Services Guide

This Services Guide contains provisions that define, clarify, and govern the scope of the services described in the quote that has been provided to you (the “Quote”), as well as the policies and procedures that we follow (and to which you agree) when we provide a service to you or facilitate a service for you. If you do not agree with the terms of this Services Guide, you should not sign the Quote and you must contact us for more information.

This Services Guide is our “owner’s manual” that generally describes all managed services provided or facilitated by Massive IT, LLC (“Massive IT,” “we,” “us,” or “our”); however, only those services specifically described in the Quote will be facilitated and/or provided to you (collectively, the “Services”).

This Services Guide is governed under our Master Services Agreement (“MSA”). You may locate our MSA through the link in your Quote or, if you want, we will send you a copy of the MSA by email upon request. Capitalized terms in this Services Guide will have the same meaning as the capitalized terms in the MSA, unless otherwise indicated below.

Activities or items that are not specifically described in the Quote will be out of scope and will not be included unless otherwise agreed to by us in writing.

Please read this Services Guide carefully and keep a copy for your records.

Servicios de auditoría inicial/diagnóstico

In the Initial Audit/Diagnostic phase of our services, we audit your managed information technology environment (the “Environment”) to determine the readiness for, and compatibility with, ongoing managed services. Our auditing services may be comprised of some or all of the following:

Audit to determine general Environment readiness and functional capability
Review of hardware and software configurations
Review of current vendor service / warranty agreements for Environment hardware and software
Basic security vulnerability check
Basic backup and file recovery solution audit
Speed test and ISP audit
Print output audit
Office telephone vendor service audit
Asset inventory
Email and website hosting audit
IT support process audit

If deficiencies are discovered during the auditing process (such as outdated equipment or unlicensed software), we will bring those issues to your attention and discuss the impact of the deficiencies on our provision of the Services and provide you with options to correct the deficiencies. Please note, unless otherwise expressly agreed by us in writing, auditing services do not include the remediation of any issues, errors, or deficiencies (“Issues”), and we cannot guarantee that all Issues will be detected during the auditing process. Issues that are discovered in the Environment after the auditing process is completed may be addressed in one or more subsequent quotes.

Onboarding Services

In the Onboarding phase of our services, we will prepare your IT environment for the monthly managed services described in the Quote. During this phase, we will work with your Authorized Contact(s) to review the information we need to prepare the targeted environment, and we may also:

Uninstall any monitoring tools or other software installed by previous IT service providers.
Compile a full inventory of all protected servers, workstations, and laptops.
Uninstall any previous endpoint protection and install our managed security solutions (as indicated in the Quote).
Install remote support access agents (i.e., software agents) on each managed device to enable remote support.
Configure los agentes de administración de parches de aplicaciones y Windows® y verifique si faltan actualizaciones de seguridad.
Desinstale aplicaciones inseguras o que ya no sean necesarias.
Optimize device performance including disk cleanup and endpoint protection scans.
Review firewall configuration and other network infrastructure devices.
Revise el estado de la protección de respaldo de batería en todos los dispositivos de misión crítica.
Stabilize network and assure that all devices can securely access the file server.
Review and document current server configuration and status.
Determine existing business continuity strategy and status; prepare backup file recovery and incident response option for consideration.
Review password policies and update user and device passwords.
Según corresponda, haga recomendaciones sobre cambios que se deben considerar en el entorno administrado.

Esta lista está sujeta a cambios si determinamos, a nuestra discreción, que se requieren actividades de incorporación diferentes o adicionales.

Si se descubren deficiencias durante el proceso de incorporación, le informaremos sobre esos problemas y analizaremos el impacto de las deficiencias en la prestación de nuestros servicios gestionados mensuales. Tenga en cuenta que, a menos que se indique expresamente lo contrario en la cotización, los servicios relacionados con la incorporación no incluyen la solución de ningún problema, error o deficiencia (“Problemas”) y no podemos garantizar que se detecten todos los Problemas durante el proceso de incorporación.

La duración del proceso de incorporación depende de muchos factores, muchos de los cuales pueden estar fuera de nuestro control, como la disponibilidad o escasez de productos, la información requerida de proveedores externos, etc. Por lo tanto, podemos estimar, pero no garantizar, el tiempo y la duración del proceso de incorporación. Lo mantendremos informado a medida que avance el proceso de incorporación.

Ongoing / Recurring Services

Ongoing/recurring services are services that are provided to you or facilitated for you on an ongoing basis and, unless otherwise indicated in a Quote, are billed to you monthly. Some ongoing/recurring services will begin with the commencement of onboarding services; others will begin when the onboarding process is completed. Please direct any questions about start or “go live” dates to your account manager.

Managed Services

Backup and File Recovery

Implementación y facilitación de una solución de respaldo y recuperación de archivos de nuestro proveedor externo designado.

24/7 monitoring of backup system, including offsite backup, offsite replication, and an onsite backup appliance (“Backup Appliance”).
Troubleshooting and remediation of failed backup disks.
Mantenimiento preventivo y gestión de software de imágenes.
Actualizaciones de firmware y software del dispositivo de respaldo.
Problem analysis by the network operations team.
Monitoring of backup successes and failures.
Daily recovery verification.

Backup Data Security: All backed up data is encrypted in transit and at rest in 256-bit AES encryption. All facilities housing backed up data implement physical security controls and logs, including security cameras, and have multiple internet connections with failover capabilities.

Backup Retention: Backed up data will be retained for the periods indicated below unless a different time period is expressly stated in the Quote. This includes both on-premises and cloud backups.

On-Premise Backups
All on-premises backups will be stored on a Network Attached Storage (NAS) device, which will be kept in a secure location with restricted access. On-premises backups will be performed daily and retained on a rolling thirty (30) day basis.

Cloud Backups
All cloud backups will be stored in a secure, off-site location that meets the organization's security standards. Cloud backups will be performed daily and retained on a rolling thirty (30) day basis.

Backup Alerts: Managed servers will be configured to inform of any backup failures.

Recovery of Data: If you need to recover any of your backed up data, then the following procedures will apply:

Service Hours: Backed up data can be requested during our normal business hours, which are currently Monday to Friday 8AM to 6PM EST.
Request Method: Requests to restore backed up data should be made through one of the following methods:
Email: support@massiveit.com
Web portal: https://client.massiveit.com
Telephone: (813) 518-5454
Restoration Time: We will endeavor to restore backed up data as quickly as possible following our receipt of a request to do so; however, in all cases data restoration services are subject to (i) technician availability and (ii) confirmation that the restoration point(s) is/are available to receive the backed-up data.

Backup Monitoring

Implementation and facilitation of a backup monitoring solution from our designated third-party Provider. Features include:

Monitoring backup status for certain backup applications then-installed in the managed environment, such as successful completion of backup, failure errors, and destination free space restrictions/limitations.
Ayudar a garantizar el acceso adecuado a los datos del Cliente en caso de pérdida de datos o interrupción de ciertas aplicaciones de respaldo existentes.

Note: Backup monitoring is limited to monitoring activities only and is not a backup and file recovery solution.

Bloque de horas / Horas de consultoría asignadas

Si compra uno o más bloques de soporte técnico o horas de consultoría de Massive IT, le brindaremos nuestros servicios profesionales de consultoría en tecnología de la información de vez en cuando de forma continua, “a pedido” (“Servicios”).

The specific scope, timing, term, and pricing of the Services (collectively, “Specifications”) will be determined between you and us at the time that you request the Services from us.

You and we may finalize the Specifications (i) by exchanging emails confirming the relevant terms, or (ii) by you agreeing to an invoice, purchase order, or similar document we send to you that describes the Specifications (an “Invoice”), or in some cases, (iii) by us performing the Services or delivering the applicable deliverables in conformity with the Specifications.

If we provide you with an email or an Invoice that contains details or terms for the Services that are different than the terms of the Quote, then the terms of the email or Invoice (as applicable) will control for those Services only.

Un Servicio se considerará completado cuando entreguemos las partes correspondientes de las Especificaciones, a menos que se acuerde expresamente un hito de finalización diferente en las Especificaciones (“Finalización del Servicio”). (Por ejemplo, las ventas de hardware se considerarán completadas cuando se le entregue el hardware; las licencias se completarán cuando se le proporcionen las licencias, etc.) Cualquier defecto o desviación de las Especificaciones debe sernos notificado por escrito dentro de los diez (10) días posteriores a la fecha de Finalización del Servicio. Después de ese momento, cualquier problema o actividad correctiva relacionada con los Servicios se le facturará a usted según nuestras tarifas por hora vigentes en ese momento.

Unless we agree otherwise in writing, Services will be provided only during our normal business hours, which are currently 9 – 6 PM Eastern Time. Services provided outside of our normal business hours are subject to increased fees and technician availability and require your and our mutual consent to implement.

The priority given to implementing the Services will be determined at our reasonable discretion, considering any milestones or deadlines expressly agreed upon in an invoice or email from Massive IT. If no specific milestone or deadline is agreed upon, then the Services will be performed in accordance with your needs, the specific requirements of the job(s), and technician availability.

