that such request for assistance will not breach the terms of the insurance policy prior to requesting assistance from Spector;
5.9.4 Acknowledge that insurance will not relieve the Client of any liabilities under this Agreement.
- SPECTOR’S OBLIGATIONS
During the term of this Agreement, and subject to the performance by the Client of its obligations hereunder, Spector shall:
6.1 Provide the Services set out in the Quote and described in the attached Service Schedule.
6.2 During the hours of cover set out in the Quote, make available a Helpdesk that shall provide support and guidance in the use of the IT Equipment and / or Hosted Services and manage the resolution of all Incidents raised by the Client.
6.3 During the Hours of Cover set out in the Service Schedule or as amended in the Quote, monitor the performance of the Servers.
6.4 Respond to Incidents reported by the Client and make reasonable endeavours to repair any Incident that is within the IT Equipment, Hosted Services or directly caused by Spector, its employees, agents, subcontractors or suppliers.
6.5 Proactively respond to Incidents reported by the Monitoring Agents and make reasonable endeavours to repair any Incident that is within the IT Equipment or Hosted Services.
6.6 During the Run-Up Period, Spector shall carry out pre-service on-boarding services as described in the Service Schedule.
6.7 Spector shall prepare and maintain a detailed plan for the orderly transition of the Services from Spector to the Client or its nominated replacement supplier (the ‘Exit Plan’); and the Exit Plan shall as appropriate include the following:
6.7.1 A list of objectives of the plan;
6.7.2 A timeframe for the achievement of each objective;
6.7.3 Any pre-requisites required for the delivery of each objective;
6.7.4 Any risks associated with the delivery of each objective;
6.7.5 Roles and responsibilities;
6.7.6 Spector’s reasonable Charges for executing the Exit Plan; and
6.7.7 Examples of Exit Plan objectives include:
- a) Hand-over of server images;
- b) Hand-over of backups of Client Data;
- c) The orderly removal of Client Data from Spector’s Infrastructure;
- d) The continuity of delivery of the Services;
- e) The orderly removal of any Monitoring Agents installed by Spector on the Client’s Equipment to enable delivery of the Services.
- Clause Intentionally Unused
8.1 If Spector carries out work in response to an Incident reported by the Client and Spector subsequently determines that such Incident either was not present or was caused by an act or omission of the Client, Spector shall be entitled to charge the Client at its prevailing rate.
8.2 In the event of persistent breach of clause 4.2.8, Spector shall be entitled to:
8.2.1 Charge the Client at its prevailing rate for the removal of Malware;
8.2.2 Terminate this Agreement.
8.3 Spector may perform any Planned Maintenance that may limit the availability of the Cloud-Based Utilities. Planned Maintenance will be scheduled to minimise disruption to the Client. The Client will be notified at least forty eight hours prior to such Planned Maintenance taking place.
8.4 Spector may be unable to provide prior notice of Emergency Maintenance to the Cloud-Based Utilities, but will endeavour to minimise the impact of any such maintenance on the Client.
8.5 If the Client suffers a Data Security Event and subsequently requests assistance from Spector, it is the Client’s sole responsibility to ensure that such request for assistance will not breach the terms of any cyber-insurance policy that the Client has in place, prior to requesting assistance from Spector.
8.6 If the Client is contacted by Spector and requested to make a change to the Configuration of the IT Equipment or Hosted Services, it is the Client’s sole responsibility to verify the identity of the requestor prior to carrying out the requested change.
8.7 If Spector resets any passwords during the execution of the Services, it shall be the Client’s sole responsibility to change such changed passwords and ensure that such changes are compliant with any security policy that may be in effect.
8.8 The Client acknowledges that if it elects not to take advice in given by Spector in relation to the security and performance of the IT Equipment or Hosted Services, there may be a resulting risk to the integrity of the IT Equipment or Hosted Services and that Spector shall not be liable for any degradation in integrity or security resulting from such decision and that any additional costs incurred by Spector resulting there from will be charged to the Client.
