Supplementary Terms for the supply of Subscription Services
Supplementary Terms – Managed IT Services
The Services set out in these Supplementary Terms shall be supplied by Lantech to the Client on the terms and conditions set out in Lantech’s General Terms and Conditions and the terms and conditions of these Supplementary Terms. All definitions set out in the General Terms and Conditions shall, unless otherwise specified below, have the same meaning when used in these Supplementary Terms.
1. SUPPLEMENTARY DEFINITIONS
1.1 ‘Cloud-Based Utilities’ means the collection of ancillary third-party provided services, including backup, anti-Malware, and monitoring services which will be used by Lantech in support of the Managed IT Services.
1.2 ‘Configuration’ means the configuration of the IT Equipment, including hardware, installed software and all associated settings and or parameters.
1.3 ‘Data Centre’ means a remote data storage facility.
1.4 ‘Data Security Event’ means a breach of the security of the Client’s infrastructure resulting in loss or damage, including loss of usernames, passwords, Personal Data; crypto-locking or other Malware-related damage.
1.5 ‘Desktop’ (‘Endpoint’) means all computing devices save Servers, including desktop computers and laptop computers which collectively form a sub-set of the IT Equipment.
1.6 ‘Emergency Maintenance’ means any period of maintenance for which, due to reasons beyond its reasonable control, Lantech is unable to provide prior notice of.
1.7 ‘End User’ means a user of the IT Equipment.
1.8 ‘Hardware’ means IT equipment including Servers, routers, switches, desktop machines and other electronic devices.
1.9 ‘Helpdesk’ means Lantech’s dedicated team of qualified support specialists.
1.10 ‘Hosted Services’ means Software that is hosted in a Microsoft365 tenant and accessed by the Client remotely.
1.11 ‘Hours of Cover’ means the hours of cover set out in the Service Schedule, unless amended on the Order.
1.12 ‘IT Equipment’ means Servers, Endpoints and any other electronic devices that are installed or used at the Client’s Site, which are listed on the Order and is/are to be supported under the terms of this Agreement.
1.13 ‘IT Infrastructure’ means the IT Equipment, Local Area Network and their respective configuration.
1.14 ‘Local Area Network’ (‘LAN’) means the network infrastructure at the Client’s Site.
1.15 ‘Line of Business Application’ means the software which is installed on the IT Equipment and is provided by the Client.
1.16 ‘Managed IT Services’ means IT support services set out on the Order and described in the Service Schedule.
1.17 ‘Monitoring Agent’ means Software which is installed on the Client’s Server by Lantech which enables system monitoring and performance reporting.
1.18 ‘Network Equipment’ means network components save cabling, including switches, routers, Wi-Fi controllers, Wi-Fi and access points, which comprise a sub-set of the IT Equipment.
1.19 ‘Planned Maintenance’ means any period of maintenance for which Lantech provides prior notice.
1.20 ‘Service Package’ means the bundle of Service Components which make up the Managed IT Services which the Client subscribes to.
1.21 ‘Server’ means IT Equipment that functions as a Server that is listed on the Order.
1.22 ‘Site’ means Client’s site at which IT Equipment is located, as set out in the Order.
1.23 ‘Software’ means the software which is installed on the IT Equipment, as listed on the Order.
1.24 ‘Vulnerability Test’ means an automatic or manual check of system’s configuration pertaining to cyber security which is performed by Lantech.
2. TERM
2.1 This Agreement will come into effect on acceptance of the Client’s Order by Lantech and shall run until the RFS Date (the ‘Run-Up Period’) and following the RFS Date for a Minimum Term of twelve months unless otherwise set out in the Order.
2.2 This Agreement shall continue to run after the expiry of the Minimum Term (or subsequent Additional Term) for an Additional Term. The duration of the Additional Term shall be twelve months, unless otherwise set out on the Order. Lantech shall, not less than ninety days prior to the end of the Minimum Term or any Additional Term thereafter, notify the Client of changes to Charges and any other changes to the terms of this Agreement. In the event that:
- 2.2.1 The Client serves notice to terminate this Agreement in accordance with clause 11 of the General Terms and Conditions or clause 9 hereof, this Agreement shall terminate at the end of the Minimum Term or Additional Term thereafter;
- 2.2.2 The Client notifies Lantech of acceptance of changes, the Agreement shall continue in force for an Additional Term;
- 2.2.3 The Client fails to notify Lantech of acceptance of changes and fails to serve notice to terminate, such failure to notify Lantech shall imply that the changes have been accepted and the Agreement shall continue in force for an Additional Term.