Dark Web Monitoring

Implementation and facilitation of a Dark Web Monitoring solution from our designated third-party Provider.

Las credenciales proporcionadas por el Cliente se agregarán a un sistema que utiliza continuamente monitoreo humano y por máquina para determinar si las credenciales proporcionadas se encuentran en la red oscura.

If compromised credentials are found, they are reported to Help Desk Services staff who will review the incident and notify affected end-users.

Dark web monitoring can be a highly effective tool to reduce the risk of certain types of cybercrime; however, we do not guarantee that the dark web monitoring service will detect all actual or potential uses of your designated credentials or information.

Email Threat Protection

Implementation and facilitation of a trusted email threat protection solution from our designated third-party Provider.

Protección de correo electrónico administrada contra phishing, compromiso de correo electrónico comercial (BEC), SPAM y malware basado en correo electrónico.
Filtros de nombres descriptivos para proteger contra ataques de suplantación de identidad de ingeniería social en dispositivos administrados.
Protection against social engineering attacks like whaling, CEO fraud, business email compromise or W-2 fraud.
Protege contra dominios recién registrados y recientemente observados para capturar el primer correo electrónico de un dominio recién registrado.
Protects against display name spoofing.
Protects against “looks like” and “sounds like” versions of domain names.

Please see Anti-Virus; Anti-Malware and Breach / Cyber Security Incident Recovery sections below for important details.

All hosted email is subject to the terms of our Hosted Email Policy and our Acceptable Use Policy.

Endpoint Antivirus & Malware Protection

Implementation and facilitation of an endpoint malware protection solution from our designated third-party Provider.

Artificial intelligence and machine learning to provide a comprehensive and adaptive protection paradigm to managed endpoints.
Detection of unauthorized behaviors of users, applications, or network servers.
Bloqueo de acciones sospechosas antes de su ejecución.
Analyzing suspicious app activity in isolated sandboxes.
Antivirus and malware protection for managed devices such as laptops, desktops, and servers.
Protection against file-based and fileless scripts, as well as malicious JavaScript, VBScript, PowerShell, macros and more.
Whitelisting for legitimate scripts.
Blocking of unwanted web content.
Detección de ataques de phishing avanzados.
Detección/prevención de contenido de direcciones IP con baja reputación.

* Please see Anti-Virus; Anti-Malware and Breach / Cyber Security Incident Recovery sections below for important details.

Extended Detection & Response (XDR)

Implementation and facilitation of an endpoint malware protection solution with extended functionalities from our designated third-party Provider.

Correlación automatizada de datos en múltiples capas de seguridad* (correo electrónico, punto final, servidor, carga de trabajo en la nube y red administrada), lo que permite una detección de amenazas más rápida.
Provides extended malware sweeping, hunting, and investigation.
Allows whitelisting for legitimate scripts.
Next-generation deep learning malware detection, file scanning, and live protection for workstation operating system.
Web access security and control, application security and control, intrusion prevention system.
Data loss prevention, exploit prevention, malicious traffic detection, disk and boot record protection.
Managed detection, root cause analysis, deep learning malware analysis, and live response.
On-demand endpoint isolation, advanced threat intelligence, and forensic data export.

* Requires at least two layers (e.g., endpoint, email, network, servers, and/or cloud workload.)

Please see Anti-Virus; Anti-Malware and Breach / Cyber Security Incident Recovery sections below for important details.

End User Security Awareness Training

Implementación y facilitación de una solución de capacitación en concientización sobre seguridad de un proveedor de soluciones externo líder en la industria.

Online, on-demand training videos (multi-lingual).
Online, on-demand quizzes to verify employee retention of training content.
Baseline testing to assess the phish-prone percentage of users; simulated phishing email campaigns designed to educate employees about security threats.

Please see Anti-Virus; Anti-Malware and Breach / Cyber Security Incident Recovery sections below for important details.

Firewall como servicio (dispositivo de firewall proporcionado por Massive IT)

Provide a firewall configured for your organization’s specific bandwidth, remote access, and user needs.
Helps to prevent hackers from accessing internal network(s) from outside the network(s), while providing secure and encrypted remote network access; provides antivirus scanning for all traffic entering and leaving the managed network; provides website content filtering functionality.
Firewall appliance is subject to “Hardware as a Service” terms and conditions located in this Guide.
Firewall appliance must be returned to Massive IT upon the termination of service. Client will be responsible for missing or damaged (normal wear and tear excepted) appliance.

Firewall Solution (firewall appliance provided / purchased by Client)

Monitors, updates (software/firmware), and supports Client-supplied firewall appliance.
Helps to prevent hackers from accessing internal network(s) from outside the network(s), while providing secure and encrypted remote network access; provides antivirus scanning for all traffic entering and leaving the managed network; provides website content filtering functionality.

Labor for New / Replacement Workstations

Includes all labor charges for setup of new workstations, or replacement of existing workstations.

Labor covers:
New computers / additional computers added during the term of the Quote;
Replacement of existing computers that are four (4) or more years old (as determined by the manufacturer’s serial number records);
Reemplazo de computadoras existentes que se perdieron/robaron o sufrieron daños irreparables y/o que se encuentran fuera de garantía pero que aún no tienen cuatro años de antigüedad;
Operating systems upgrades – subject to hardware compatibility.

The following restrictions apply:

Upgrades or installs of new or replacement computers are limited to four (4) devices per month unless otherwise approved in advance by Massive IT;
This service is not available for used or remanufactured computers; and,
New/replacement computers must be business-grade machines (not home) from a major manufacturer like Dell, HPE, or Lenovo.

Detección y respuesta gestionadas (MDR)

Implementation and facilitation of a top-tier MDR solution from our designated third-party Provider.

24x7 Managed network detection and response.
Real time and continuous (24x7) monitoring and threat hunting.
Respuesta a amenazas en tiempo real.
Alerts handled in accordance with our Service response times, below.
Security reports, such as privileged activities, security events, and network reports, are available upon request.
24x7x365 access to a security team for incident response*

* Remediation services provided on a time and materials basis. Please see Anti-Virus; Anti-Malware and Breach / Cyber Security Incident Recovery sections below for important details.

NIST Risk Assessment

Realice una evaluación de ciberseguridad según NIST CSF utilizando el Marco de gestión de riesgos de NIST y NIST (813) 518-5454.

Identifies how Client currently assesses, mitigates, and tracks its cybersecurity requirements.
Identifies authorized and unauthorized devices in the managed network.
Identifies gaps or deficiencies in the Client’s operations that would prevent compliance under NIST CSF.

The assessment will cover the following five core areas of the NIST framework:

Identify
Asset Management
Business Environment
Gobernancia
Risk Assessment
Risk Management Strategy
Supply Chain Risk Management
Protect
Access Control
Concientización y capacitación
Data Security
Information Protection Process & Procedures
Maintenance
Protective Technology
Detect
Anomalies & Events
Monitoreo continuo de la seguridad
Detection Processes
Respond
Response Planning
Communications
Análisis
Mitigación
Improvements
Recover
Recovery Planning
Improvements
Communications

The results of the assessment will be provided in a report that will identify detected risks and your organization’s current maturity levels (i.e., indicators that represent the level of capabilities within your organization’s security program) and will propose actionable activities to help increase relevant maturity levels and augment your organization’s security posture.

Please Note: This service is limited to an assessment/audit only. Remediation of issues discovered during the assessment, as well as additional solutions required to bring your managed environment into compliance, are not part of this service. After the audit is complete, we will discuss the results with you to determine what steps, if any, are needed to bring your organization into full compliance.

Password Manager

Implementation and facilitation of a password management protection solution from our designated third-party Provider.

Password Vault: Securely store and organize passwords in a secure digital location accessed through your browser or an app.
Generación de contraseñas: genere contraseñas seguras con opciones editables para cumplir con criterios específicos.
Bóveda de información financiera: almacene y organice de forma segura información financiera, como cuentas bancarias e información de tarjetas de crédito, en una ubicación digital segura a la que se acceda a través de su navegador o una aplicación.
Contact Information Vault: Store private addresses and personal contact information within your vault accessed through your browser or an app.
Browser App: Browser extension permits easy access to your information including the vaults, financial information, contact information, and single sign-on through the app.
Smart-Phone App: Mobile phone app enables access to your vault and stored information on your mobile device.

Penetration (Pen) Testing

Las pruebas de penetración (o pruebas de penetración) simulan un ciberataque contra su infraestructura de TI para identificar vulnerabilidades explotables. A diferencia de los servicios de escaneo de vulnerabilidades continuos que brindan un nivel constante y estático de escaneo de la red, las pruebas de penetración pueden involucrar varias etapas de reconocimiento y metodologías de ataque reales (como ataques de fuerza bruta o ataques de inyección SQL) y pueden incluir ataques no convencionales y dirigidos que ocurren durante el horario comercial y no comercial. Las pruebas de penetración pueden consistir en cualquiera de los siguientes:

External Pen Testing: exposes vulnerabilities in your internet-facing systems, networks, firewalls, devices, and/or web applications that could lead to unauthorized access.