8.9 The Client hereby consents to Spector and its sub-contractors accessing the IT Equipment and Hosted Services, for the sole purpose of providing the Services.
9.1 In addition to the provisions of clause 11 of the General Terms and Conditions, this Agreement may also be terminated:
9.1.1 By either party by giving the other not less than sixty days’ notice in writing to terminate at the end of the Minimum Term or any Additional Term thereafter.
9.1.2 By the Client giving sixty days’ notice in writing if Spector makes a change to the Services or terms of this Agreement which is materially disadvantageous to the Client (for the avoidance of doubt, not including changes to Charges) PROVIDED THAT such notice is given within twenty eight days of the effective date of the change and such change does not arise from a statutory requirement issued by government, a regulatory body or other competent authority.
9.2 Spector may terminate the provision of any Service Component on written notice in the event that its supplier of such Service Component ceases to provide the Service Component to Spector.
9.3 On termination of this Agreement, Spector shall charge the Client for the off-boarding of the IT Equipment (‘Off-Boarding Charge’), at its prevailing rate.
- CHARGES AND PAYMENT
10.1 Invoices for periodic Charges shall be raised in advance of the relevant period. The invoicing period is set out on the Quote.
10.2 The periodic Charge will be based on the higher of the number of Endpoints, Mailboxes and Users set out on the Quote and the number discovered by Spector’s Monitoring Agent or true up processes as reported in the previous charging period.
10.3 Spector shall commence charging for the Managed IT Services from the RFS Date, regardless of the date on which the Client commences use of the Managed IT Services. If the RFS Date does not correspond with Spector’s invoicing period as set out in the Quote, Spector shall charge the Client at a pro-rata rate for the first invoicing period.
10.4 On-boarding and usage-based Charges, including Charges made for use of Services in excess of any pre-paid amounts, will be invoiced in arrears.
10.5 The Client acknowledges that the Charges for the Minimum Term are calculated by Spector in consideration inter alia of the setup costs to be incurred by Spector and the length of the Minimum Term offered.
10.6 The Managed IT Services will be provided by Spector for use by the Client on a fair use basis. If, in the reasonable opinion of Spector, the Client’s use of the Services is deemed excessive, Spector shall be entitled to charge the Client at its prevailing rate for the supply of such Services.
10.7 The Client agrees that it shall be liable for termination Charges if this Agreement is terminated by:
10.7.1 The Client terminating this Agreement for convenience prior to the end of the Minimum Term, whereupon the Client shall be liable for the fixed periodic Charges payable for the remainder of the Minimum Term and the Off-Boarding Charge;
10.7.2 Spector terminating this Agreement prior to the end of the Minimum Term by reason of the Client’s un-remedied breach of the terms of this Agreement, whereupon the Client shall be liable for the fixed periodic Charges payable for the remainder of the Minimum Term or Additional Term, as applicable and the Off-Boarding Charge.
10.8 The Client shall not be liable for termination Charges if this Agreement is terminated by:
10.8.1 The Client at the end of the Minimum Term or end of any Additional Term PROVIDED THAT the Client properly serves written notice to terminate, in accordance with clause 9;
10.8.2 Spector at any time if it can no longer provide the Services;
10.8.3 The Client by reason of Spector’s un-remedied or repeated breach of the terms of this Agreement;
10.8.4 A right of termination arises under the provisions of sub-clause 9.1.2.
- LIMITATIONS AND EXCLUSIONS
11.1 In addition to the terms set out in clause 12 of the General Terms and Conditions, Spector shall also be entitled to suspend the provision of Services, in whole or part, without notice due to Spector being required by governmental, emergency service, regulatory body or other competent authority to suspend Services.
