HDT.Direct Terms of Service

Effective Date: 1/1/2025

The Parties

You (hereafter, “Client” or “Customer” interchangeably) have elected to do business with HELPDESK.TECH INCORPORATED (hereafter, “Contractor”) for management, service, and support of Client’s computers, computer networks, computer software, and other technology components (hereafter “Technology Network”), demonstrated by signed Proposal(s) or Quote(s) and signed MSA (Master Service Agreement, hereafter “The Agreement”) at the time and place on record, and referencing these Terms therein.

Client is hereby bound by these Terms throughout the duration of The Agreement.

These Terms may be updated from time to time, with or without written notice, as appropriate.

Service Coverage

Remote Help Desk and any Support of Client’s Technology Network will be provided to the Client by Contractor through remote (controlled virtual access) means between the hours of 8:00 am – 5:00 pm Monday through Friday in Client’s choice of Pacific, Central or Eastern Time Zone, excluding public and other company holidays. Network Monitoring Services will be provided 24/7/365 and all remediation shall be done during business hours. All services qualifying under these conditions, shall be defined here.

Support and Escalation – Contractor will respond to Client’s Service Tickets under the provisions of The Agreement, and with best effort after hours or on holidays. Service Tickets must be opened via:
1. Phone Call or Text to a Unique Support Number
2. Support Portal, Support Icon, or other similar electronic means as may be designated
3. By unique support email
Ticketing – Each service request will be assigned a Service Ticket number for tracking, which will serve as an ongoing repository of service requests either created by the Client or by Contractor as a part of ongoing network monitoring. In the event where a service request and a Contractor resource is available, the Client may engage with Contractor’s Chat Assist dialogue tool through their Client Portal. As the Contractor resource may find necessary, a service ticket may be created to track or otherwise follow up with a Client-disclosed issue in accordance with the Service Level Agreement (SLA) timeframes and expectations.
1. All tickets submitted will receive three contact attempts by a Contractor representative to the ticket contact, to gain clarity on the details of the request or to gain permission to begin working on the issue. If no response is given to these contact attempts, the ticket will be closed and marked “NO END USER CONTACT | Attempted Outreach – No Call Back” and the ticket will not count toward overall SLA numbers.
Service outside Normal Working Hours – Emergency services performed outside of the hours of 8:00 am – 5:00 pm Monday through Friday, excluding public and other company holidays, if undertaken, shall be subject to additional fees according to the Rate Card set forth in these Terms.
Actual Liability Limitations – In no event shall Contractor be held liable for indirect, special, incidental or consequential damages arising under The Agreement or these Terms, including but not limited to loss of profits or revenue, loss of use of equipment, lost data, costs of substitute equipment, or other costs. Contractor or its suppliers shall not be liable for any indirect, incidental, consequential, punitive, economic or property damages whatsoever (including any damages for loss of business profits, business interruption, loss of data or other pecuniary loss) arising out of these Terms or The Agreement.
Service Operations Disclaimer – Client grants Contractor authorization to view any data within the regular routine of the repair or system improvement. Client also authorizes Contractor to reasonably delete, change, and/or rewrite any necessary information to complete the system repair or improvement that is consistent with the standards and practices in the industry.

Monitor and Remediate Services

Support for Hardware and Software – Contractor shall keep a running supported device list (The List) and shall invoice accordingly against Client’s regular monthly invoice. The List may be reviewed by and between Client and Contractor from time to time to ensure accuracy. Contractor shall provide support for and facilitate vendor replacement of all hardware and systems specified in Contractor’s running supported systems list, provided that all Software is Genuine, Currently Licensed, and Vendor-Supported. Should any hardware or systems fail to meet these provisions, they will be excluded from this Service Agreement. Should 3^rd Party Vendor Support Charges be required in order to resolve any issues, these will be passed on to the Client after first receiving the Client’s authorization to incur them.
Monitoring Services Provided Under The Agreement – Contractor will provide ongoing monitoring services of all critical devices as indicated in Contractor’s running supported systems list. Contractor will provide regular reports as well as document critical alerts, scans and event resolutions to Client. Should a problem be discovered during monitoring, Contractor shall make every attempt to rectify the condition in a timely manner through remote means or via use of additional monitoring teams as employed by the Contractor.