Internal Pen Testing: Validates the effort required for an attacker to overcome and exploit your internal security infrastructure after access is gained.

PCI Pen Testing: Using the goals set by the PCI Security Standards Council, this test involves both external and internal pen testing methodologies.

Web App Pen Testing: Application security testing using attempted infiltration through a website or web application utilizing PTES and the OWASP standard testing checklist.

Please see additional terms for Penetration Testing below.

Remote Helpdesk

Remote support provided during normal business hours for managed devices and covered software
Tiered-level support provides a smooth escalation process and helps to ensure effective solutions.

Remote Infrastructure Maintenance & Support

Configuration, monitoring, and preventative maintenance services provided for the managed IT infrastructure
If remote efforts are unsuccessful, then Massive IT will dispatch a technician to the Client’s premises to resolve covered incidents (timing of onsite support is subject to technician availability and scheduling).

Remote Monitoring and Management

Los agentes de software instalados en los Equipos Cubiertos (definidos a continuación) informan el estado y los eventos relacionados con TI las 24 horas del día, los 7 días de la semana; las alertas se generan y se responde a ellas de acuerdo con los Niveles de Servicio que se describen a continuación.

Includes capacity monitoring, alerting us to severely decreased or low disk capacity (covers standard fixed HDD partitions, not external devices such as USB or mapped drives)
Includes routine operating system inspection and cleansing to help ensure that disk space is increased before space-related issues occur.
Review and installation of updates and patches for supported software.

Además de lo anterior, nuestro servicio de monitorización y gestión remota se prestará de la siguiente manera:

Event

Server

Hardware Failures - Yes
Device Offline - Yes
Failed/Missing Backups - Yes
Failed/Missing Updates - Yes
Low Disk Space - Yes
Agent missing/misconfigured - Yes
Excessive Uptime - Yes
Automatic Reboots (weekly) - No

Workstation

Fallas de hardware - No
Dispositivo sin conexión - No
Failed/Missing Backups - No
Actualizaciones fallidas o faltantes - No
Low Disk Space - No
Agent missing/misconfigured - No
Tiempo de actividad excesivo - No
Reinicios automáticos (semanales): Sí

Security Incident & Event Monitoring (SIEM)

Implementation and facilitation of an industry leading SIEM solution from our designated third-party Provider.

The SIEM service utilizes threat intelligence to detect threats that can exploit potential vulnerabilities against your managed network.

Initial Assessment: Prior to implementing the SIEM service, we will perform an initial assessment of the managed network at your premises to define the scope of the devices/network to be monitored (the “Initial Assessment”).

Monitoring: The SIEM service detects threats from external facing attacks as well as potential insider threats and attacks occurring inside the monitored network. Threats are correlated against known baselines to determine the severity of the attack.

Alerts & Analysis: Threats are reviewed and analyzed by third-party human analysts to determine true/false positive dispositions and actionability. If it is determined that the threat was generated from an actual security-related or operationally deviating event (an “Event”), then you will be notified of that Event.

Events are triggered when conditions on the monitored system meet or exceed predefined criteria (the “Criteria”). Since the Criteria are established and optimized over time, the first thirty (30) days after deployment of the SIEM services will be used to identify a baseline of the Client’s environment and user behavior. During this initial thirty (30) day period, Client may experience some “false positives” or, alternatively, during this period not all anomalous activities may be detected.

Nota: El servicio SIEM es solo un sistema basado en monitoreo y alertas; la remediación de amenazas detectadas o reales no está dentro del alcance de este servicio y puede requerir que el Cliente contrate los servicios de Massive IT en función del tiempo y los materiales.

Server Monitoring & Maintenance

As part of our RMM service, we will monitor and maintain managed servers as follows:

Los agentes de software instalados en servidores cubiertos informan el estado y los eventos relacionados con TI las 24 horas del día, los 7 días de la semana; se generan alertas y se responde a ellas de acuerdo con los niveles de servicio que se describen a continuación.
Online status monitoring, alerting us to potential failures or outages
Capacity monitoring, alerting us to severely decreased or low disk capacity (covers standard fixed HDD and SSD partitions, not external devices such as USB or mapped network drives)
Performance monitoring, alerting us to unusual processor or memory usage
Server essential service monitoring, alerting us to server role-based service failures
Endpoint protection agent monitoring, alerting us to potential security vulnerabilities
Routine operating system inspection and cleansing
Secure remote connectivity to the server and collaborative screen sharing
Revisión e instalación de actualizaciones y parches para Windows y software compatible
Asset inventory and server information collection

Two Factor Authentication

Implementation and facilitation of a two-factor authentication solution from our designated third-party Provider.

Advanced two factor authentication with advanced admin features.
Secures on-premises and cloud-based applications.
Permits custom access policies based on role, device, location.
Identifies and verifies device health to detect “risky” devices.

Antivirus de última generación para servidores

Implementation and facilitation of a top-tier, next generation antivirus protection solution from our designated third-party Provider.

Software agents installed in covered server devices protect against malware and prevents intruder access. Used in coordination with other endpoint security layers and security solutions to form a comprehensive defense strategy.

Detección de malware mediante aprendizaje profundo de última generación, escaneo de archivos y protección en vivo para sistemas operativos de servidor
Seguridad y control de acceso web, seguridad y control de aplicaciones, sistema de prevención de intrusiones
Data loss prevention, exploit prevention, malicious traffic detection, disk and boot record protection.

Software Licensing (applies to all software licensed by or through Massive IT)

Todo el software que le proporciona Massive IT o a través de él se le otorga bajo licencia, no se le vende (“Software”). Además de los requisitos relacionados con el Software que se describen en el Acuerdo Marco de Servicios de Massive IT, el Software también puede estar sujeto a acuerdos de licencia de usuario final (EULA), políticas de uso aceptable (AUP) y otras restricciones que usted y cualquiera de sus usuarios autorizados deben cumplir estrictamente.

When installing/implementing software licenses in the managed environment or as part of the Services, we may accept (and you agree that we may accept) any required EULAs or AUPs on your behalf. You should assume that all Software has an applicable EULA and/or AUP to which your authorized users and you must adhere. If you have any questions or require a copy of the EULA or AUP, please contact us.

Updates & Patching

Remotely deploy updates (e.g., x.1 to x.2), as well as bug fixes, minor enhancements, and security updates as deemed necessary on all managed hardware.
Perform minor hardware and software installations and upgrades of managed hardware.
Perform minor installations (i.e., tasks that can be performed remotely and typically take less than thirty (30) minutes to complete).
Deploy, manage, and monitor the installation of approved service packs, security updates and firmware updates as deemed necessary on all applicable managed hardware.

Please note: We will keep all managed hardware and managed software current with critical patches and updates (“Patches”) as those Patches are released generally by the applicable manufacturers. Patches are developed by third party vendors and, on rare occasions, may make the Environment, or portions of the Environment, unstable or cause the managed equipment or software to fail to function properly even when the Patches are installed correctly. We will not be responsible for any downtime or losses arising from or related to the installation or use of any Patch. We reserve the right, but not the obligation, to refrain from installing a Patch if we are aware of technical problems caused by a Patch, or we believe that a Patch may render the Environment, or any portion of the Environment, unstable.

Gestión de proveedores

Massive IT Managed Help Desk Services ofrece soporte remoto e in situ, y ofrece asistencia para la resolución de problemas, diagnóstico, escalamiento y coordinación de resoluciones con proveedores externos. Revise la siguiente guía para comprender el alcance y las limitaciones de nuestros servicios:

Third-Party Vendor Examples:

Servicio de Internet terrestre, celular o satelital:
Monitoring, troubleshooting, and escalation support for issues related to your internet connectivity, regardless of the type of service you utilize.
Servicio de Telefonía Tradicional y Voz sobre IP:
Our team assists in managing and troubleshooting issues with both traditional and VoIP telephone services to ensure uninterrupted communication within your organization.
Servicios de Internet o Televisión por Satélite o Radio:
We provide management, monitoring, and support for any disruptions or technical issues affecting your internet, satellite television, or radio services, ensuring minimal downtime and disruption.
Printer, Copier, Fax, or Other Mechanical Based Office Technology:
Our services extend to managing, monitoring, and supporting various office technologies such as printers, copiers, fax machines, and other mechanical-based solutions to maintain optimal productivity levels.
Audio, Video, Lighting, or Automation Solutions:
Massive IT puede ayudar a diagnosticar, solucionar problemas y resolver problemas con soluciones de audio, video, iluminación y automatización, garantizando que funcionen sin problemas para satisfacer las necesidades de su negocio.
Point of Sale Systems:
Brindamos soporte de monitoreo y resolución de problemas para sistemas de puntos de venta para garantizar transacciones fluidas y operaciones ininterrumpidas en su entorno minorista.
Surveillance, Access Control, and Security Alarm Systems:
Our team assists in managing and troubleshooting issues with surveillance cameras, access control systems, and security alarms, helping to maintain a secure environment for your business.
Service Limitations:
Massive IT operates on a "best effort" basis when managing and supporting third-party vendor services. While we strive to provide timely assistance, we cannot guarantee adherence to service level agreements, response times, or issue resolution with third-party vendors.
No seremos responsables de ningún problema que surja de plataformas, procesos, soluciones, personal o metodologías de proveedores externos.
If an issue with a third-party vendor exceeds four hours and is deemed eligible as a project, we will notify you and coordinate a resolution path accordingly.