11.2 This Agreement and the Services provided by Spector do not include:
11.2.1 The maintenance or support of any equipment that is not listed on the Quote, which for the avoidance of doubt also excludes employee-owned equipment;
11.2.2 Repair or replacement of any damaged IT Equipment where such damage is caused by accident, misuse or wear and tear;
11.2.3 The supply of any consumables;
11.2.4 Recovery of Client data whose loss can be reasonably attributed to accidental deletion, mis-use or negligence by the Client;
11.2.5 Unless the Client subscribes to Spector’s Complete Package or Enhanced Security Package, removal of Malware or the recovery of Client Data that results from Malware infection;
11.2.6 Remediation following a cyber-breach or hack;
11.2.7 Remediation of issues caused by Windows 10 and Windows 11 feature upgrades;
11.2.8 Operating system installation or re-installation;
11.2.9 Software installation;
11.2.10 Bare-metal restores;
11.2.11 Third-party application or Line of Business Application support;
11.2.12 Support for any Software that is not currently supported by its vendor;
11.2.13 The provision of development projects;
11.2.14 The provision of End User or ‘how to’ training;
11.2.15 Support for internet service provider outages;
11.2.16 Power management or UPS support;
11.2.17 End user training of any kind;
Spector may at its sole discretion provide any of the excluded services listed in this sub-clause 11.2, and charge for the supply thereof at its prevailing rates.
11.3 Spector cannot provide any greater warranty than that offered by the IT Equipment’s supplier, and if parts are required to fix a failure that are not covered by the manufacturer’s warranty, or such hardware is not covered by manufacturer’s warranty, Spector’s obligation shall be limited to using reasonable endeavours provide the Client with a quotation for the supply of the replacement part and labour required to install the replacement part prior to the supply thereof, and Spector does not guarantee that it will be able to source the replacement part.
11.4 Whilst Spector’s Monitoring Agents are intended to proactively identify most system-related Incidents, Spector does not warrant and cannot guarantee that the Monitoring Agents will identify all system-related Incidents and shall not be liable for any losses, damages or costs unless such result directly from the negligence of Spector.
11.5 Cloud-Based Utilities are provided on an ‘as is’ basis, without warranty, guarantee of fitness for purpose or suitability for the Client’s purpose; and
11.5.1 Spector shall not be liable for any damage or costs resulting from a failure of an update to the antivirus or anti-Malware software or definitions, or failure to detect Malware, unless such failure is caused by the negligence of Spector.
11.6 Spector shall not be liable for any damages, costs or Charges arising from damage to, or theft of backup data that is transmitted from the Client’s Site to the Data Centre via the Public Internet, nor for any other losses that occur due to reasons beyond its reasonable control.
11.7 Patches are supplied by Spector-authorised software vendors and not Spector. Spector will use reasonable endeavours to prevent a patch causing an adverse reaction with any particular machine configuration, but Spector shall not be liable for any disruption resulting from the installation of patches. In such circumstances, Spector’s sole responsibility will be to de-install the patch or roll back to an appropriate restore point to resolve the issue.
11.8 The Client acknowledges that there is a small risk that Vulnerability Tests carried out by Spector under its optional vulnerability scan / penetration testing service may cause problems in the Client’s IT Infrastructure, including routers and / or firewalls ceasing to function correctly and database and storage access issues. The testing of the Client’s IT Infrastructure for correct functioning after Spector’s Vulnerability Tests and any necessary reconfiguration and any associated costs shall be the Client’s sole responsibility; and
11.8.1 Whilst Spector warrants that it shall use reasonable care during the execution of Vulnerability Tests, Spector shall not be liable for any losses or damage which arise either directly or indirectly from its access to the Client’s IT Infrastructure, unless such loss or damage is caused directly by Spector’s negligence.
Spector offers a number of different Service Packages. Each of the Service Packages offered by Spector is described in this Service Schedule and in addition, each of the Service Components which make up the various Service Packages is described in more detail. The actual Service Packages that are subscribed to by the Client are listed on the Quote.
- Service Package Summary
This paragraph summarises each of the Service Packages offered by Spector. The individual Service Components listed in each Service Package are more fully described in the following paragraphs.