2.3 Notwithstanding the provisions of sub-clause 2.1, the Client may terminate this Agreement on written notice and without liability within one hundred and eighty days of the RFS Date if the Client is not satisfied with Lantech’s performance of the Services.
3. PROVISION OF SERVICES
3.1 Managed IT Services are provided to support the Client’s on-premise IT systems and Hosted Services. Managed IT Services will be provided by Lantech remotely and if set out on the Order, when required, visits shall be made to the Client’s Site. For the avoidance of doubt, Managed IT Services do not include the provision or support of network connectivity outside of the Client’s Site, nor do the Services include maintenance of hardware.
3.2 The Managed IT Services to be provided hereunder shall include those set out in the Order and described in the Service Schedule.
3.3 During the term of this Agreement, Lantech shall be entitled to make alterations to the Configuration of the IT Equipment and / or Hosted Services. Such alterations may result in temporary disruption to the availability of the IT Equipment and / or Hosted Services and Lantech will use reasonable endeavours to minimise such disruption and will provide as much notice as possible prior to such disruption.
3.4 Lantech cannot guarantee and does not warrant that the Managed IT Services shall result in the IT Equipment or Hosted Services operating free from interruptions or temporary degradation performance quality.
3.5 Lantech provides Cloud-Based Utilities under the terms of this Agreement; and:
- 3.5.1 Lantech shall use reasonable endeavours to provide the Cloud-Based Utilities 24 x 7 x 365;
- 3.5.2 Lantech cannot guarantee and does not warrant that the Cloud-Based Utilities will be free from interruptions, including:
- a) Interruption of the Cloud-Based Utilities for operational reasons and temporary degradation of the quality of the Server Monitoring services;
- b) Interruption of the network connection between the Cloud-Based and the IT Equipment; and
- c) Any such interruption of the Cloud-Based Utilities referred to in this sub-clause shall not constitute a breach of this Agreement.
- 3.5.3 Although Lantech will use reasonable endeavours to ensure the accuracy and quality of the Cloud-Based Utilities, such are provided on an “as is” basis and Lantech does not make any representations as to the accuracy, comprehensiveness, completeness, quality, currency, error-free nature, compatibility, security or fitness for purpose of the Cloud-Based Utilities.
4. ACCEPTABLE USE
4.1 The Client agrees to use the IT Equipment and / or Hosted Services in accordance with the provisions of this Agreement, any relevant Service literature and all other reasonable instructions issued by Lantech from time to time.
4.2 The Client agrees to ensure that the IT Equipment and / or Hosted Services are not used by its End Users to:
- 4.2.1 Post, download, upload or otherwise transmit materials or data which is abusive, defamatory, obscene, indecent, menacing or disruptive;
- 4.2.2 Post, download, upload or otherwise transmit materials or data uploads or make other communications in breach of the rights of third parties, including but not limited to those of quiet enjoyment, privacy and copyright;
- 4.2.3 Carry out any fraudulent, criminal or otherwise illegal activity;
- 4.2.4 In any manner which in Lantech’s reasonable opinion brings Lantech’s name into disrepute;
- 4.2.5 Knowingly make available or upload file that contain Malware or otherwise corrupt data;
- 4.2.6 Falsify true ownership of software or data contained in a file that the Client or End User makes available via IT Equipment or Hosted Services;
- 4.2.7 Falsify user information or forge addresses;
- 4.2.8 Act in any way which threatens the security or integrity of the IT Equipment or Hosted Services, including the download, intentionally or negligently, of Malware;
- 4.2.9 Violate general standards of internet use, including denial of service attacks, web page defacement and port or number scanning;
- 4.2.10 Connect to the IT Equipment or Hosted Services insecure equipment or services able to be exploited by others to carry out actions which constitute a breach of this Agreement including the transmission of unsolicited bulk mail or email containing infected attachments or attempts to disrupt websites and/or connectivity or any other attempts to compromise the security of other users of our network or any other third-party system;
4.3 The Client acknowledges that it responsible for all data and/or traffic originating from the IT Equipment and /or Hosted Services.
4.4 The Client agrees to immediately disconnect (and subsequently secure prior to reconnection) equipment generating data and/or traffic which contravenes this Agreement upon becoming aware of the same and/or once notified of such activity by Lantech.
4.5 Subject to the provisions of sub-clause 10.13 of the General Terms and Conditions, the Client shall indemnify Lantech against any third-party claims arising from the Client’s breach of the terms of this clause 4.