Customer Responsibilities:

Customers are responsible for maintaining active contracts and relationships with third-party vendors for the services covered under our Managed Help Desk Services.

Promptly notifying Massive IT of any issues or disruptions encountered with third-party vendor services to initiate the support process.

Providing necessary access and information to facilitate troubleshooting and resolution efforts.

Virtual Chief Information Officer (vCIO)

Act as the main point of contact for certain business-related IT issues and concerns.

Assist in creation of information/data-related plans and budgets.
Provide strategic guidance and consultation across different technologies.
Crear mejores estándares y prácticas específicas para la empresa.
Provide education and recommendations for business technologies.
Participate in scheduled meetings to maintain goals.
Maintain technology documentation.
Assess and make recommendations for improving technology usage and services.

Voice Over IP (VoIP) Services

Implementation and facilitation of an industry-recognized VoIP solution from our designated third-party Provider. Features include:

Scalable VoIP-based telephone service with call transferring, voicemail, caller ID, call hold, conference calling, and call waiting functionalities.
Central control panel provides access to VoIP-related configurations, including physical address registration, call routing, updating greetings, and ability to turn on/off service features.
Ability to use mobile app dialing

Importante: Al final de esta Guía de servicios, se incluyen términos adicionales relacionados con el servicio VoIP, incluido el uso de las funciones E911. Léalos detenidamente. Es posible que se le pida que firme un formulario de consentimiento adicional que indique que comprende y acepta las limitaciones de la marcación al 911 mediante los servicios VoIP.

Análisis de vulnerabilidades

Implementation and facilitation of an industry-recognized vulnerability scanning solution from our designated third-party Provider.

Vulnerability scanning identifies holes in the managed network that could be exploited. External vulnerability scans (which pertain to the IP address assigned to each customer location through the Client’s ISP) are run monthly. Internal vulnerability scans (which pertain to all systems inside the managed network) are run at least annually.

Vulnerability results will be discussed during business review meetings with Client. Vulnerability reports will be made available on request.

Please see additional terms for vulnerability scanning below.

Website Hosting

Our designated third-party Provider will provide sufficient space and bandwidth to host your designated website (“Website”) which, except for scheduled downtime or force majeure events, will be available on a 24x7 basis. The Website will be hosted on a server that may be shared between many customers; however, the Website will be given a unique address.

Migración de servidores. Como parte de nuestra actividad habitual, nosotros o nuestro proveedor externo, según corresponda, podemos migrar los servidores en los que se aloja el sitio web. Este proceso no interferirá con los servicios de alojamiento; sin embargo, debido a la posibilidad de migración, no se le garantiza una dirección IP permanente o dedicada.
Administración. Se le proporcionará acceso a un panel de control a través del cual podrá realizar ajustes de configuración en el entorno alojado; sin embargo, le recomendamos encarecidamente que se abstenga de realizar cambios en el entorno alojado sin nuestra orientación o dirección. No seremos responsables de solucionar los problemas causados por sus ajustes en el entorno alojado a menos que dichos ajustes se hayan realizado de conformidad con nuestras instrucciones por escrito o bajo nuestra supervisión.
Balance de recursos/carga. El ancho de banda disponible para su sitio web se comparte y se asigna entre todos nuestros clientes. Usted debe cumplir con todas las limitaciones de ancho de banda impuestas por Massive IT en los servicios de alojamiento, según lo establecido por Massive IT en cada momento. Nos reservamos el derecho de equilibrar la carga del ancho de banda aplicable para garantizar que su actividad no restrinja, inhiba o disminuya el uso del ancho de banda por parte de otros usuarios ni cree una carga inusualmente grande en el ancho de banda. Nos reservamos el derecho de restringir su acceso a su sitio web alojado en caso de que sus actividades creen una carga desproporcionada en nuestra red o en las redes de nuestros proveedores externos (si corresponde), o en cualquier otro recurso crucial que sea razonablemente necesario para garantizar la funcionalidad, integridad y/o seguridad de los servicios de alojamiento.
Backup. Data in the hosted environment will be backed up daily (“Standard Backup Service”); however, the Standard Backup Service is not, and should not be regarded as, a backup and disaster recovery solution. Although the Standard Backup Service is a part of the hosting services, it is only a basic backup service, and it does not provide data integrity verification services or other advanced backup or recovery options. We strongly recommend that you implement a separate backup and disaster recovery solution to protect the security and integrity of, and accessibility to, the data in the hosted environment.
Storage and Security. We and/or our third party providers will take reasonable steps to prevent unauthorized access to the Website and the hosted environment; however, you understand and agree that no security solution is 100% effective, and we do not warrant or guarantee that the hosted environment will be free from unauthorized access or malware at all times.

Client, as well as any visitors to the Website, must comply with our Acceptable Use Policy which is located at the end of this Services Guide.

Wi-Fi Services

Massive IT instalará en las instalaciones del Cliente puntos de acceso inalámbricos para proporcionar ancho de banda en todas las áreas que requieran cobertura de red inalámbrica, según lo acordado entre Massive IT y el Cliente.

Massive IT will maintain, supervise, and manage the wireless system at no additional cost.
Los equipos instalados, si son proporcionados por Massive IT, serán compatibles con los estándares de la industria vigentes en ese momento.
Massive IT will provide remote support services during normal business hours to assist with device connectivity issues. (Support services will be provided on a “best efforts” basis only, and Client understands that some end-user devices may not connect to the wireless network, or they may connect but not perform well).

Please note: Any Wi-Fi devices, such as access points or routers, that are supplied by Client cannot be older than five (5) years from the applicable device’s original date of manufacture, and in all cases must be supported by the manufacturer of the device(s).

Workstation Next-Generation Malware Solution

Implementación y facilitación de una solución de protección contra malware para estaciones de trabajo de última generación reconocida por la industria de nuestro proveedor externo designado.

Los agentes de software instalados en los dispositivos protegidos protegen contra malware y evitan el acceso de intrusos. Se utilizan en coordinación con otras capas de seguridad de puntos finales y soluciones de seguridad para crear una estrategia de defensa integral.

Next-generation deep learning malware detection, file scanning, and live protection for Workstation OS.
Web access security and control, application security and control, intrusion prevention system.
Data loss prevention, exploit prevention, malicious traffic detection, disk, and boot record protection.

Workstation Monitoring & Maintenance

Los agentes de software instalados en estaciones de trabajo cubiertas informan el estado y los eventos relacionados con TI las 24 horas del día, los 7 días de la semana; se generan alertas y se responde a ellas de acuerdo con los niveles de servicio que se describen a continuación.

Online status monitoring, alerting us to potential failures or outages.
Capacity monitoring, alerting us to severely decreased or low disk capacity (covers standard fixed HDD and SSD partitions, not external devices such as USB or mapped network drives).
Performance monitoring, alerting us to unusual processor or memory usage.
Endpoint protection agent monitoring, alerting us to potential security vulnerabilities.
Routine operating system inspection and cleansing.
Conectividad remota segura a la estación de trabajo y uso compartido de pantalla colaborativo.
Revisión e instalación de actualizaciones y parches para Windows y software compatible.
Asset inventory and workstation information collection.

Entorno cubierto

Managed Services will be applied to the number of devices indicated in the Quote (“Covered Hardware”). The list of Covered Hardware may be modified by mutual consent (email is sufficient for this purpose); however, we reserve the right to modify the list of Covered Hardware at any time if we discover devices that were not previously included in the list of Covered Hardware and which are receiving Services, or as necessary to accommodate changes to the quantity of Covered Hardware.

Unless otherwise stated in the Quote, Covered Devices will only include technology assets (such as computers, servers, and networking equipment) owned by the Client’s organization. As an accommodation, Massive IT may provide guidance in connecting a personal device to the Client’s organization’s technology, but support of personal devices is generally not included in the Scope of Services.

If the Quote indicates that the Services are billed on a “per user” basis, then the Services will be provided for up to two (2) Business Devices used by the number of users indicated in the Quote. A “Business Device” is a device that (i) is owned or leased by Client and used primarily for business, (ii) is regularly connected to Client’s managed network, and (iii) has installed on it a software agent through which we (or our designated third-party Providers) can monitor the device.

We will provide support for any software applications that are licensed through us. Such software (“Supported Software”) will be supported on a “best effort” basis only and any support required beyond Level 2-type support will be facilitated with the applicable software vendor/producer. Coverage for non-Supported Software is outside of the scope of the Quote and will be provided to you on a “best-effort” basis and a time and materials basis with no guarantee of remediation. Should our technicians provide you with advice concerning non-Supported Software, the provision of that advice should be viewed as an accommodation, not an obligation, to you.