Spector Helpdesk – Essentials, Plus, Premium
Spector Cyber Security Device – Essentials, Plus, Premium
Spector Cyber Security Mailbox – Essentials, Plus, Premium
Spector Cyber Security Backup – Essentials, Plus, Premium
Spector Compliance – Essentials, Plus, Premium
Prior to commencement of the Services, Spector will on-board the Client’s IT infrastructure:
Review and if necessary will advise the Client of changes to the IT Equipment’s configuration that are required to ensure that the Services detailed in this Service Schedule can be delivered effectively. This will include but is not limited to the configuration or protective services such as anti-virus software and backup software.
Install Monitoring Agents, anti-Malware software and inform the Client if Spector is unable to configure any of the IT Equipment to provide the necessary alerting and will agree a suitable alternative with the Client
Document the Client’s IT Infrastructure’s architecture in IT Glue.
3.1 Subject to fair usage, there are no restrictions on the number of Incidents that the Client can report to Spector’s Helpdesk. Spector’s Helpdesk provides support and assistance in the use of the IT Equipment and / or Hosted Services, including the following:
- Management of the prompt resolution of Incidents within IT Equipment and / or Hosted Services that are identified by the Client. Provision of help and guidance in the use and configuration of the IT Equipment and / or Hosted Services
- Remote access to facilitate Incident resolution if possible and appropriate
- Escalation management if required in the event of protracted Incident resolution
- Third-party vendor liaison where required (Plus and Premium only)
- In the first instance, Spector will endeavour to resolve Incidents remotely. However, if Spector determines that an on-Site visit is either necessary or is the most efficient manner to resolve an Incident, Spector will dispatch an engineer to the Client’s Site.
- Spector will not unreasonably delay the dispatch of an engineer to the Client’s Site.
- Subject to fair usage in our Helpdesk Plus and Premium packages, there are no restrictions on the number of on-Site visits that Spector will make to support the IT Equipment if it is not possible to resolve an Incident remotely. Clients on Helpdesk Essentials will be quoted in advance for onsite support or can have this covered using a Block of Time Agreement.
3.2 The Client may raise Incident reports by one of the following methods:
- If the Client subscribes to Complete or Enhanced Security Service Package, via the Spector App
- By Email to Spector’s Helpdesk: email@example.com
- By Telephone to Spector’s Helpdesk: +353 1 6644190
3.3 The Helpdesk is available during the Hours of Cover, which are from 8.o0am to 6.00pm Monday to Friday, excluding bank holidays.
3.4 Spector shall aim to make an initial response to the Client’s request for assistance within thirty minutes of the Client raising the Incident report and shall use reasonable endeavours to resolve the Incident.
3.5 When reporting an Incident, the Client should provide the following information:
- Name of Client and person reporting the Incident
- Contact telephone number
- Description of the Incident
- Description of actions taken prior to the Incident occurring
- Explanation of how the Incident has been diagnosed
- Any other relevant information
3.6 The Helpdesk will respond to reported Incidents during the Helpdesk’s Hours of Cover, which are 8am to 6pm Monday to Friday, excluding bank and public holidays.
3.7 Spector will prioritise, respond to and progress Incidents in accordance with paragraph 4 of this Service Schedule.
- Service Level Agreement
4.1 Spector’s Helpdesk SLA targets are:
The following table shows the targets of response and resolution times for each priority level. Please note that our SLA covers standard working hours only. Emergency and out of hours cover is subject to Best Effort response times only,
|Resolution time (in hours)|
|Service not available (all users and functions unavailable)||1=Critical||15 mins||ASAP – Best Effort|
|Significant degradation of service (large number of users or business critical functions affected)||2=Quick||30 mins||ASAP – Best Effort|
|Limited degradation of service (limited number of users or functions affected, business process can continue).||3= Normal||Within 2hours||ASAP – Best Effort|
|Small service degradation (business process can continue, one user affected)||4= Scheduled||Within 8 hours||ASAP – Best Effort|
4.2 Spector shall make reasonable endeavours to meet the targets set out in this paragraph 4. Failure by Spector to meet such targets shall not be deemed a breach of this Agreement.
