diagram.png

In this diagram, it’s specified how SOS Support works, as well as all the processes of our work, and our intention with this is that clients could get our MSP agreement, so they’ll be informed

Minimum Standards:

  • Business Grade Managed Antivirus
  • Patches installed within 7 days, Servers within 30 days
  • Non-critical and 3rd party OS and Device patches installed within 30 days
  • Critical Firmware/Driver updates installed within 7 days
  • Business Grade Unified Threat Managed Firewall providing Content Filter, AV, AM, Intrusion Prevention
  • Critical data backed up daily, tested quarterly at a minimum
  • All systems storing sensitive data must be wiped to ISO-27001 standards upon decommission
  • All portable devices storing sensitive data must use disk encryption technologies
  • All USB/CD/DVD’s containing sensitive information must be encrypted

Additional Standards:

  • All systems not behind the Business Managed Firewall must have Anti-Breach/Anti-Intrusion software
  • All networked computers to have real-time Suspicious login detection, Automated daily investigations and remediations, and PII/PHI detection.
  • All shared files/folders must be in a security-driven solution such as Windows Server File Server, Datto Workplace, or equivalent.
  • All email accounts must have 2-Factor Authentication enforced (2FA)
  • All industry-specific SaaS software (internet-based production systems) must have 2FA enforced
  • Email providers must match compliance requirements. We have found Microsoft 365 and Gsuite to be the only reliable reputable services to standardize upon.
  • Security Awareness Training campaigns to be actively deployed to train employees and users on phishing attacks
  • All endpoints are monitored by a 24/7 solution that monitors resources: CPU, Storage, Memory utilization
  • Production Server’s to be pro-actively managed in a plan with at least once/month of after-hours maintenance (preferably twice)
  • Enhanced Network Monitoring to be enabled on all networks with over 50 devices
  • Email Encryption Services with Enterprise SPAM filtering

 

Service Provider Terms & Conditions Privacy Notice
Antivirus Sophos https://www.sophos.com/en-us/legal/sophos-end-user-license-agreement.aspx https://www.sophos.com/en-us/legal/sophos-group-privacy-notice.aspx
Backup & Recovery Acronis https://www.acronis.com/en-us/support/eula.html
Backup & Recovery Datto https://www.datto.com/legal/content-owner-terms datto.com/legal/privacy-policy
Backup & Recovery Microsoft 365 Datto https://www.backupify.com/backupify-terms-of-use
DNS Filter TitanDNS https://www.titanhq.com/about/terms-conditions/ webtitan.com/privacy-statement/
Documentation and Snapshot Liongard https://www.liongard.com/terms-of-use/ https://www.liongard.com/privacy-policy/
Darkweb Scanning Darkweb ID Coming Soon
Documentation ITGlue itglue.com/terms/
Managed Detection & Response (MDR) Huntress https://huntress.io/terms_of_service.html https://huntress.io/privacy.html
EDR (Antivirus / Malware) SentinelOne https://www.sentinelone.com/legal/terms-of-service/
Helpdesk Ticketing Datto https://www.autotask.com/assets/terms/2016/03/autotask.htm https://www.datto.com/legal/privacy-policy
Remote Monitoring & Management (RMM) Datto Coming Soon https://www.datto.com/legal/privacy-policy
Privileged Access Management (PAM) ThreatLocker Coming Soon
Office 365 Microsoft Coming Soon
Network Management Ubiquiti Coming Soon
Multi-Factor Authencation DUO https://duo.com/legal/terms
Password Management Lastpass Coming Soon
Verified by MonsterInsights