If we are unable to remediate an issue with non-Supported Software, then you will be required to contact the manufacturer/distributor of the software for further support. Please note: Manufacturers/distributors of such software may charge fees, some of which may be significant, for technical support; therefore, we strongly recommend that you maintain service or support contracts for all non-Supported Software (“Service Contract”). If you request that we facilitate technical support for non-Supported Software and if you have a Service Contract in place, our facilitation services will be provided at no additional cost to you.

In this Services Guide, Covered Hardware and Supported Software will be referred to as the “Environment” or “Covered Equipment.”

Physical Locations Covered by Services

Los servicios se brindarán de forma remota a menos que, a nuestro criterio, determinemos que se requiere una visita in situ. Las visitas masivas de TI se programarán de acuerdo con la prioridad asignada al problema (a continuación) y están sujetas a la disponibilidad del técnico. A menos que acordemos lo contrario, todos los servicios in situ se brindarán en la ubicación comercial principal del Cliente. Es posible que se apliquen tarifas adicionales por las visitas in situ: revise la sección Nivel de servicio a continuación para obtener más detalles.

Minimum Requirements / Exclusions

La programación, tarifas y prestación de los Servicios se basan en los siguientes supuestos y requisitos mínimos, todos los cuales deben ser proporcionados/mantenidos por el Cliente en todo momento:

Server hardware must be under current warranty coverage.
Todos los equipos con sistemas operativos Microsoft Windows® deben ejecutar versiones compatibles de dicho software en ese momento y tener instalados todos los últimos paquetes de servicio y actualizaciones críticas de Microsoft.
All software must be genuine, licensed, and vendor- or OEM-supported.
Server file systems and email systems (if applicable) must be protected by licensed and up-to-date virus protection software.
The managed environment must have a currently licensed, vendor-supported server-based backup solution that can be monitored.
All wireless data traffic in the managed environment must be securely encrypted.
All servers must be connected to working UPS devices.
La cobertura de recuperación asume la integridad de los datos de las copias de seguridad o de los datos almacenados en los dispositivos de copia de seguridad. No garantizamos la integridad de las copias de seguridad ni de los datos almacenados en los dispositivos de copia de seguridad. La restauración del servidor se realizará hasta el punto de la última copia de seguridad realizada correctamente.
Client must provide all software installation media and key codes in the event of a failure.
Los costes necesarios para adecuar el Medio Ambiente a estos estándares mínimos no están incluidos en esta Guía de Servicios.
Client must provide us with exclusive administrative privileges to the Environment.
Client must not affix or install any accessory, addition, upgrade, equipment, or device on to the firewall, server, or NAS appliances (other than electronic data) unless expressly approved in writing by us.

Exclusions. Services that are not expressly described in the Quote will be out of scope and will not be provided to Client unless otherwise agreed, in writing, by Massive IT. Without limiting the foregoing, the following services are expressly excluded, and if required to be performed, must be agreed upon by Massive IT in writing:

Customization of third-party applications, or programming of any kind.
Support for operating systems, applications, or hardware no longer supported by the manufacturer.
Servicios de cableado de datos/voz o cableado de cualquier tipo.
Battery backup replacement.
Equipment relocation.
El costo de adecuar el entorno administrado a estos requisitos mínimos (a menos que se indique lo contrario en la cotización).
The cost of repairs to hardware or any supported equipment or software, or the costs to acquire parts or equipment, or shipping charges of any kind.

Service Levels

Automated monitoring is provided on an ongoing (i.e., 24x7x365) basis. Response, repair, and/or remediation services (as applicable) will be provided only during our business hours (currently M-F, 9 AM – 6 PM Eastern Time, excluding legal holidays and Massive IT-observed holidays as listed below), unless otherwise specifically stated in the Quote or as otherwise described below.

We will respond to problems, errors, or interruptions in the provision of the Services during business hours in the timeframe(s) described below. Severity levels will be determined by Massive IT in our discretion after consulting with the Client. All remediation services will initially be attempted remotely; Massive IT will provide onsite service only if remote remediation is ineffective and, under all circumstances, only if covered under the Service plan selected by Client.

Trouble / Severity Response Time

Critical / Service Not Available (e.g., all users and functions unavailable)

Response within two (2) business hours after notification.

Significant Degradation (e.g., large number of users or business critical functions affected)

Response within four (4) business hours after notification.

Limited Degradation (e.g., limited number of users or functions affected, business process can continue)

Response within eight (8) business hours after notification.

Small Service Degradation (e.g., business process can continue, one user affected)

Response within two (2) business days after notification.

Proyecto a largo plazo, mantenimiento preventivo

Response within four (4) business days after notification.

* Todos los plazos se calculan a partir del momento en que el Cliente nos notifica el problema o la cuestión correspondiente a través de nuestro portal de soporte designado, nuestro servicio de asistencia técnica o por teléfono al número que figura en la Cotización. Las notificaciones recibidas de cualquier forma distinta a la descrita en este documento pueden provocar una demora en la prestación de los servicios de reparación.

Support During Off-Hours/Non-Business Hours: Technical support provided outside of our normal business hours is offered on a case-by-case basis and is subject to technician availability. If Massive IT agrees to provide off-hours/non-business hours support (“Non-Business Hour Support”), then that support will be provided on a time and materials basis (which is not covered under any Service plan), and will be billed to Client at the following increased hourly rates:

Proyecto Profesional Nivel 1: 1,5x tarifa normal
Project Professional Advanced: 2x normal rate
Support Technician, Level 1: 1.5x normal rate
Support Technician, Senior: 2x normal rate

Todos los servicios por hora se facturan en incrementos de 15 minutos y los incrementos parciales se redondean al siguiente incremento más alto. Se aplica un mínimo de una (1) hora a todo el soporte fuera del horario laboral.

Massive IT-Observed Holidays: Massive IT observes the following holidays:

New Year’s Day
Martin Luther King Jr. Day
President’s Day
Viernes Santo – Medio día
Memorial Day
·Independence Day
Labor Day
Thanksgiving Day
El día siguiente al Día de Acción de Gracias
Christmas Eve
Día de Navidad
New Year’s Eve – Half Day

Service Credits: Our service level target is 90% as measured over a calendar month (“Target Service Level”). If we fail to adhere to the Target Service Level and Client timely brings that failure to our attention in writing (as per the requirements of our Master Services Agreement), then Client will be entitled to receive a pro-rated service credit equal to 1/30 of that calendar month’s recurring service fees (excluding hard costs, licenses, etc.) for each day on which the Target Service Level is missed. Under no circumstances shall credits exceed 20% of the total monthly recurring service fees under an applicable Quote.

Fees

The fees for the Services will be as indicated in the Quote.

Reconciliation. Fees for certain third-party Services that we facilitate or resell to you may begin to accrue prior to the “go-live” date of other applicable Services. (For example, Microsoft Azure or AWS-related fees begin to accrue on the first date on which we start creating and/or configuring certain hosted portions of the Environment; however, the Services that rely on Microsoft Azure or AWS may not be available to you until a future date). You understand and agree that you will be responsible for the payment of all fees for third-party Services that are required to begin prior to the “go-live” date of Services, and we reserve the right to reconcile amounts owed for those fees by including those fees on your monthly invoices.

Cambios en el entorno. Inicialmente, se le cobrarán las tarifas mensuales indicadas en la cotización. Posteriormente, si cambia el entorno administrado o si cambia la cantidad de usuarios autorizados que acceden al entorno administrado, usted acepta que las tarifas se modificarán de manera automática e inmediata para adaptarse a esos cambios.

Travel Time. If onsite services are provided, we will travel up to 45 minutes from our office to your location at no charge. Time spent traveling beyond 45 minutes (e.g., locations that are beyond 45 minutes from our office, occasions on which traffic conditions extend our drive time beyond 45 minutes one-way, etc.) will be billed to you at our then current hourly rates. In addition, you will be billed for all tolls, parking fees, and related expenses that we incur if we provide onsite services to you.

Appointment Cancellations. You may cancel or reschedule any appointment with us at no charge by providing us with notice of cancellation at least one business day in advance. If we do not receive timely a notice of cancellation/re-scheduling, or if you are not present at the scheduled time or if we are otherwise denied access to your premises at a pre-scheduled appointment time, then you agree to pay us a cancellation fee equal to two (2) hours of our normal consulting time (or non-business hours consulting time, whichever is appropriate), calculated at our then-current hourly rates.

Access Licensing. One or more of the Services may require us to purchase certain “per seat” or “per device” licenses (often called “Access Licenses”) from one or more third-party Providers. (Microsoft “New Commerce Experience” licenses as well as Cisco Meraki “per device” licenses are examples of Access Licenses.) Access Licenses cannot be canceled once they are purchased and often cannot be transferred to any other customer. For that reason, you understand and agree that regardless of the reason for termination of the Services, fees for Access Licenses are non-mitigatable and you are required to pay for all applicable Access Licenses in full for the entire term of those licenses. Provided that you have paid for the Access Licenses in full, you will be permitted to use those licenses until they expire.