5. CLIENT’S OBLIGATIONS
5.1 During the term of this Agreement, the Client shall:
5.2 Pay all additional Charges levied by Lantech, including those arising from usage-based components of the Services.
5.3 Use reasonable endeavours to ensure that user-names, passwords and personal identification numbers are kept secure and:
- 5.3.1 On a regular basis, change access passwords for all IT Equipment and / or Hosted Services that in the Client’s reasonable opinion may be liable to access by unauthorised persons.
5.4 Agree that in all instances where it attaches equipment that has not been provided by Lantech to the IT Equipment or Hosted Services that such equipment shall be technically compatible and conforms to any instruction issued by Lantech in relation thereto.
5.5 Accept that if it attaches equipment that does not comply with the provisions of sub-clause 5.4 (‘Unauthorised Equipment’) and such Unauthorised Equipment in the reasonable opinion of Lantech is causing disruption to the functionality of the IT Equipment, Lantech shall be entitled to:
- 5.5.1 If technically possible, reconfigure the Unauthorised Equipment, and charge the Client for the work at its prevailing rate;
- 5.5.2 Charge the Client at its prevailing rate for any additional work arising from, or in connection with the Unauthorised Equipment;
- 5.5.3 Request that the Client disconnect the Unauthorised Equipment from the IT Equipment or Hosted Services; and if such request is not agreed by the Client within thirty days, terminate this Agreement forthwith.
5.6 Accept that is the Client’s sole responsibility to take all reasonable steps, including the implementation of anti-virus systems, firewalls and staff training to prevent the introduction of Malware into the IT Equipment or Hosted Services.
5.7 Be solely responsible for ensuring compliance with the terms of licence of any Software that is a component of the IT Equipment that has been provided by the Client.
5.8 Be responsible for providing external network connectivity, including access to the Public Internet, as required for the correct functioning of the IT Equipment and / or Hosted Services.
5.9 During term of this Agreement maintain a level of cyber-breach insurance cover that is appropriate to the risks associated with accidental destruction, damage, loss or disclosure of Client Data; general insurance to cover loss of or damage to the IT Equipment; and
- 5.9.1 In response to reasonable requests made by Lantech, provide evidence to show compliance with this sub-clause;
- 5.9.2 Not do or omit to do anything which would destroy or impair the legal validity of the insurance;
- 5.9.3 If the Client suffers a Data Security Event and subsequently requests assistance from Lantech, ensure that such request for assistance will not breach the terms of the insurance policy prior to requesting assistance from Lantech;
- 5.9.4 Acknowledge that insurance will not relieve the Client of any liabilities under this Agreement.
6. LANTECH’S OBLIGATIONS
During the term of this Agreement, and subject to the performance by the Client of its obligations hereunder, Lantech shall:
6.1 Provide the Services set out in the Order and described in the attached Service Schedule.
6.2 During the hours of cover set out in the Order, make available a Helpdesk that shall provide support and guidance in the use of the IT Equipment and / or Hosted Services and manage the resolution of all Incidents raised by the Client.
6.3 During the Hours of Cover set out in the Service Schedule or as amended in the Order, monitor the performance of the Servers.
6.4 Respond to Incidents reported by the Client and make reasonable endeavours to repair any Incident that is within the IT Equipment, Hosted Services or directly caused by Lantech, its employees, agents, subcontractors or suppliers.
6.5 Proactively respond to Incidents reported by the Monitoring Agents and make reasonable endeavours to repair any Incident that is within the IT Equipment or Hosted Services.
6.6 During the Run-Up Period, Lantech shall carry out pre-service on-boarding services as described in the Service Schedule.
6.7 Lantech shall prepare and maintain a detailed plan for the orderly transition of the Services from Lantech to the Client or its nominated replacement supplier (the ‘Exit Plan’); and the Exit Plan shall as appropriate include the following:
- 6.7.1 A list of objectives of the plan;
- 6.7.2 A timeframe for the achievement of each objective;
- 6.7.3 Any pre-requisites required for the delivery of each objective;
- 6.7.4 Any risks associated with the delivery of each objective;
- 6.7.5 Roles and responsibilities;
- 6.7.6 Lantech’s reasonable Charges for executing the Exit Plan; and
- 6.7.7 Examples of Exit Plan objectives include:
- a) Hand-over of server images;
- b) Hand-over of backups of Client Data;
- c) The orderly removal of Client Data from Lantech’s Infrastructure;
- d) The continuity of delivery of the Services;
- e) The orderly removal of any Monitoring Agents installed by Lantech on the Client’s Equipment to enable delivery of the Services.
7. Clause Intentionally Unused
8. GENERAL
8.1 If Lantech carries out work in response to an Incident reported by the Client and Lantech subsequently determines that such Incident either was not present or was caused by an act or omission of the Client, Lantech shall be entitled to charge the Client at its prevailing rate.