Network Suitability Requirements

Requisite Network Standards for Contractor Support Qualification – In order for Client’s existing environment to qualify for Contractor’s I.T. Managed Services, the following requirements must be continually met:
1. All Servers, Desktops and Computer equipment in the Client Network, must be manufacturer supported.
2. All Computers and Network Equipment must have Licensed Software and be supported by its manufacturer.
3. All Wireless data traffic in the environment must be securely encrypted, without exception.
Hardware Equipment Agreement – Client agrees that all equipment provided by Contractor will remain sole property of Contractor which retains a 100% security interest. Such equipment shall be inventoried by make, model, and serial number and may be clearly marked with an inventory tag indicating the equipment is the Contractor’s property. Such an inventory tag shall be provided only for convenience and ease of identification and lack of such inventory tag shall not release Contractor’s security interest. Client will not attempt to sell, resale, tamper, troubleshoot, repair, move, add, etc. to this equipment without written permission of Contractor. Should The Agreement be terminated by either party, Client agrees to return the property listed in Proposal, or after acquired, to Contractor within 10 days after the final cancellation date. During the term of The Agreement, Contractor shall retain ownership of the administrative passwords to this equipment, and may, at its sole discretion, sell its interest in the equipment to the Client at the termination of The Agreement.
1. Client further acknowledges and gives permission to Contractor to take possession of said equipment from location listed in event of termination of The Agreement after 10 day grace period, and agrees to compensate Contractor for expenses accrued during the recovery in addition to all amount owing under the balance of the agreement.
2. Client agrees and understands that Contractor-owned equipment is to be maintained completely by Contractor, without exclusion. Any tampering, repair attempt or service completed by another party on said equipment will be identified by Contractor as a material breach of security, where the Client willfully breaches a material term of The Agreement and these Terms.
Loss Payee Requirement – Client agrees to make all logical and earnest attempts to keep equipment safe, secure and protected while in their possession. Client agrees to keep current insurance on Contractor supplied equipment while in their possession and list Contractor as an additional loss payee. Client will provide proof thereof to Contractor that Contractor is listed as an additional loss payee, providing a current copy of its insurance declaration sheet showing Contractor as a loss payee specifically for mobile equipment coverage. Client further agrees to be responsible for any and all costs for the repair or replacement of Contractor supplied equipment while in their possession should it be damaged or repaired by an unauthorized third party.
Client Default – Should Client default, permission shall not be reasonably withheld to enter Client premises, under supervision if Client deems necessary, and remove all of Contractor’s hardware, and all efforts to recover such property will be deemed consensual and not a trespass. Client agrees to fully cooperate and will not interfere in any way, including but not limited to involving law enforcement. Client acknowledges that documented hardware provided under The Agreement belongs to Contractor, which retains a 100% Security Interest, and Contractor may repossess or recover without notice, upon breach of The Agreement by Client.

Out of Scope Services and Interventions

Below is a comprehensive “Out of Scope” list designed to clearly define and protect the boundaries of our remote IT services (available 8am–5pm) and ensure that our responsibilities are aligned with our core service offerings. As the nature of The Agreement is unique and specific to your network infrastructure, it is imperative that a delineation is made between what is included and what is excluded under The Agreement and these Terms. The following are listed as exclusions to The Agreement:

After-Hours and Emergency Onsite Support
- Any support, maintenance, or troubleshooting outside our standard business hours (8am–5pm) is excluded.
- Emergency onsite visits are not provided under our remote-only service model.
Onsite Services and Physical Interventions
- Physical repairs, installations, hardware replacements, or any work that requires a technician’s presence at the client site.
- Network cabling, electrical work, or any other physical infrastructure adjustments.
Unsupported Hardware and Software
- Maintenance or troubleshooting of legacy, custom-built, or non-standard hardware and software systems that are not explicitly included in our service agreement.
- Support in the appropriate trade use of any software product, including but not limited to software used in the execution of accounting practices, architectural skills, legal notation, etc.
- Devices or systems for which the manufacturer no longer provides support or updates.
- Any cables or consumables of any kind.
Deep-Dive Forensic and Incident Analysis
- Detailed forensic investigations beyond initial incident triage and escalation are outside our standard scope.
- Full-scale cybersecurity incident investigations that require specialized, on-site forensic analysis.
Advanced Disaster Recovery and Data Forensics
- Comprehensive disaster recovery planning or restoration services that exceed routine backup and recovery procedures.
- Services related to large-scale data recovery or physical data center restoration.
Customized Project Management and IT Consulting Beyond Agreed Projects
- Any IT project, implementation, or consulting services that have not been explicitly defined and agreed upon in a separate contract.
- Major network redesigns, system overhauls, or other complex initiatives requiring prolonged engagement.
Third-Party and Vendor Issues Requiring Onsite Intervention
- Support for problems that arise directly from third-party vendor services where onsite intervention is necessary.
- Liaison or troubleshooting for issues that fall outside of our contractual responsibilities with third-party providers.
Onsite Training and In-Person User Support
- In-person training sessions, workshops, or user support events. All training and support, if provided at all, are provided remotely.
- Customized on-site user education sessions or presentations.
Home Office or Remote Employee Equipment
- Support for personal or non-business-critical devices not part of the client’s officially managed IT infrastructure.
- Services for devices located outside of approved business locations unless explicitly covered in the contract.
Physical Security and Facilities Management
- Installation, maintenance, or monitoring of physical security systems (e.g., surveillance cameras, access control systems).
- Any service involving physical modifications or the security of client premises.
Unauthorized Data Transfers or Non-Contractual Data Management
- Data migration, transfer, or synchronization tasks not included in the service scope.
- Handling of sensitive or non-business data that falls outside the parameters of agreed business operations.
Telephony and VoIP Hardware Adjustments
- Onsite troubleshooting, repair, or configuration of telephony or VoIP hardware that require physical access to equipment.
Procurement and Supply of Hardware/Equipment
- Sourcing, ordering, or delivering hardware, software, or other IT equipment.
- We may provide recommendations but do not assume responsibility for procurement logistics or vendor negotiations.
Custom Integration and Development Work
- Development of custom integrations, applications, or scripts beyond minor adjustments required for standard support.
- Any programming or software development projects not clearly outlined in the service contract.
In-depth Network Infrastructure Redesign
- Comprehensive redesign or re-architecture of network infrastructure that exceeds routine maintenance and minor adjustments.
- Planning and execution of major network expansion or overhaul projects.
Compliance Audits and Regulatory Reporting
- Full-scale audits, compliance reviews, or regulatory reporting beyond our standard support scope, unless previously contracted.
Physical Data Center and Server Room Management
- Onsite management, maintenance, or physical upgrades of data center facilities or server rooms.
Managed Print Services Beyond Remote Assistance
- Direct management, servicing, or repair of printers and scanners that require on-premise technical support.
Custom Security Solutions and Onsite Installations
- Development or deployment of custom security solutions that necessitate on-site hardware installations or modifications.
Services Not Explicitly Defined in the Contract
- Any other tasks or interventions not specifically listed in the agreed-upon service contract or statement of work.

This “Out of Scope” list is intended to safeguard our service boundaries, ensure clarity in service expectations, and protect our remote-only IT services model. Should any needs arise beyond these boundaries, they will require a separate agreement or engagement to address those specialized requirements.

Confidentiality of Service

Contractor and its agents may use Client information, as necessary to or consistent with providing the contracted services, and will use best efforts to protect against unauthorized use.
In order to fulfill Contractor’s duties and responsibilities of maintaining network security and confidentiality, administrative passwords will be retained by Contractor and kept under tightly-controlled release to the Client. Client shall protect administrative passwords under lock and key.
Upon the mutual agreement of Contractor and the Client, including payment of all sums due to Contractor, passwords and other administrative codes will be released to the Client or others at the Client’s written direction.

Termination / Cancellation Terms

The Agreement may be pre-terminated for any reason by the Client upon thirty (30) days written notice if:
1. Client agrees to pay an Early Termination Fee to Contractor, under the following criteria:
  1. If pre-termination is requested by the Client, it shall be done solely upon all remedies provided to Client and Contractor in these Terms having been first exhausted.
  2. Should all remedies provided to Contractor under these Terms be exhausted, Contractor will derive an Early Termination Fee 50% of the remaining value of The Agreement.
  3. Client will be sent an Early Termination Quotation, for approval and signature – wherein if executed, payment shall be immediately necessary in order to ensure a timely transfer of services to another credible provider.
In case of failure of Contractor to fulfill in any material respect its obligations under The Agreement and these Terms shall be given thirty (30) days to cure such failure following Client’s written notice of such failure.
1. Should Contractor fail to remedy such failure within 30 days of notice, Client may terminate The Agreement without further obligation, subject to all other conditions of termination or finality of The Agreement.
Contractor reserves the sole right to cancel The Agreement at any time, with thirty (30) days advance written notification.
If the Client chooses to pre-terminate The Agreement, Contractor will assist the Client with the orderly termination of services, including timely transfer of the services to another designated provider, under the following stipulations:
1. Client agrees that the thirty (30) days advance notice required shall be used for a period of “offboarding,” during which:
  1. All end-user support shall cease immediately upon notice of termination.
  2. All property and software and software licensing solely owned or curated by Contractor under The Agreement shall be removed from Client’s premises on a schedule to be determined by Contractor, but not later than 30 days following notice of termination.
  3. Client agrees to pay Contractor the actual costs of rendering such assistance. Actual costs could include but are not limited to: knowledge transfer, data transfer, license transfers or equipment de-installation.
Client acknowledges that in the event of pre-termination, Contractor shall use any and all remedies under the law, to protect any equipment or intellectual property provided in The Agreement.