Término; Terminación

The Services will commence, and billing will begin, on the date indicated in the Quote (“Commencement Date”) and will continue through the initial term listed in the Quote (“Initial Term”). We reserve the right to delay the Commencement Date until all onboarding/transition services (if any) are completed, and all deficiencies / revisions identified in the onboarding process (if any) are addressed or remediated to Massive IT’s satisfaction.

The Services will continue through the Initial Term until terminated as provided in the Agreement, the Quote, or as indicated in this Service Guide (the “Service Term”).

Licencias por puesto o por dispositivo: independientemente del motivo de la terminación de los Servicios, deberá pagar todas las licencias por puesto o por dispositivo que adquiramos en su nombre. Consulte “Licencias de acceso” en la sección Tarifas anterior para obtener más detalles.

Removal of Software Agents; Return of Firewall & Backup Appliances: Unless we expressly direct you to do so, you will not remove or disable, or attempt to remove or disable, any software agents that we installed in the managed environment or any of the devices on which we installed software agents. Doing so without our guidance may make it difficult or impracticable to remove the software agents, which could result in network vulnerabilities and/or the continuation of license fees for the software agents for which you will be responsible, and/or the requirement that we remediate the situation at our then-current hourly rates, for which you will also be responsible. Depending on the particular software agent and the costs of removal, we may elect to keep the software agent in the managed environment but in a dormant and/or unused state.

Within ten (10) days after being directed to do so, you must remove, package and ship, at your expense and in a commercially reasonable manner, all hardware, equipment, and accessories leased, loaned, rented, or otherwise provided to you by Massive IT “as a service.” If you fail to timely return all such equipment to us, or if the equipment is returned to us damaged (normal wear and tear excepted), then we will have the right to charge you, and you hereby agree to pay, the replacement value of all such unreturned or damaged equipment.

Offboarding

Subject to the requirements in the MSA, Massive IT will off-board Client from Massive IT’s services by performing one or more of the following:

Removal / disabling of monitoring agents in the Environment.
Removal / disabling of endpoint software from the Environment.
Eliminación/deshabilitación de Microsoft 365 del entorno (a menos que las licencias de Microsoft 365 se transfieran a su proveedor entrante; hable con su técnico para obtener más detalles).
Termination of SQL or Remote Desktop licenses provided by Massive IT.
Removal of credentials from the Environment.
Eliminación del software de copia de seguridad del entorno.

Additional Policies

The following additional policies (“Policies”) apply to Services that we provide or facilitate under a Quote. By accepting a Service for which one or more of the Policies apply, you agree to the applicable Policy.

Authenticity

Everything in the managed environment must be genuine and licensed, including all hardware, software, etc. If we ask for proof of authenticity and/or licensing, you must provide us with such proof. All minimum hardware or software requirements as indicated in a Quote or this Services Guide (“Minimum Requirements”) must be implemented and maintained as an ongoing requirement of us providing the Services to you.

Monitoring Services; Alert Services

Unless otherwise indicated in the Quote, all monitoring and alert-type services are limited to detection and notification functionalities only. Monitoring levels will be set by Massive IT, and Client shall not modify these levels without our prior written consent.

Configuración de servicios de terceros

Certain third-party services provided to you under a Quote may provide you with administrative access through which you could modify the configurations, features, and/or functions (“Configurations”) of those services. However, any modifications of Configurations made by you without authorization could disrupt the Services and/or cause a significant increase in the fees charged for those third-party services. For that reason, we strongly advise you to refrain from changing the Configurations unless we authorize those changes. You will be responsible for paying any increased fees or costs arising from or related to changes to the Configurations.

Modification of Environment

Changes made to the Environment without our prior authorization or knowledge may have a substantial, negative impact on the provision and effectiveness of the Services and may impact the fees charged under the Quote. You agree to refrain from moving, modifying, or otherwise altering any portion of the Environment without our prior knowledge or consent. For example, you agree to refrain from adding or removing hardware from the Environment, installing applications on the Environment, or modifying the configuration or log files of the Environment without our prior knowledge or consent.

Anti-Virus; Anti-Malware

Our anti-virus / anti-malware solution will generally protect the Environment from becoming infected with new viruses and malware (“Malware”); however, Malware that exists in the Environment at the time that the security solution is implemented may not be capable of being removed without additional services, for which a charge may be incurred. We do not warrant or guarantee that all Malware will be detected, avoided, or removed, or that any data erased, corrupted, or encrypted by Malware will be recoverable. To improve security awareness, you agree that Massive IT or its designated third party affiliate may transfer information about the results of processed files, information used for URL reputation determination, security risk tracking, and statistics for protection against spam and malware. Any information obtained in this manner does not and will not contain any personal or confidential information.

Breach/Cyber Security Incident Recovery

Unless otherwise expressly stated in the Quote, the scope of the Services does not include the remediation and/or recovery from a Security Incident (defined below). Such services, if requested by you, will be provided on a time and materials basis under our then-current hourly labor rates. Given the varied number of possible Security Incidents, we cannot and do not warrant or guarantee (i) the amount of time required to remediate the effects of a Security Incident (or that recovery will be possible under all circumstances), or (ii) that all data or systems impacted by the incident will be recoverable or remediated. For the purposes of this paragraph, a Security Incident means any unauthorized or impermissible access to or use of the Environment, or any unauthorized or impermissible disclosure of Client’s confidential information (such as user names, passwords, etc.), that (i) compromises the security or privacy of the information or applications in, or the structure or integrity of, the managed environment, or (ii) prevents normal access to the managed environment, or impedes or disrupts the normal functions of the managed environment.

Environmental Factors

Exposure to environmental factors, such as water, heat, cold, or varying lighting conditions, may cause installed equipment to malfunction. Unless expressly stated in the Quote, we do not warrant or guarantee that installed equipment will operate error-free or in an uninterrupted manner, or that any video or audio equipment will clearly capture and/or record the details of events occurring at or near such equipment under all circumstances.

Fair Usage Policy

Our Fair Usage Policy (“FUP”) applies to all services that are described or designated as “unlimited” or which are not expressly capped in the number of available usage hours per month. An “unlimited” service designation means that, subject to the terms of this FUP, you may use the applicable service as reasonably necessary for you to enjoy the use and benefit of the service without incurring additional time-based or usage-based costs. However, unless expressly stated otherwise in the Quote, all unlimited services are provided during our normal business hours only and are subject to our technicians’ availabilities, which cannot always be guaranteed. In addition, we reserve the right to assign our technicians as we deem necessary to handle issues that are more urgent, critical, or pressing than the request(s) or issue(s) reported by you. Consistent with this FUP, you agree to refrain from (i) creating urgent support tickets for non-urgent or non-critical issues, (ii) requesting excessive support services that are inconsistent with normal usage patterns in the industry (e.g., requesting support in lieu of training), (iii) requesting support or services that are intended to interfere, or may likely interfere, with our ability to provide our services to our other customers.

Hosted Email

You are solely responsible for the proper use of any hosted email service provided to you (“Hosted Email”).

Hosted Email solutions are subject to acceptable use policies (“AUPs”), and your use of Hosted Email must comply with those AUPs—including ours. In all cases, you agree to refrain from uploading, posting, transmitting or distributing (or permitting any of your authorized users of the Hosted Email to upload, post, transmit or distribute) any prohibited content, which is generally content that (i) is obscene, illegal, or intended to advocate or induce the violation of any law, rule or regulation, or (ii) violates the intellectual property rights or privacy rights of any third party, or (iii) mischaracterizes you, and/or is intended to create a false identity or to otherwise attempt to mislead any person as to the identity or origin of any communication, or (iv) interferes or disrupts the services provided by Massive IT or the services of any third party, or (v) contains Viruses, trojan horses or any other malicious code or programs. In addition, you must not use the Hosted Email for the purpose of sending unsolicited commercial electronic messages (“SPAM”) in violation of any federal or state law. Massive IT reserves the right, but not the obligation, to suspend Client’s access to the Hosted Email and/or all transactions occurring under Client’s Hosted Email account(s) if Massive IT believes, in its discretion, that Client’s email account(s) is/are being used in an improper or illegal manner.

Servicios de respaldo (BDR)

Todos los datos transmitidos a través de Internet pueden estar sujetos a malware y contaminantes informáticos como virus, gusanos y troyanos, así como a intentos de usuarios no autorizados, como piratas informáticos, de acceder o dañar los datos del Cliente. Ni Massive IT ni sus afiliados designados serán responsables del resultado de dichas actividades.

BDR services require a reliable, always-connected internet solution. Data backup and recovery time will depend on the speed and reliability of your internet connection. Internet and telecommunications outages will prevent the BDR services from operating correctly. In addition, all computer hardware is prone to failure due to equipment malfunction, telecommunication-related issues, etc., for which we will be held harmless. Due to technology limitations, all computer hardware, including communications equipment, network servers and related equipment, has an error transaction rate that can be minimized, but not eliminated. Massive IT cannot and does not warrant that data corruption or loss will be avoided, and Client agrees that Massive IT shall be held harmless if such data corruption or loss occurs. Client is strongly advised to keep a local backup of all of stored data to mitigate against the unintentional loss of data.