8.2 In the event of persistent breach of clause 4.2.8, Lantech shall be entitled to:
- 8.2.1 Charge the Client at its prevailing rate for the removal of Malware;
- 8.2.2 Terminate this Agreement.
8.3 Lantech may perform any Planned Maintenance that may limit the availability of the Cloud-Based Utilities. Planned Maintenance will be scheduled to minimise disruption to the Client. The Client will be notified at least forty eight hours prior to such Planned Maintenance taking place.
8.4 Lantech may be unable to provide prior notice of Emergency Maintenance to the Cloud-Based Utilities, but will endeavour to minimise the impact of any such maintenance on the Client.
8.5 If the Client suffers a Data Security Event and subsequently requests assistance from Lantech, it is the Client’s sole responsibility to ensure that such request for assistance will not breach the terms of any cyber-insurance policy that the Client has in place, prior to requesting assistance from Lantech.
8.6 If the Client is contacted by Lantech and requested to make a change to the Configuration of the IT Equipment or Hosted Services, it is the Client’s sole responsibility to verify the identity of the requestor prior to carrying out the requested change.
8.7 If Lantech resets any passwords during the execution of the Services, it shall be the Client’s sole responsibility to change such changed passwords and ensure that such changes are compliant with any security policy that may be in effect.
8.8 The Client acknowledges that if it elects not to take advice in given by Lantech in relation to the security and performance of the IT Equipment or Hosted Services, there may be a resulting risk to the integrity of the IT Equipment or Hosted Services and that Lantech shall not be liable for any degradation in integrity or security resulting from such decision and that any additional costs incurred by Lantech resulting there from will be charged to the Client.
8.9 The Client hereby consents to Lantech and its sub-contractors accessing the IT Equipment and Hosted Services, for the sole purpose of providing the Services.
9. TERMINATION
9.1 In addition to the provisions of clause 11 of the General Terms and Conditions, this Agreement may also be terminated:
- 9.1.1 By either party by giving the other not less than thirty days’ notice in writing to terminate at the end of the Minimum Term or any Additional Term thereafter.
- 9.1.2 By the Client giving thirty days’ notice in writing if Lantech makes a change to the Services or terms of this Agreement which is materially disadvantageous to the Client (for the avoidance of doubt, not including changes to Charges) PROVIDED THAT such notice is given within twenty eight days of the effective date of the change and such change does not arise from a statutory requirement issued by government, a regulatory body or other competent authority.
9.2 Lantech may terminate the provision of any Service Component on written notice in the event that its supplier of such Service Component ceases to provide the Service Component to Lantech.
9.3 On termination of this Agreement, Lantech shall charge the Client for the off-boarding of the IT Equipment (‘Off-Boarding Charge’), at its prevailing rate.
10. CHARGES AND PAYMENT
10.1 Invoices for periodic Charges shall be raised in advance of the relevant period. The invoicing period is set out on the Order.
10.2 The periodic Charge will be based on the higher of the number of Endpoints set out on the Order and the number discovered by Lantech’s Monitoring Agent or manual discovery as reported in the previous charging period.
10.3 Lantech shall commence charging for the Managed IT Services from the RFS Date, regardless of the date on which the Client commences use of the Managed IT Services. If the RFS Date does not correspond with Lantech’s invoicing period as set out in the Order, Lantech shall charge the Client at a pro-rata rate for the first invoicing period.
10.4 On-boarding and usage-based Charges, including Charges made for use of Services in excess of any pre-paid amounts, will be invoiced in arrears.
10.5 The Client acknowledges that the Charges for the Minimum Term are calculated by Lantech in consideration inter alia of the setup costs to be incurred by Lantech and the length of the Minimum Term offered.
10.6 The Managed IT Services will be provided by Lantech for use by the Client on a fair use basis. If, in the reasonable opinion of Lantech, the Client’s use of the Services is deemed excessive, Lantech shall be entitled to charge the Client at its prevailing rate for the supply of such Services.
10.7 The Client agrees that it shall be liable for termination Charges if this Agreement is terminated by:
- 10.7.1 The Client terminating this Agreement for convenience prior to the end of the Minimum Term, whereupon the Client shall be liable for the fixed periodic Charges payable for the remainder of the Minimum Term and the Off-Boarding Charge;
- 10.7.2 Lantech terminating this Agreement prior to the end of the Minimum Term by reason of the Client’s un-remedied breach of the terms of this Agreement, whereupon the Client shall be liable for the fixed periodic Charges payable for the remainder of the Minimum Term or Additional Term, as applicable and the Off-Boarding Charge.