- Complaint Handling
5.1 If dissatisfied with any Services-related matter, the Client should make a complaint using the following escalation path. If the complaint remains unresolved, the Client should escalate to the next level in the escalation path.
Communicate with Spector Operations Team – 01 6644190, email firstname.lastname@example.org
Communicate with Senior Management – 01 6644190, email P1@spector.ie
Escalation Level Role Contact Details
David Dunwoody – Service Desk Team Lead, email@example.com
Jamie Crooks– Operations Manager, firstname.lastname@example.org
Complaint Handling Contacts
Kane Caswell – Commercial Manager, email@example.com
5.2 Formal complaints can be made by e-mail or telephone, and will be responded to within three Working Days.
- Standard Operating Procedures
6.1 Spector Technology Standards
Drawing on its many years’ experience of supporting business-critical IT Infrastructure, Spector has developed an extensive library of technology standards (‘Spector Technology Standard’), which address technology, the manner in which technology is used, and increasingly, compliance. Spector will regularly evaluate the Client’s IT Infrastructure against the Spector Technology Standard and identify any misalignments. These are communicated through periodic Strategic Business reviews.
6.2 Client-Specific Standard Operating Procedures
Spector will work alongside the Client to develop and maintain Client-specific standard operating procedures to assist with the management of business as usual changes including new starters, leavers and data management
- IT Documentation & Runbook
Spector will maintain the documentation of the IT Infrastructure, identify the roles of each component of the IT Infrastructure and on request provide the Client with a copy of the documentation. The documentation will include:
- Password Documentation: All system administrative passwords will be recorded and held securely in an encrypted format by Spector.
- Relevant configuration data.
- Vendor Management (Helpdesk Plus and Premium packages only)
Subject to fair use, Spector will provide third-party vendor liaison, including:
- Liaison with the Client’s third-party service suppliers including providers of software, hardware and telecoms services if such suppliers require changes to be made to the configuration of the IT Equipment to investigate or resolve issues with the third-party software or services
- On behalf of the Client manage any warranty claims for malfunctioning IT Equipment that is covered by the manufacturer’s warranty. Such management may include Spector carrying out engineering activities on behalf of the manufacturer, however Spector cannot provide any greater warranty than that offered by the hardware manufacturer, and if parts are required that are not covered by the manufacturer’s warranty, Spector shall provide the Client with a quotation for the supply of the replacement part prior to the supply thereof.
- Strategic Business Review Meetings
Spector will undertake periodic Strategic Business Review Meetings with the Client’s senior management and decision makers, with the purpose of:
- Assisting with the road-mapping of the Client’s IT strategy
- Advising on current landscape and technology changes and pertinent risks
- Offering input to future strategy and budgeting
- Discussing and understanding any ongoing issues with the Client
- Analysing reported Incidents, checking for patterns to help identify root causes
- Understanding the Client’s business requirements to determine recommendations and changes where appropriate
- Spector App
The Spector App enables the Client to directly report Incidents to Spector and monitor progress of the Incident resolution process.
- Monthly Usage Report
Spector will provide the Client with a Monthly Executive Report that provides an overview of the status of the Client’s service usage by user, device and licenced mailbox. This is used to support monthly billing.
- 12. Server Monitoring and Management
The following is a list of the key items we monitor on servers:
- Critical Event Logs.
- C:\ and other drives space > 90% usage.
- CPU Time and/or memory usage> 90%.
- Mission Critical software not running.
- Email Outages.
- Server Outages.
- Dell Open Manage System Administrator Errors.
- Backup Failures.
- 13. Desktop Monitoring and Management
The following is a list of the key items we monitor on workstations:
- C:\ disk space > 90% usage.