Obtención

Los equipos y software adquiridos por Massive IT en nombre del Cliente (“Equipo adquirido”) pueden estar cubiertos por una o más garantías del fabricante, que se transmitirán al Cliente en la mayor medida posible. Al adquirir equipos o software para el Cliente, Massive IT no ofrece garantías ni declaraciones con respecto a la calidad, integridad o utilidad del Equipo adquirido. Ciertos equipos o software, una vez adquiridos, pueden no ser retornables o, en ciertos casos, pueden estar sujetos a políticas de devolución de terceros y/o tarifas de reposición de existencias, todo lo cual será responsabilidad del Cliente en caso de que se solicite la devolución del Equipo adquirido. Massive IT no es un centro de servicio o reparación de garantía. Massive IT facilitará la devolución o reparación de garantía del Equipo adquirido; Sin embargo, el Cliente entiende y acepta que (i) la devolución o reparación en garantía del Equipo Adquirido se rige por los términos de las garantías (si las hubiera) que rigen el Equipo Adquirido aplicable, por las cuales Massive IT no será responsable, y (ii) Massive IT no es responsable de la cantidad, condición o entrega oportuna del Equipo Adquirido una vez que el equipo haya sido entregado al mensajero de envío o entrega designado.

Business Review / IT Strategic Planning Meetings

We strongly suggest that you participate in business review/strategic planning meetings as may be requested by us from time to time. These meetings are intended to educate you about recommended (and potentially crucial) modifications to your IT environment, as well as to discuss your company’s present and future IT-related needs. These reviews can provide you with important insights and strategies to make your managed IT environment more efficient and secure. You understand that by suggesting a particular service or solution, we are not endorsing any specific manufacturer or service provider.

vCTO or vCIO Services

The advice and suggestions provided by us in our capacity as a virtual chief technology or information officer (if applicable) will be for your informational and/or educational purposes only. Massive IT will not hold an actual director or officer position in Client’s company, and we will neither hold nor maintain any fiduciary relationship with Client. Under no circumstances shall Client list or place Massive IT on Client’s corporate records or accounts.

Sample Policies, Procedures

From time to time, we may provide you with sample (i.e., template) policies and procedures for use in connection with Client’s business (“Sample Policies”). The Sample Policies are for your informational use only, and do not constitute or comprise legal or professional advice, and the policies are not intended to be a substitute for the advice of competent counsel. You should seek the advice of competent legal counsel prior to using or distributing the Sample Policies, in part or in whole, in any transaction. We do not warrant or guarantee that the Sample Policies are complete, accurate, or suitable for your (or your customers’) specific needs, or that you will reduce or avoid liability by utilizing the Sample Policies in your (or your customers’) business operations.

Penetration Testing; Vulnerability Scanning

Usted comprende y acepta que los dispositivos de seguridad, alarmas u otras medidas de seguridad, tanto físicas como virtuales, pueden activarse o activarse durante los procesos de prueba de penetración y/o escaneo de vulnerabilidades, a pesar de nuestros esfuerzos por evitar que esto ocurra. Usted será el único responsable de notificar a cualquier empresa de monitoreo y a todas las autoridades policiales sobre la posibilidad de que se produzcan “falsas alarmas” debido a la prestación de los servicios de prueba de penetración o escaneo de vulnerabilidades, y acepta tomar todas las medidas necesarias para garantizar que las falsas alarmas no se informen ni se traten como “alarmas reales” o amenazas creíbles contra cualquier persona, lugar o propiedad. Algunas alarmas y medidas de seguridad avanzadas, cuando se activan, pueden provocar el apagado parcial o completo del Entorno, lo que causa un tiempo de inactividad sustancial y/o demoras en sus actividades comerciales. No seremos responsables de ningún reclamo, costo, tarifa o gasto que surja o resulte de (i) cualquier respuesta a los servicios de prueba de penetración o escaneo de vulnerabilidades por parte de cualquier empresa de monitoreo o autoridades policiales, o (ii) el apagado parcial o completo del Entorno por parte de cualquier alarma o dispositivo de monitoreo de seguridad.

Sin escaneo de terceros

Unless we authorize such activity in writing, you will not conduct any test, nor request or allow any third party to conduct any test (diagnostic or otherwise), of the security system, protocols, processes, or solutions that we implement in the managed environment (“Testing Activity”). Any services required to diagnose or remediate errors, issues, or problems arising from unauthorized Testing Activity are not covered under the Quote, and if you request us (and we elect) to perform those services, those services will be billed to you at our then-current hourly rates.

Obsolescencia

If at any time any portion of the managed environment becomes outdated, obsolete, reaches the end of its useful life, or acquires “end of support” status from the applicable device’s or software’s manufacturer (“Obsolete Element”), then we may designate the device or software as “unsupported” or “non-standard” and require you to update the Obsolete Element within a reasonable time period. If you do not replace the Obsolete Element reasonably promptly, then in our discretion we may (i) continue to provide the Services to the Obsolete Element using our “best efforts” only with no warranty or requirement of remediation whatsoever regarding the operability or functionality of the Obsolete Element, or (ii) eliminate the Obsolete Element from the scope of the Services by providing written notice to you (email is sufficient for this purpose). In any event, we make no representation or warranty whatsoever regarding any Obsolete Element or the deployment, service level guarantees, or remediation activities for any Obsolete Element.

Licenses

If we are required to re-install or replicate any software provided by you as part of the Services, then it is your responsibility to verify that all such software is properly licensed. We reserve the right, but not the obligation, to require proof of licensing before installing, re-installing, or replicating software into the managed environment. The cost of acquiring licenses is not included in the scope of the Quote unless otherwise expressly stated therein.

VOIP – Marcación de servicios de emergencia 911

The following terms and conditions apply to your use of any VoIP service that we facilitate for you or that is provided to you by a third-party provider of such service. Please note, by using VoIP services you agree to the provisions of the waiver at the end of this section. If you do not understand or do not agree with any of the terms below, you must not subscribe to, use, or rely upon any VoIP service and, instead, you must contact us immediately.

Existe una diferencia importante entre llamar a los servicios de emergencia 9-1-1 mediante un servicio VoIP y llamar a los servicios de emergencia mediante una línea telefónica tradicional. Llamar a los servicios de emergencia mediante un servicio VoIP se denomina “E911”.

Registration: You are responsible for activating the E911 dialing feature by registering the address where you will use the VoIP service. This will not be done for you, and you must take this step on your own initiative. To do this, you must log into your VoIP control panel and provide a valid physical address. If you do not take this step, then E911 services may not work correctly, or at all, using the VoIP service. Emergency service dispatchers will only send emergency personnel to a properly registered E911 service address.

Location: The address you provide in the control panel is the location to which emergency services (such as the fire department, the police department, etc.) will respond. For this reason, it is important that you correctly enter the location at which you are using the VoIP services. PO boxes are not proper addresses for registration and must not be used as your registered address. Please note, even if your account is properly registered with a correct physical address, (i) there may be a problem automatically transmitting a caller's physical location to the emergency responders, even if the caller can reach the 911 call center, and (ii) a VoIP 911 call may go to an unstaffed call center administrative line or be routed to a call center in the wrong location. These issues are inherent to all VoIP systems and services. We will not be responsible for, and you agree to hold us harmless from, any issues, problems, incidents, damages (both bodily- and property-related), costs, expenses, and fees arising from or related to your failure to register timely and correctly your physical location information into the control panel.

Address Change(s): If you change the address used for E911 calling, the E911 services may not be available and/or may operate differently than expected. Moreover, if you do not properly and promptly register a change of address, then emergency services may be directed to the location where your services are registered and not where the emergency may be occurring. For that reason, you must register a change of address with us through the VoIP control panel no less than three (3) business days prior to your anticipated move/address change. Address changes that are provided to us with less than three (3) business days notice may cause incorrect/outdated information to be conveyed to emergency service personnel. If you are unable to provide us with at least three (3) business days notice of an address change, then you should not rely on the E911 service to provide correct physical location information to emergency service personnel. Under those circumstances, you must provide your correct physical location to emergency service dispatchers if you call them using the VoIP services.

If you do not register the VoIP service at your location and you dial 9-1-1, that call will be categorized as a “rogue 911 call.” If you are responsible for dialing a rogue 911 call, you will be charged a non-refundable and non-disputable fee of $250/call.

Power Loss: If you lose power or there is a disruption to power at the location where the VoIP services are used, then the E911 calling service will not function until power is restored. You should also be aware that after a power failure or disruption, you may need to reset or reconfigure the device prior to utilizing the service, including E911 dialing.

Internet Disruption: If your internet connection or broadband service is lost, suspended, terminated or disrupted, E911 calling will not function until the internet connection and/or broadband service is restored.

Account Suspension: If your account is suspended or terminated, then all E911 dialing services will not function.

Network Congestion: There may be a greater possibility of network congestion and/or reduced speed in the routing of E911 calls as compared to 911 dialing over traditional public telephone networks.