10.8 The Client shall not be liable for termination Charges if this Agreement is terminated by:
- 10.8.1 The Client at the end of the Minimum Term or end of any Additional Term PROVIDED THAT the Client properly serves written notice to terminate, in accordance with clause 9;
- 10.8.2 Lantech at any time if it can no longer provide the Services;
- 10.8.3 The Client by reason of Lantech’s un-remedied or repeated breach of the terms of this Agreement;
- 10.8.4 A right of termination arises under the provisions of sub-clause 9.1.2.
11. LIMITATIONS AND EXCLUSIONS
11.1 In addition to the terms set out in clause 12 of the General Terms and Conditions, Lantech shall also be entitled to suspend the provision of Services, in whole or part, without notice due to Lantech being required by governmental, emergency service, regulatory body or other competent authority to suspend Services.
11.2 This Agreement and the Services provided by Lantech do not include:
- 11.2.1 The maintenance or support of any equipment that is not listed on the Order, which for the avoidance of doubt also excludes employee-owned equipment;
- 11.2.2 Repair or replacement of any damaged IT Equipment where such damage is caused by accident, misuse or wear and tear;
- 11.2.3 The supply of any consumables;
- 11.2.4 Recovery of Client data whose loss can be reasonably attributed to accidental deletion, mis-use or negligence by the Client;
- 11.2.5 Unless the Client subscribes to Lantech’s Complete Package or Enhanced Security Package, removal of Malware or the recovery of Client Data that results from Malware infection;
- 11.2.6 Remediation following a cyber-breach or hack;
- 11.2.7 Remediation of issues caused by Windows 10 and Windows 11 feature upgrades;
- 11.2.8 Operating system installation or re-installation;
- 11.2.9 Software installation;
- 11.2.10 Bare-metal restores;
- 11.2.11 Third-party application or Line of Business Application support;
- 11.2.12 Support for any Software that is not currently supported by its vendor;
- 11.2.13 The provision of development projects;
- 11.2.14 The provision of End User or ‘how to’ training;
- 11.2.15 Support for internet service provider outages;
- 11.2.16 Power management or UPS support;
Lantech may at its sole discretion provide any of the excluded services listed in this sub-clause 11.2, and charge for the supply thereof at its prevailing rates.
11.3 Lantech cannot provide any greater warranty than that offered by the IT Equipment’s supplier, and if parts are required to fix a failure that are not covered by the manufacturer’s warranty, or such hardware is not covered by manufacturer’s warranty, Lantech’s obligation shall be limited to using reasonable endeavours provide the Client with a quotation for the supply of the replacement part and labour required to install the replacement part prior to the supply thereof, and Lantech does not guarantee that it will be able to source the replacement part.
11.4 Whilst Lantech’s Monitoring Agents are intended to proactively identify most system-related Incidents, Lantech does not warrant and cannot guarantee that the Monitoring Agents will identify all system-related Incidents and shall not be liable for any losses, damages or costs unless such result directly from the negligence of Lantech.
11.5 Cloud-Based Utilities are provided on an ‘as is’ basis, without warranty, guarantee of fitness for purpose or suitability for the Client’s purpose; and
- 11.5.1 Lantech shall not be liable for any damage or costs resulting from a failure of an update to the antivirus or anti-Malware software or definitions, or failure to detect Malware, unless such failure is caused by the negligence of Lantech.
11.6 Lantech shall not be liable for any damages, costs or Charges arising from damage to, or theft of backup data that is transmitted from the Client’s Site to the Data Centre via the Public Internet, nor for any other losses that occur due to reasons beyond its reasonable control.
11.7 Patches are supplied by Lantech-authorised software vendors and not Lantech. Lantech will use reasonable endeavours to prevent a patch causing an adverse reaction with any particular machine configuration, but Lantech shall not be liable for any disruption resulting from the installation of patches. In such circumstances, Lantech’s sole responsibility will be to de-install the patch or roll back to an appropriate restore point to resolve the issue.
11.8 The Client acknowledges that there is a small risk that Vulnerability Tests carried out by Lantech under its optional vulnerability scan / penetration testing service may cause problems in the Client’s IT Infrastructure, including routers and / or firewalls ceasing to function correctly and database and storage access issues. The testing of the Client’s IT Infrastructure for correct functioning after Lantech’s Vulnerability Tests and any necessary reconfiguration and any associated costs shall be the Client’s sole responsibility; and
- 11.8.1 Whilst Lantech warrants that it shall use reasonable care during the execution of Vulnerability Tests, Lantech shall not be liable for any losses or damage which arise either directly or indirectly from its access to the Client’s IT Infrastructure, unless such loss or damage is caused directly by Lantech’s negligence.