- RAM Usage.
- Anti-virus updates.
- Patch updates – Windows and Microsoft Apps.
- Site Monitoring
14, Site Monitors
The following is a list of the key items we monitor on a site-by-site basis:
- Patching Levels.
- Antivirus Definitions Dates.
- Defragmentation Status.
- SMART /Disk errors.
- Antivirus Disabled/Missing.
- Blacklisted Software Present.
- New Software Installed.
- Site /Firewall Offline.
- New Computers Detected.
- Device health and remote wipe.
- Office 365 Security monitors.
15.1 – On-Site Support
In the first instance, Spector will endeavour to resolve Incidents remotely. However, if Spector determines that an on-Site visit is either necessary or is the most efficient manner to resolve an Incident, Spector will dispatch an engineer to the Client’s Site. For Helpdesk Essentials clients this will require a quote or Block of hours cover. All site visits are covered under Helpdesk Plus and Premium plans.
Spector will not unreasonably delay the dispatch of an engineer to the Client’s Site
On-Site visits will be made during the Working Day
- Asset and Inventory Report
Using its Server and Endpoint Monitoring Agents, Spector will compile and maintain an asset register for the Client’s IT Equipment estate, including hardware and software inventories. Asset reports will be made available to the Client on request.
- 17. Multi-Factor Authentication for Microsoft 365 and Azure
Multifactor authentication adds a layer of protection to the End User sign-in process. When accessing accounts or applications, users provide additional identity verification, such as scanning a fingerprint or entering a code received by phone. Spector will advise the most appropriate implementation and on agreement with the Client will configure, manage and enforce the authentication process for hosted Microsoft 365 Services and Azure.
- 18. Barracuda Advanced Threat Protection
Barracuda Advanced Threat Protection is a cloud-based email filtering service that can help protect against Malware and provide better zero-day protection against unsafe attachments and malicious links, in real time.
18.1 Safe Attachments
The Safe Attachments feature checks any email attachments as they arrive in inboxes to ensure it’s not malicious. If the file is found to be malicious in nature, it is removed automatically.
18.2 Safe Links
The Safe Links feature provides time-of-click verification of website addresses in both email messages and Office documents. If the URL has been blocked or is identified as malicious, a warning page will be opened instead of exposing the End User to the potentially harmful link. A similar process also takes place when a link is clicked within an office document.
18.3 Spoof Intelligence
The Spoof protection feature helps to ensure that legitimate emails are sent, while shielding the Client from any malicious intent. The feature will be configured to determine the difference between legitimate activity and malicious activity including reviewing senders that are spoofing the Client’s domain and blocking those senders from doing so.
Machine learning models and impersonation detection algorithms are two of the ways that the Anti-Phishing feature helps to keep the Client protected from potential phishing attacks. The Anti-Phishing feature can check all of the Client’s incoming email for any indication that it could be a phishing attempt.
18.5 Email Sender Framework Management (Premium and Plus Only)
Setup, management and maintenance of SPF, DKIM and DMARC sender frameworks.
- 19. Microsoft 365 Secure Score
Microsoft 365 Security Configuration provides measurement (scores) of the Client’s security posture (for example, multi-factor authentication implementation, conditional access and alerting) and the implementation of improvement actions – which will result in higher scores. The service allows the Client to compare its scoring with benchmarks and other organisations’ scoring. The purpose is to increase level of compliance with security recommendations and reduce the risk posed by security threats.
19.1 SharePoint, OneDrive, and Microsoft Teams (Microsoft Licence Dependent)
Microsoft 365 Advanced Threat Protection helps to detect and block potentially malicious files from entering the Client’s document libraries or team sites, or locking the file and preventing anyone from accessing it once it’s been identified as malicious. Such files will be included in a list of quarantined items, so they may be controllably downloaded, released, reported or deleted them from the Client’s system.