WAIVER: You hereby agree to release, indemnify, defend, and hold us and our officers, directors, representatives, agents, and any third party service provider that furnishes VoIP-related services to you, harmless from any and all claims, damages, losses, suits or actions, fines, penalties, costs and expenses (including, but not limited to, attorneys’ fees), whether suffered, made, instituted or asserted by you or by any other party or person (collectively, “Claims”) arising from or related to the VoIP services, including but not limited to any failure or outage of the VoIP services, incorrect routing or use of, or any inability to use, E911 dialing features. The foregoing waiver and release shall not apply to Claims arising from our gross negligence, recklessness, or willful misconduct.

Acceptable Use Policy

The following policy applies to all hosted services provided to you, including but not limited to (and as applicable) hosted applications, hosted websites, hosted email services, and hosted infrastructure services (“Hosted Services”).

Massive IT does not routinely monitor the activity of hosted accounts except to measure service utilization and/or service uptime, security-related purposes and billing-related purposes, and as necessary for us to provide or facilitate our managed services to you; however, we reserve the right to monitor Hosted Services at any time to ensure your compliance with the terms of this Acceptable Use Policy (this “AUP”) and our master services agreement, and to help monitor and ensure the safety, integrity, reliability, or security of the Hosted Services.

Similarly, we do not exercise editorial control over the content of any information or data created on or accessible over or through the Hosted Services. Instead, we prefer to advise our customers of inappropriate behavior and any necessary corrective action. If, however, Hosted Services are used in violation of this AUP, then we reserve the right to suspend your access to part or all of the Hosted Services without prior notice.

Violations of this AUP: The following constitute violations of this AUP:

Harmful or illegal uses: Use of a Hosted Service for illegal purposes or in support of illegal activities, to cause harm to minors or attempt to contact minors for illicit purposes, to transmit any material that threatens or encourages bodily harm or destruction of property or to transmit any material that harasses another is prohibited.
Fraudulent activity: Use of a Hosted Service to conduct any fraudulent activity or to engage in any unfair or deceptive practices, including but not limited to fraudulent offers to sell or buy products, items, or services, or to advance any type of financial scam such as “pyramid schemes,” “Ponzi schemes,” and “chain letters” is prohibited.
Forgery or impersonation: Adding, removing, or modifying identifying network header information to deceive or mislead is prohibited. Attempting to impersonate any person by using forged headers or other identifying information is prohibited. The use of anonymous remailers or nicknames does not constitute impersonation.
SPAM: Massive IT has a zero tolerance policy for the sending of unsolicited commercial email (“SPAM”). Use of a Hosted Service to transmit any unsolicited commercial or unsolicited bulk e-mail is prohibited. You are not permitted to host, or permit the hosting of, sites or information that is advertised by SPAM from other networks. To prevent unnecessary blacklisting due to SPAM, we reserve the right to drop the section of IP space identified by SPAM or denial-of-service complaints if it is clear that the offending activity is causing harm to parties on the Internet, if open relays are on the hosted network, or if denial of service attacks are originated from the hosted network.
Internet Relay Chat (IRC): The use of IRC on a hosted server is prohibited.
Open or “anonymous” proxy: Use of open or anonymous proxy servers is prohibited.
Cryptomining: Using any portion of the Hosted Services for mining cryptocurrency or using any bandwidth or processing power made available by or through a Hosted Services for mining cryptocurrency, is prohibited.
Alojamiento de spammers: Está prohibido alojar sitios web o servicios en un servidor alojado que admita spammers o que provoque (o pueda provocar) que nuestro espacio de IP o cualquier espacio de IP asignado a nosotros o a nuestros clientes aparezca en alguna de las diversas bases de datos de SPAM. Los clientes que infrinjan esta política verán su servidor eliminado inmediatamente de nuestra red y el servidor no se volverá a conectar hasta que el cliente acepte eliminar todos los rastros del material ofensivo inmediatamente después de la reconexión y acepte permitir que Massive IT acceda al servidor para confirmar que todo el material se ha eliminado por completo. Cualquier suscriptor culpable de una segunda infracción puede ser eliminado de forma inmediata y permanente de la red alojada por causa justificada y sin previo aviso.
Email/message forging: Forging any email message header, in part or whole, is prohibited.
Unauthorized access: Use of the Hosted Services to access, or to attempt to access, the accounts of others or to penetrate, or attempt to penetrate, Massive IT’s security measures or the security measures of another entity's network or electronic communications system, whether or not the intrusion results in the corruption or loss of data, is prohibited. This includes but is not limited to accessing data not intended for you, logging into or making use of a server or account you are not expressly authorized to access, or probing the security of other networks, as well as the use or distribution of tools designed for compromising security such as password guessing programs, cracking tools, or network probing tools.
IP infringement: Use of a Hosted Service to transmit any materials that infringe any copyright, trademark, patent, trade secret or other proprietary rights of any third party, is prohibited.
Collection of personal data: Use of a Hosted Service to collect, or attempt to collect, personal information about third parties without their knowledge or consent is prohibited.
Network disruptions and sundry activity. Use of the Hosted Services for any activity which affects the ability of other people or systems to use the Hosted Services or the internet is prohibited. This includes “denial of service” (DOS) attacks against another network host or individual, “flooding” of networks, deliberate attempts to overload a service, and attempts to “crash” a host.
Distribution of malware: Intentional distribution of software or code that attempts to and/or causes damage, harassment, or annoyance to persons, data, and/or computer systems is prohibited.
Excessive use or abuse of shared resources: The Hosted Services depend on shared resources. Excessive use or abuse of these shared network resources by one customer may have a negative impact on all other customers. Misuse of network resources in a manner which impairs network performance is prohibited. You are prohibited from excessive consumption of resources, including CPU time, memory, and session time. You may not use resource-intensive programs which negatively impact other customers or the performances of our systems or networks.
Allowing the misuse of your account: You are responsible for any misuse of your account, even if the inappropriate activity was committed by an employee or independent contractor. You shall not permit your hosted network, through action or inaction, to be configured in such a way that gives a third party the capability to use your hosted network in an illegal or inappropriate manner. You must take adequate security measures to prevent or minimize unauthorized use of your account. It is your responsibility to keep your account credentials secure.

To maintain the security and integrity of the hosted environment, we reserve the right, but not the obligation, to filter content, Massive IT requests, or website access for any web requests made from within the hosted environment.

Revisions to this AUP: We reserve the right to revise or modify this AUP at any time. Changes to this AUP shall not be grounds for early contract termination or non-payment.

Services Guide

Servicios de auditoría inicial/diagnóstico

Onboarding Services

Ongoing / Recurring Services

Managed Services

Backup and File Recovery

Backup Monitoring

Bloque de horas / Horas de consultoría asignadas

Dark Web Monitoring

Email Threat Protection

Endpoint Antivirus & Malware Protection

Extended Detection & Response (XDR)

End User Security Awareness Training

Firewall como servicio (dispositivo de firewall proporcionado por Massive IT)

Firewall Solution (firewall appliance provided / purchased by Client)

Labor for New / Replacement Workstations

Detección y respuesta gestionadas (MDR)

NIST Risk Assessment

Password Manager

Penetration (Pen) Testing

Remote Helpdesk

Remote Infrastructure Maintenance & Support

Remote Monitoring and Management

Event

Security Incident & Event Monitoring (SIEM)

Server Monitoring & Maintenance

Two Factor Authentication

Antivirus de última generación para servidores

Software Licensing (applies to all software licensed by or through Massive IT)

Updates & Patching

Gestión de proveedores

Third-Party Vendor Examples:

Virtual Chief Information Officer (vCIO)

Voice Over IP (VoIP) Services

Análisis de vulnerabilidades

Website Hosting

Wi-Fi Services

Workstation Next-Generation Malware Solution

Workstation Monitoring & Maintenance

Entorno cubierto

Physical Locations Covered by Services

Minimum Requirements / Exclusions

Service Levels

Trouble / Severity Response Time

Critical / Service Not Available (e.g., all users and functions unavailable)

Significant Degradation (e.g., large number of users or business critical functions affected)

Limited Degradation (e.g., limited number of users or functions affected, business process can continue)

Small Service Degradation (e.g., business process can continue, one user affected)

Proyecto a largo plazo, mantenimiento preventivo

Fees

Término; Terminación

Offboarding

Additional Policies

Authenticity

Monitoring Services; Alert Services

Configuración de servicios de terceros

Modification of Environment

Anti-Virus; Anti-Malware

Breach/Cyber Security Incident Recovery

Environmental Factors

Fair Usage Policy

Hosted Email

Servicios de respaldo (BDR)

Obtención

Business Review / IT Strategic Planning Meetings

vCTO or vCIO Services

Sample Policies, Procedures

Penetration Testing; Vulnerability Scanning

Sin escaneo de terceros

Obsolescencia

Licenses

VOIP – Marcación de servicios de emergencia 911

Acceptable Use Policy

9630 W Linebaugh Avenue Tampa, Florida 33626