Service Schedule
Lantech offers a number of different Service Packages. Each of the Service Packages offered by Lantech is described in this Service Schedule and in addition, each of the Service Components which make up the various Service Packages is described in more detail. The actual Service Packages that are subscribed to by the Client are listed on the Order.
1. Service Package Summary
This paragraph summarises each of the Service Packages offered by Lantech. The individual Service Components listed in each Service Package are more fully described in the following paragraphs.
Legacy Package – Service Component Description
2. On-boarding
Prior to commencement of the Services, Lantech will on-board the Client’s IT infrastructure:
- Review and if necessary will advise the Client of changes to the IT Equipment’s configuration that are required to ensure that the Services detailed in this Service Schedule can be delivered effectively. This will include but is not limited to the configuration of Microsoft Windows event logs, Microsoft Windows, Exchange and SQL Server services, anti-virus software and backup software
- Install Monitoring Agents, anti-Malware software and inform the Client if Lantech is unable to configure any of the IT Equipment to provide the necessary alerting and will agree a suitable alternative with the Client
- Document the Client’s IT Infrastructure’s architecture and the purpose and function of each Server, and provide the Client with a copy of the report
- Make recommendations about the backup platform to be implemented
• Make recommendations about the data that should be included or excluded as part of a backup configuration, but is not responsible for these decisions
3. Helpdesk
3.1 Subject to fair usage, there are no restrictions on the number of Incidents that the Client can report to Lantech’s Helpdesk. Lantech’s Helpdesk provides support and assistance in the use of the IT Equipment and / or Hosted Services, including the following:
- Management of the prompt resolution of Incidents within IT Equipment and / or Hosted Services that are identified by the ClientProvision of help and gu
- idance in the use and configuration of the IT Equipment and / or Hosted Services
- Remote access to facilitate Incident resolution if possible and appropriate
- Escalation management if required in the event of protracted Incident resolution
- Third-party vendor liaison where required
- In the first instance, Lantech will endeavour to resolve Incidents remotely. However, if Lantech determines that an on-Site visit is either necessary or is the most efficient manner to resolve an Incident, Lantech will dispatch an engineer to the Client’s Site.
- Lantech will not unreasonably delay the dispatch of an engineer to the Client’s Site.
- Subject to fair usage, there are no restrictions on the number of on-Site visits that Lantech will make to support the IT Equipment if it is not possible to resolve an Incident remotely
3.2 The Client may raise Incident reports by one of the following methods:
- If the Client subscribes to Complete or Enhanced Security Service Package, via the Lantech App
- By Email to Lantech’s Helpdesk: helpdesk_at_lantech.ie
- By Telephone to Lantech’s Helpdesk: +353 1 476 0030
3.3 The Helpdesk is available during the Hours of Cover, which are from 8.30am to 5.30pm Monday to Friday, including bank holidays.
3.4 Lantech shall aim to make an initial response to the Client’s request for assistance within two Working Hours of the Client raising the Incident report and shall use reasonable endeavours to resolve the Incident.
3.5 When reporting an Incident, the Client should provide the following information:
- Name of Client and person reporting the Incident
- Contact telephone number
- Description of the Incident
- Description of actions taken prior to the Incident occurring
- Explanation of how the Incident has been diagnosed
- Any other relevant information
3.6 The Helpdesk will respond to reported Incidents during the Helpdesk’s Hours of Cover, which are 9am to 5pm Monday to Friday, excluding bank and public holidays.
3.7 Lantech will prioritise, respond to and progress Incidents in accordance with paragraph 4 of this Service Schedule.
4. Service Level Agreement
4.1 Lantech’s Helpdesk response and recovery targets are:
4.2 Lantech shall make reasonable endeavours to meet the targets set out in this paragraph 4. Failure by Lantech to meet such targets shall not be deemed a breach of this Agreement.
5. Complaint Handling
5.1 If dissatisfied with any Services-related matter, the Client should make a complaint using the following escalation path. If the complaint remains unresolved, the Client should escalate to the next level in the escalation path.