Service Conduct Definitions

Contractor, at times, may send its employees and/or authorized agents to the Client’s site or service location, or may allow its employees and/or authorized agents to remote support Client’s employees and other End Users during the term of The Agreement. The Client in no way, may solicit, inquire or otherwise make an arrangement of employment, contract or covenant, either direct or indirect, with an employee of Contractor, during The Agreement and surviving for a period of three (3) years after an employee is employed by Contractor.
1. In the event of a breach of this clause, Contractor will be entitled to punitive damages, including but not limited to the full face value of The Agreement, and 1 year’s annual salary of the employee solicited, and may cancel all service agreements with the Client, by virtue of a breach hereto.
The Client acknowledges that during the term of The Agreement, Contractor has been granted exclusive right to manage Client’s Technology Network, no subsidiary Technology Service Provider, Managed Service Provider, contractor or individual human resource, either by invitation or by solicitation, may be allowed to investigate, scope or diagnose the Client’s Technology Network, in part or in whole, without prior knowledge of Contractor.
1. In the event where Contractor learns, that the Client has allowed another Technology Service Provider, contractor or individual human resource to investigate, scope or diagnose the Client’s Technology Network without Contractor’s prior knowledge, Contractor has the sole right to execute a ‘Material Breach’ of The Agreement in accordance with terms set forth herein, including but not limited to any available legal remedies under the law.
2. In any event, where a legal entity or firm has been solicited to investigate the Client’s Technology Network, or any supported device thereto, the Client must immediately notify and request the assistance of Contractor to comply with an external request. Contractor may request documentation, including subpoenas or legal service notifications, to assert the nature of the network investigation, in order to ensure that the proper access is provided and scheduled for compliance.
Quarterly Business Reviews – Client acknowledges that participation in Quarterly Business Reviews (QBR’s) between 1.) the Client’s Owner, Executive Director, Principal Partner, CEO, or other designated Company Authority, and 2.) the Client’s designated Virtual CIO or Account Manager as determined by the Contractor, are a requirement for service under The Agreement, and such participation will take place a minimum of four (4) times per year, according to mutually available times and places, on an predetermined regular schedule agreed upon in writing within 30 days of signing The Agreement.
1. During the QBR, the Client’s representative will be discussing with Contractor the Client’s overall technology strategy, performance of the account, ticket distribution, network stability, suggestions for improvement, and additional products and services that may be required to fully service the account, all according to an agenda set by the Virtual CIO or Account Manager.
2. Scheduled QBR’s may be cancelled upon notice given to either party, but must be rescheduled within 30 days of the regular appointment date.

Jurisdiction and Venue of Enforcement

The Agreement and these Terms shall be governed by, construed, and enforced in accordance with the laws of the State of Delaware, where it shall maintain Jurisdiction. It constitutes the primary Agreement between Client and Contractor for the services outlined herein. The Agreement can be modified only by a signed written Addendum by both parties.
If any collection action, litigated or otherwise, is necessary to enforce the terms of the Agreement, Contractor shall be entitled to reasonable attorneys’ fees and costs in addition to any other relief to which it may be entitled.
If any provision in The Agreement is held by a court of competent jurisdiction to be invalid, void or unenforceable, the remaining provisions shall nevertheless continue in full force without being impaired or invalidated in any way.
Contractor is not responsible for failure to render services due to circumstances beyond its control including, but not limited to, acts of God, natural disasters, pandemic, public health crisis, war, civil uprising, or other Force Majeure.

Service Level Agreement (SLA)

The following schedule shows targeted times (in business hours) for response and resolution, and this SLA shall only apply to Clients who subscribe to the SLA and pay a separate fee for a Priority SLA on their Invoice. These are target times only, and all efforts toward resolution are “best effort” according to the need at the time the problem is presented.
Description of Trouble Situation:	Priority Status	Response Time	Resolution Time	Escalation Threshold
PRIORITY = CRITICAL Service not available (All users and functions unavailable)	1 – Highest	1 hour	Unknown	1 hour
PRIORITY = HIGH Significant degradation of service (large number of users or business critical functions affected)	2 – Priority	2 hours	Same Day	2 hours
PRIORITY = MEDIUM Limited degradation of service (limited number of users or functions affected, business process can continue)	3 – Concerning	4 hours	Next Day	4 hours
PRIORITY = STANDARD Small service degradation (business process can continue, one user affected)	4 – Daily	12 hours	24 hours	16 hours