- 22. Proactive Threat and Breach Detection
22.1 Endpoint Detection and Response (Plus and Premium)
Spector’s Intelligent Ransomware Detection comprises a monitoring agent which monitors ransomware canaries and on detection of a potential security incident, invokes an investigation by a team of security experts. Ransomware canaries are lightweight files, typically in .docx, .xlsx and .jpg formats that are installed in strategic locations in a Desktop’s file system. The canary files are constantly monitored for signs of tampering which can give an early indication of potential ransomware incidents. If the files are modified or changed in any way, an investigation is immediately opened with Spector’s security operations centre team to confirm whether those changes are the result of a ransomware infection or malicious encryption. The security operations centre team provides a team of always-on expert security professionals who investigate potential threats and help remediate cyber threats, including any underlying persistent foothold threats.
22.2. External Vulnerability Monitoring
Spector’s External Vulnerability Monitoring monitors open firewall and router ports for potential security exposure. By reporting open ports connected to services including remote desktops, Windows file sharing, SQL Server databases, etc. it is possible to identify potential external vulnerabilities and address them. The report generated by the External Vulnerability Monitoring service shows each scanned IP address, protocol and port numbers, the last time it was queried by External Vulnerability Monitoring service and (if available) the service running on a particular port. By scanning regularly, it is possible for Spector to identify any configuration changes or unexpected activity that may otherwise go unnoticed. Whilst any open port can be an attack surface, such are often required to provide necessary services to the Client. The External Vulnerability Monitoring service provides visibility so that ports can be open in a secure and appropriate manner.
- 23. Managed Anti-Malware
23.1 Spector will provide an industry standard security product for all Workstations and Servers. Spector’s anti-Malware product is focussed on security and speed. It employs a unique approach to Malware protection and is largely cloud-based. This approach means that its monitoring and detection are carried out with very little performance impact compared with other anti-Malware software and obviates the need for constant updating of workstations or servers with virus definitions. The service includes:
- Secure and resilient distributed cloud architecture – Uses multiple secure data centres globally to support the Client and roaming End Users with full-service resilience and redundancy
- Layered End User and device defences – Stops attacks that take advantage of poor End User awareness, not just those that target device vulnerabilities
- Malware detection and prevention – Blocks Malware, browser-based attacks, crypto-jacking, credential-stealing Malware, script-based, and file-less attacks, and a wide range of other threats
- Tamper proofing – best effort protection against the forced removal of Malware protection.
- Basic web protection – protecting end user devices and servers by filtering malware and malicious downloads.
23.2 Spector will:
- Schedule regular full system anti-virus scans and regular anti-spyware scans on all Desktops and Servers
- Provide real time protection and alerting of all Desktops and Servers
- Monitor Desktops and Servers on a daily basis to ensure that protection remains active and automatically raise an alert if protection is disabled
- 24. Advanced Security Awareness Training and Phish Testing
Spector’s Advanced Security Awareness Training includes a number of services which are targeted at increasing End User’s awareness of cyber security threats and how to mitigate them. Advanced Security Awareness Training is a recurring service under which Spector will provide:
Access to a wide range of cyber training materials for all End Users, with automated training campaigns and scheduled email reminders
- 25. Application Whitelisting and Privileged Access Management
Spector provide controls to limit/remove administrative rights to windows devices. This allows for complete control over all installed applications and administrative privilege requests via our helpdesk, greatly limiting risks associated with malicious downloads and back door hacking attempts.
- 26. Email, Teams, SharePoint and OneDrive Backup
26.1 Spector’s Backup Service for Microsoft 365 protects the Client against loss of data that is held within Microsoft’s cloud infrastructure. Unexpected data loss can typically be due to user error or occur if an End User subscription expires, and Spector’s service, in addition to providing the Client with additional control over its data, mitigates the risk of such data loss.
26.2 Spector will back-up the Client’s Microsoft 365 data based on the number of End Users and storage capacity set out on the Quote; backup data is stored on a backup appliance which is located at Spector’s Data Centre.