Escalation Level Role Contact Details
5.2 Formal complaints can be made by e-mail or telephone, and will be responded to within three Working Days.
6. IT Processes and Policies
6.1 Lantech Technology Standards
- Drawing on its many years’ experience of supporting business-critical IT Infrastructure, Lantech has developed an extensive library of technology standards (‘Lantech Technology Standard’), which address technology, the manner in which technology is used, and increasingly, compliance. Lantech will regularly evaluate the Client’s IT Infrastructure against the Lantech Technology Standard and identify any misalignments
6.2 Client-Specific Standard Operating Procedures
- Lantech will work alongside the Client to develop and maintain Client-specific standard operating procedures to assist with the management of business as usual changes including new starters, leavers and data management
7. IT Documentation
Lantech will maintain the documentation of the IT Infrastructure, identify the roles of each component of the IT Infrastructure and on request provide the Client with a copy of the documentation. The documentation will include:
- Password Documentation: All system administrative passwords will be recorded and held securely in an encrypted format by Lantech
- Network Diagrams: Network diagrams will be maintained by Lantech
8. Vendor Management
Subject to fair use, Lantech will provide third-party vendor liaison, including:
- Liaison with the Client’s third-party service suppliers including providers of software, hardware and telecoms services if such suppliers require changes to be made to the configuration of the IT Equipment to investigate or resolve issues with the third-party software or services
- On behalf of the Client manage any warranty claims for malfunctioning IT Equipment that is covered by the manufacturer’s warranty. Such management may include Lantech carrying out engineering activities on behalf of the manufacturer, however Lantech cannot provide any greater warranty than that offered by the hardware manufacturer, and if parts are required that are not covered by the manufacturer’s warranty, Lantech shall provide the Client with a quotation for the supply of the replacement part prior to the supply thereof.
9. Technology Business Review Meeting
Lantech will undertake regular Technology Business Review Meetings with the Client’s senior management and decision makers, with the purpose of:
- Assisting with the road-mapping of the Client’s IT strategy
- Advising on current landscape and technology changes
- Offering input to future strategy and budgeting
- Discussing and understanding any ongoing issues with the Client
- Analysing reported Incidents, checking for patterns to help identify root causes
- Understanding the Client’s business requirements to determine recommendations and changes where appropriate
Complete Package – Service Component Description
10. Lantech App
The Lantech App enables the Client to directly report Incidents to Lantech and monitor progress of the Incident resolution process.
11. Monthly Executive Report
- Lantech will provide the Client with a Monthly Executive Report that provides an overview of the status of the Client’s managed infrastructure, including an asset report
- At the Clients request, Lantech can provide additional reporting information but shall be entitled to make an additional charge for such reporting
12. 24 x 7 Network Monitoring
12.1 Lantech’s network monitoring service is a powerful platform for managing Network Equipment for ensuring optimal network performance and reducing the risk of service impact due to network related issues. Lantech will provide the following services:
- SNMP network monitoring
- Trouble-shooting, fault diagnosis and remediation
- Automated network mapping
- Automated inventory
- Network documentation
- IP address management • Alerts and notifications
- Service monitoring
- Usage and health statistics
- Live and historic data
- Configuration management
- Configuration restore
- Configuration analysis
12.2 Network topology maps are automatically generated and maintained along with device configuration backup and configuration change notification and comparison.
12.3 The network monitoring service provides an invaluable troubleshooting capability for identifying issues such as network congestion, broadcast traffic, packet errors and discards along with CPU and memory issues on any managed network device.
12.4 Lantech will undertake monthly trend analysis and reporting on the network infrastructure in addition to scheduling annual firmware upgrades for all managed network devices.
12.5 Lantech’s Monitoring Agent will scan for managed Network Equipment which will automatically be added to the service. This includes managed switches, routers, firewalls, wireless access controllers and wireless access points. Unmanaged devices will not be added to the service and will not be charged.
12.6 Hardware maintenance / manufacturer’s warranty is required to be in place on all Network Equipment that is covered by Lantech’s advanced network monitoring service.