Support Tiers

The following schedule details and outlines the Support Tiers which serve The Agreement
TIER LEVEL	Description of Action within Tier Level
Tier 1 Support	All support incidents begin in Tier 1, where the initial trouble ticket is created; the issue is identified and clearly documented, and basic hardware/software troubleshooting is initiated.
Tier 2 Support	All support incidents that cannot be resolved with Tier 1 Support are escalated to Tier 2, where more complex support on hardware/software issues can be provided by more experienced Engineers.
Tier 3 Support	Support Incidents that cannot be resolved by Tier 2 Support are escalated to Tier 3, where support is provided by the most qualified and experienced Support Engineers who have the ability to collaborate with 3rd Party (Vendor) Support Engineers to resolve the most complex issues.

Hourly Rate Card

Hourly Rate Card for all advisory and technical services as of 1/1/2025

DAY OF WEEK	TIME	SERVICE LEVEL	RATE	MINIMUM
M, T, W, Th, F	8:00am to 4:59pm	Tier 1	$175.00 per resource	$43.75 every 15 min
M, T, W, Th, F	8:00am to 4:59pm	Tier 2	$300.00 per resource	$75.00 every 15 min
M, T, W, Th, F	8:00am to 4:59pm	Tier 3	$450.00 per resource	$112.50 every 15 min
M, T, W, Th, F	5:00pm to 11:59pm	Tier 1	$300.00 per resource	$75.00 every 15 min
M, T, W, Th, F	5:00pm to 11:59pm	Tier 2	$500.00 per resource	$125.00 every 15 min
M, T, W, Th, F	5:00pm to 11:59pm	Tier 3	$900.00 per resource	$225.00 every 15 min
M, T, W, Th, F	12:00mid to 7:59am	Tier 1	$450.00 per resource	$112.50 every 15 min
M, T, W, Th, F	12:00mid to 7:59am	Tier 2	$750.00 per resource	$187.50 every 15 min
M, T, W, Th, F	12:00mid to 7:59am	Tier 3	$1350.00 per resource	$337.50 every 15 min
Sat, Sun	Any	Tier 1	$450.00 per resource	$112.50 every 15 min
Sat, Sun	Any	Tier 2	$750.00 per resource	$187.50 every 15 min
Sat, Sun	Any	Tier 3	$1350.00 per resource	$337.50 every 15 min

Typical Services Found In The Agreement

These services may or may not be included in your Proposal, The Agreement, these Terms of Service, or your monthly invoice. They are provided for guidance and clarification only, and should not be assumed to be covered or offered in The Agreement unless specified as covered or offered.

PILLAR I

HELP DESK SUPPORT

8/5 Unlimited Help Desk Support for Day-to-Day Issues (such as):
- Printer support
- Software support
- Email support
- Smart phone and tablet support
Support Ticket Management System to Track Issue

COMMON PILLAR I BENEFITS

User Account and Access Management

Password Resets: Assisting users with forgotten or expired passwords.
Account Lockouts: Unlocking accounts due to multiple failed login attempts.
Provisioning New Accounts: Creating user accounts for new employees.
Access Requests: Granting or revoking access to shared drives, applications, or resources.

Hardware Support

Troubleshooting Printers and Scanners: Resolving connectivity or performance issues with peripherals.
Desktop/Laptop Issues: Addressing boot problems, lags, or hardware failures.
Peripheral Setup: Assisting with monitors, docking stations, keyboards, or mice.
Suggesting Equipment Replacement: Recommending faulty hardware like aginig systems, hard drives or power supplies or peripherals be replaced.

Software Support

Application Installation: Installing or updating software as per user requirements.
License Management: Ensuring users have valid software licenses.
Software Troubleshooting: Resolving errors, crashes, or compatibility issues.

Networking

Wi-Fi Connectivity Issues: Helping users connect to corporate wireless networks.
VPN Troubleshooting: Assisting with remote access to the enterprise network.
Email Issues: Resolving problems with sending/receiving emails or syncing devices.

Security and Compliance

Virus/Malware Removal: Advising on potential threats from infected devices.
MFA: Assisting users with setting up or troubleshooting multi-factor authentication
Security Awareness: Responding to phishing attempts and guiding users on secure practices.

Collaboration Tools

Microsoft Teams/Zoom Support: Helping with meetings, chat, or collaboration issues.
File Sharing Issues: Troubleshooting problems with cloud services like OneDrive, SharePoint, or Google Drive.

General IT Support

Incident Documentation and Ticket Resolution: Logging issues, tracking resolutions in a ticketing system, and following up on recurring problems.