26.3 Microsoft 365 backups include:
- OneDrive file and folder data backups (documents), per End User
- Exchange data, including emails, email attachments, notes, deleted items, contacts (excluding photographs), tasks and calendar events (including attendees, recurrence, attachments and notes)
- SharePoint primary, custom, group and team site collections; folders, document libraries and sets; site assets, templates and pages
- Groups (including conversations, plans, files, sites and calendar)
- Teams (including wiki and chat)
26.4 Backups can be configured to run automatically or on-demand.
26.5 The Backup and Recovery Service is fully managed by Spector.
26.6 The backup system will automatically notify Spector of backup success or failure.
26.7 Backups are encrypted at rest and during transmission.
26.8 Backup data will be retained for 1 year.
26.9 Data restoration:
- Data restores will only be initiated by Spector when requested by an authorised representative of the Client
- Spector will use reasonable endeavours to restore data at the level of granularity (including image, directory or file level) requested by the Client
- Spector will use reasonable endeavours to restore data to the location that is specified by the Client
26.10 Whilst Spector shall execute automatic backups and monitor the performance of the backup service 24 x 7 x 365, Spector will carry out the following activities during the Hours of Cover:
- Respond to Client requests for data restores
- Respond to and investigate any Incidents that arise in the service which cannot be remediated automatically, whether raised by the Client or by Spector’s monitoring agents
26.11 Test Data Restore
In response to requests from the Client, Spector will perform occasional test restores of backed-up data to ensure that backups are functioning correctly. This will be implemented by Spector contacting the Client to agree a test target (for example a mailbox or SharePoint Site) and carrying out the test restore at an agreed time. Spector will charge for providing Test Data Restores at its prevailing rate.
- Advanced Endpoint Security Controls
Our advanced endpoint controls allow to enforce policy and the management of USB devices as well as data leakage controls. This is defined by removable media and Data Leakage prevention policies.
- Real time Vulnerability Scanning
Proactively identify and address security weaknesses, reducing the risk of cyberattacks and potential data breaches.
- Managed Firewall
29.1 The Firewall Management service includes:
- Updating firmware and software to maintain security levels
- Managing access in response to Client requests
- Changes to rules in response to Client requests
- 30. IT Budget Preparation
If applicable and if requested by the Client, Based on its recommendations provided in the Strategic Business Review, Spector will assist the Client with budget planning, providing IT-spend analysis to maximise the return on IT investment.
Optional Services – Service Component Description
- 31. After Hours Support
After Hours Support provides:
- 24 x 7 response to and where possible (for example when not requiring assistance from the Client) remediation of Incidents that are identified by Spector’s monitoring system;
- 24 x 7 Helpdesk Support, providing response and remediation of Critical and High Priority Incidents raised by the Client
- The application of patches and associated Equipment re-boots outside of Working Hours.
- 32. Mobile Device Management
Mobile device operating system support and management is provided via a Spector-supplied Microsoft InTune subscriptions or other Spector-supplied MDM software subscription. Mobile device management includes:
- Enrolment of devices and End Users
- Publishing security settings, certificates and profiles to devices
- Resource access control
- Monitoring and management, including measuring and reporting device compliance and app inventory
- Publishing mobile apps to devices
- Configuration of email applications
- Securing and removal of corporate data
- Mobile device management does not include the publishing or management of anti-Malware software or hardware support for physical devices.
- 33. Microsoft 365 Security Review
Spector will provide a review of the clients Microsoft 365 environment against best practice standards. The review will focus on the deployed controls and settings in the Clients Microsoft 365 tenant.
- 34. Security Information and Management
34.1 The service includes containment and remediation elements, thus the Client should ensure that this service does not conflict with the provisions of any cyber-insurance policy that is held by the Client prior to subscribing to this service.
35 – DUO Multifactor Authentication
DUO multifactor authentication deployed to protect end user device logins.