PILLAR II

NETWORK AND DEVICE MANAGEMENT

24/7 Monitoring for Hardware Failures and Unusual Events
Operating System Updates/Patching
Security Updates/Routine System Hardening per SOC/Patching

Active Directory Maintenance
User Rights Management
Shared File Management
Operating System Updates/Patching

COMMON PILLAR II BENEFITS

Network Monitoring and Performance

Real-Time Network Monitoring: Keeping a constant watch on network performance metrics to identify bottlenecks or outages.
Bandwidth and Traffic Analysis: Analyzing network traffic to optimize usage and plan for future capacity.
Performance Reporting: Generating and reviewing regular reports on network performance and uptime.

Hardware Management and Configuration

Router and Switch Configuration: Setting up, configuring, and maintaining routers, switches, and related network devices.
Firmware and Software Updates: Applying patches and updates to network hardware to ensure security and performance.
Device Replacement and Maintenance: Troubleshooting hardware issues, scheduling replacements, and coordinating repairs.

Troubleshooting and Support

Issue Diagnosis and Resolution: Investigating and resolving network connectivity issues, downtime, or performance degradation.
Advanced Troubleshooting: Provide seasoned technical support through remote tools.

Network Infrastructure Management

Network Expansion and Integration: Assisting with integrating new devices or expanding network capacity as the business grows.

Change Management and Documentation

Implementing Network Changes: Coordinating scheduled maintenance, upgrades, or configuration changes with minimal disruption.
Documentation of Network Topology: Keeping up-to-date records of network layouts, configurations, and asset inventories.
Compliance and Policy Enforcement: Ensuring that network configurations and operations adhere to security policies and industry standards.

PILLAR III

NETWORK SECURITY MANAGEMENT

Firewall
Content Filtering
Networking and Routing
Intrusion Prevention (IPS)
VPN
Synchronized Application Control
Web Protection and Control
Application Protection and Control
Cloud Application Visibility
Logging and Reporting

COMMON PILLAR III BENEFITS

Identity and Access Management

Managing Access and Permissions: Ensuring appropriate access to systems and data.
Enforcing (MFA): Enforcing and troubleshooting MFA for critical business applications.
Managing Unauthorized Access Attempts: Investigating failed login attempts or suspicious activity and managing password policies.

Endpoint and Network Security

Managing Antivirus Solutions: Ensuring all endpoints have up-to-date threat protection.
Managing Firewall Rules: Configuring firewalls to block unauthorized traffic.
Securing Wi-Fi and VPN: Configuring secure remote access for employees.
Vulnerability Scans: Scanning systems for security vulnerabilities and applying patches.

Security Awareness and Incident Response

Phishing Awareness: Educating employees about social engineering threats.
Investigating and Responding to Security Incidents: Analyzing alerts and logs for signs of cyberattacks or breaches and responding appropriately.
Monitoring Security Logs and Alerts: Reviewing logs from security tools and firewalls.

Data Protection and Compliance

Managing Data Encryption: Encrypting sensitive business data in transit and at rest.
Ensuring Compliance with Industry Regulations (e.g., HIPAA, PCI-DSS, GDPR): Implementing policies and software to meet security and privacy requirements.
Device Hardening: Applying security policies to company-owned assets.

Cloud and Application Security

Securing Microsoft 365/Google Workspace/Apple Accounts: Configuring security settings for cloud productivity suites.
Managing Secure Access to SaaS Applications: Ensuring third-party business applications follow security best practices.

General Security Administration

Security Audits: Regularly evaluating the security posture of the organization.
Developing and Enforcing IT Security Policies: Creating policies for acceptable use, data protection, and security best practices.

PILLAR IV

BACKUP AND DISASTER RECOVERY

Advanced On-Site Backup and Disaster Recovery (BDR) Unit, as necessary.
Local storage and stand-by server in the event of server failure, as necessary.
Secure Off-Site Storage
Restoration of Files or Folders
Full Recovery of Server System State, when appropriate.
Full Management of the BDR and Remote Storage

COMMON PILLAR IV BENEFITS

Backup Management

Maintaining Backup Solutions: Setting up automated backups for critical data.
Monitoring Backup Jobs: Ensuring backups run successfully.
Regular Backup Testing: Verifying that backups are complete, accurate, and restorable.
Managing Retention Policies: Defining how long backups are stored for business needs.
Securing Backup Data: Encrypting backups and ensuring access controls are in place.
Cloud Backups: Ensuring backups are stored in a cloud data center.
Managing Capacity: Ensuring there is enough storage for new backups and archives.

Disaster Recovery Planning

Documenting Recovery Objectives (RPO & RTO): Defining acceptable data loss (Recovery Point Objective) and recovery time (Recovery Time Objective).
Recovery Testing: Conducting regular drills to ensure recovery processes are effective.
Coordinating with Leadership: Communicating recovery steps with key stakeholders.
Implementing Business Continuity Strategies: Ensuring critical business functions can continue during a disaster.

Data Restoration and Recovery

Data Restores for Users: Assisting employees with recovering lost or deleted files.
Restoring Servers and Workstations After Failures: Recovering full system images and recovering clean backups after hardware or software failures, or cyber attacks.
Troubleshooting Backup and Restore Failures: Diagnosing issues with backup software, storage, or network.

Compliance and Security

Ensuring Compliance with Regulations (e.g., HIPAA, PCI, GDPR): Maintaining backup practices that meet industry regulations.
Monitoring Backup Security Logs: Identifying unauthorized access attempts or backup anomalies.

Continuous Improvement and Reporting

Reviewing and Updating Backup and Recovery Policies: Adjusting strategies based on business growth, new risks, and technology changes.

Glossary

These terms may or may not be included in your Proposal, The Agreement, these Terms of Service, or your monthly invoice. They are provided for guidance and clarification only, and should not be assumed to be covered or offered in The Agreement unless specified as covered or offered.

Active Directory Authentication Services and LDAP		Through Active Directory, we provide our clients central authentication and authorization services for Windows-based computers. Active Directory also allows our engineers and tools to assign policies, deploy software, and apply critical updates to an entire organization. Active Directory stores information and settings relating to our client’s organization in a central, organized, accessible database.
Antivirus Management		Proper configuration and installation of supported antivirus applications on both servers and workstations. Includes ongoing maintenance, such as updates to the application, the virus definitions, and any necessary changes to the configuration. We also monitor your anti-virus software vendor’s website and public sites for information on new viruses and destructive programs.
Application Support, Workstation		Commonly used workstation software packages are fully supported by our staff. Proprietary line-of-business applications are supported after a 90-day ramp up period.
Authentication Services		A number of systems rely heavily on security to ensure appropriate use and access. Central servers are available to ensure that all clients attempting to log in to one of these systems are authenticated first.
Availability / Connectivity Monitoring, Firewalls		Continuous monitoring of the availability and connectivity of the client’s firewall to ensure the device is up and running.
Desktop Antivirus Management		Every workstation or desktop connected to the client network is required to run antivirus software. This forms the second line of defense against viruses – ensuring that if infected files are opened on client computers, the virus is identified and file access stopped, preventing further infection.
Desktop Configuration Services and Enforcement		The standard user desktop design and configuration enables efficiency in the services provided by our technicians and tools, and reduces costs significantly through standardization of the computing environment. It also assists in quicker problem-solving when issues occur, and it enables the use of hot-swap computers in the event of a hardware failure. Standard installations are maintained for Windows and Macintosh operating systems. They include the operating system (O/S), standard application packages, drivers for supported hardware and antivirus software.
Desktop Maintenance (hardware and O/S)		We conduct scheduled maintenance of desktops and laptops ensures reliability and stability for users. Optimizing hard drive performance, clearing logs & temp files, O/S patch updates, physical inspections, and other check listed maintenance items.
Desktop Performance Monitoring (Hardware and Applications)		Monitoring of the ongoing health, performance and errors in the operating system software (such as Windows) as well as device hardware components of desktops and laptops. In addition, other applications can be monitored for specific conditions through log file analysis and monitoring of associated processes.
Digital Rights Management (DRM) and Access Control		Protects information from the threats of unauthorized disclosure, modification, or destruction by limiting access to only authorized users.
Email Content and Attachment Filtering		Allows an organization to create and enforce email usage policies for inbound and/or outbound email messages using flexible content filters based on sender and recipient addresses, key words, and attachments. Enables companies to block or re-route inbound email messages containing unwanted email attachments. Allows administrators to use productivity filters to create inbound email policies based on attachment type, such as music, sound and movie files. Allows designated senders, such as the Client’s designated partners, clients, and associates, to bypass specified email policies through an optional “approved sender list” feature.
Email SPAM filtering		Filter the client’s email prior to arriving at the mail server, removing unwanted spam items and quarantining them.
Encryption Services		Additional protection of client information through the use of technologies such as server-to-server level encryption, public key infrastructure (PKI), password-protected files, encrypting routers and key management servers.
Firewall Management		We maintain the system version software and operating system of the client’s firewall, continually manage policy and configuration changes, and coordinate necessary service outages with the client to minimize access and security interruptions.
Group Policy Management		We set up and manage the infrastructure used to deliver and apply one or more desired configurations or policy settings to a set of client’s targeted users and computers within a client’s Active Directory environment.
Handheld Computer Support		Support is available for the installation of handheld devices such as smart phones and tablets. Advice is available from assistance with purchases, through to resolution of problems using these devices.
Helpdesk Services		Helpdesk – Provides front-line support services to end-users. It is accessible by phone or email. The Helpdesk provides a responsive service for logging, tracking and resolution of issues encountered by our clients’ users. The IT Helpdesk is the central communications hub for all IT issues, and ensures clients are well informed of the progress of their problems. It also ensures the timely resolution of issues through a well-defined escalation process.
HTTP Content Management & Proxy Services		Greatly increase network security by monitoring and policing all traffic outbound and/or inbound to the network, while decreasing the bandwidth usages due to proxy services.
Incident Management		Incident Management is a set of processes whose aim is to ensure any interruptions to normal service for our clients are kept to a minimum, and the client is returned to normal operations as soon as possible. In the event of delays, the Incident Management processes ensure appropriate escalation of incidents to expert staff for timely resolution.
Incident Resolution		The IT Helpdesk is the first point of contact for all IT support enquiries. It is accessible by phone, email, the intranet. Helpdesk staff ensure all incidents are logged accurately and wherever possible resolve issues at the first point of contact. If required, incidents are escalated to expert staff. In those cases the Helpdesk staff ensure timely resolution and maintain communications with the client.
Intrusion Detection Services and/or Intrusion Prevention Services (IDS and/or IPS)		We implement and manage a system that collects and analyzes information from a variety of system and client network resources, looking for signs of internal misuse or intrusion. IDS alert generally requires human evaluation of the threat and manual intervention to stop an attack. On the other hand, the more subtle and complex rules that an IDS uses to analyze system activity allow it to detect vulnerabilities and intrusions that a firewall may miss.
IT Hardware On-Site Technical Support (via field engineers)		The field engineering team visits client sites when necessary for both responsive support issues as well as preventative maintenance to networking devices.
IT Hardware Remote Technical Support		The support desk or NOC resolves issues with networking devices remotely when possible, as well as delivering preventative maintenance when necessary.
LAN support		We provide support services for the ongoing operation and configuration of the client’s local area network.
Microsoft Windows O/S Patching		Patches automatically updated on a regular basis to the client’s servers and desktops. MS Baseline Analyzer and MS WSUS Server used On-Site, Desktop & Laptop Support. When required, our technicians will travel on-site to perform hardware maintenance, proactive problem diagnosis and repairs. Priority can be placed on severe issues according to our client Service Level Agreement.
Network Security Audits & Analysis		Using a combination of specialized tools and expertise, our security specialists discover and document the current security state of a client network, taking into account current hardware, operating systems, applications, policies and configuration. We identify vulnerabilities and potential weaknesses that a client may be exposed to, and offer a solution to remedy them.
On-Site, Deskside User Support		This hands-on support enables our clients to get the best out of their computing resources and includes assistance with support, maintenance, planning and minor training issues.
Problem Management		Our Problem Management services include the analysis of data recorded by our support staff to determine common causes of outages or incidents affecting large numbers of users, and then managing the process of identification of the root cause of the problem and elimination of the error from the infrastructure. Thus it has an important role in the continual improvement of our client IT Services.
Router and Switch Availability Monitoring		Monitoring the ongoing availability and connectivity of networking hardware.
Router and Switch Performance Monitoring		Monitoring of the ongoing health, performance bandwidth, traffic and errors of networking hardware.
Security Performance Monitoring, Antivirus		Continuous monitoring of the client’s antivirus software, including information such as viruses detected/quarantined, virus definition updates, and whether the application is running properly on each device.
Security Performance Monitoring, Firewalls		Continuous monitoring of the health and operation of the client’s firewall, including security incidents reported, network traffic, and device availability.
Virus Outbreak Management		In the unlikely event of a major outbreak, it is important that the response is targeted and coordinated properly. An emergency response plan has been created for just that purpose and communications between this team and clients are maintained throughout the outbreak and recovery period.
VPN support		We provide support services for the ongoing operation and configuration of the client’s virtual private network.
WAN support		We provide support services for the ongoing operation and configuration of the client’s wide area network
Windows Domain Services		We provide setup, configuration and management of the systems that respond to security authentication requests (logging in, checking permissions, etc.) within the client’s Windows Server domain.

© Copyright 2025 HelpDesk.tech Incorporated. All rights reserved. All use of trademarks, service marks, logos, and content must be licensed with permission and remains the property of HelpDesk.tech Incorporated.