12.7 Lantech’s network monitoring service does not include:
- Identifying every device discovered on the network
- Configuring Windows Management Instrumentation
- Windows Management Instrumentation
- Wireless security scans for rogue access points or other issues
- Network reconfiguration
13. Server Monitoring and Management
Lantech will install its Monitoring Agents on the Servers set out on the Order to enable pro-active monitoring. The Monitoring Agents will monitor key aspects of system performance and will alert Lantech to any detected or potential Incidents. The Monitoring Agents will monitor Server performance 24 x 7 x 365 and automatically resolve Incidents whenever possible. Lantech shall respond to any alerts that cannot be automatically resolved during Helpdesk Hours of Cover in a manner that is appropriate to the severity of the alert, whilst aiming to minimise disruption to the availability of the monitored Servers. Lantech shall:
- Monitor processor, memory and hard disk usage and performance of all Servers to help to prevent system downtime or performance degradation
- Monitor the critical services that are necessary to help to maintain the effective performance of the Server operating system(s)
- Monitor the Windows event logs against Lantech’s current list of monitored events (including those which indicate a pending or current hardware failure) to help to prevent system downtime or performance degradation
- Diagnose and remediate Incidents
- Maintain group security policy
- Maintain End User, hardware and Software asset registers
- Install approved patches and Service Packs as they are made available for the vendor-supported operating systems and applications listed below. Where a Server re-boot is required to complete patch installation, this will be carried out outside of the Working Day
- Server operating systemsMicrosoft
- Exchange
- SQL Server
- Microsoft RDS
14. Desktop Monitoring and Management
Lantech will install its Monitoring Agents on the Desktops set out on the Order to enable pro-active monitoring. The Monitoring Agents will monitor key aspects of system performance and will alert Lantech to any detected or potential Incidents. The Monitoring Agents will monitor Desktop performance and automatically resolve Incidents whenever possible. Lantech shall respond to any alerts that cannot be automatically resolved during Helpdesk Hours of Cover in a manner that is appropriate to the severity of the alert, whilst aiming to minimise disruption to the availability of the monitored Desktops. Lantech shall:
- Monitor processor, memory and hard disk usage and performance of all Desktops to help to prevent system downtime or performance degradation
- Monitor the critical services that are necessary to help to maintain the effective performance of the Desktop operating system
- Monitor the Windows event logs against Lantech’s current list of monitored events (including those which indicate a pending or current hardware failure) to help to prevent system downtime or performance degradation
- Diagnose and remediate Incidents
- Install approved patches and Windows 10 feature packs as they are made available for the vendor-supported operating systems and applications listed below:
- Windows 10 and 11 operating systems
- Apple Desktop operating systems
- Microsoft Office
- Microsoft Browser
15. On-Site Support
15.1 In the first instance, Lantech will endeavour to resolve Incidents remotely. However, if Lantech determines that an on-Site visit is either necessary or is the most efficient manner to resolve an Incident, Lantech will dispatch an engineer to the Client’s Site:
- Lantech will not unreasonably delay the dispatch of an engineer to the Client’s Site
- On-Site visits will be made during the Working Day
- Subject to fair usage, there are no restrictions on the number of Site visits that Lantech will make to support the IT Equipment if it is not possible to resolve an Incident remotely
16. Asset and Inventory Report
Using its Server and Endpoint Monitoring Agents, Lantech will compile and maintain an asset register for the Client’s IT Equipment estate, including hardware and software inventories. Asset reports will be made available to the Client on request.
17. Dark Web Monitoring
End User’s credentials are regularly hacked on popular websites and are made available on the dark web for sale. Lantech’s dark web monitoring service continually scans the dark web for End User’s credentials on an ongoing basis and will raise an alert if any credentials that contain the Client’s domain name appear for sale, enabling the Client to take action to change any passwords that may have been the same or similar to the compromised passwords.
18. Multi-Factor Authentication for Microsoft 365 and Azure
Multifactor authentication adds a layer of protection to the End User sign-in process. When accessing accounts or applications, users provide additional identity verification, such as scanning a fingerprint or entering a code received by phone. Lantech will advise the most appropriate implementation and on agreement with the Client will configure, manage and enforce the authentication process for hosted Microsoft 365 Services and Azure.
19. Microsoft 365 Advanced Threat Protection
Microsoft 365 Advanced Threat Protection is a cloud-based email filtering service that can help protect against Malware and provide better zero-day protection against unsafe attachments and malicious links, in real time.
19.1 Safe Attachments
The Safe Attachments feature checks any email attachments as they arrive in inboxes to ensure it’s not malicious. If the file is found to be malicious in nature, it is removed automatically.
19.2 Safe Links
The Safe Links feature provides time-of-click verification of website addresses in both email messages and Office documents. If the URL has been blocked or is identified as malicious, a warning page will be opened instead of exposing the End User to the potentially harmful link. A similar process also takes place when a link is clicked within an office document.
19.3 Spoof Intelligence
The Spoof protection feature helps to ensure that legitimate emails are sent, while shielding the Client from any malicious intent. The feature will be configured to determine the difference between legitimate activity and malicious activity including reviewing senders that are spoofing the Client’s domain and blocking those senders from doing so.
19.4 Anti-Phishing
Machine learning models and impersonation detection algorithms are two of the ways that the Anti-Phishing feature helps to keep the Client protected from potential phishing attacks. The Anti-Phishing feature can check all of the Client’s incoming email for any indication that it could be a phishing attempt.
19.5 SharePoint, OneDrive, and Microsoft Teams
Microsoft 365 Advanced Threat Protection helps to detect and block potentially malicious files from entering the Client’s document libraries or team sites, or locking the file and preventing anyone from accessing it once it’s been identified as malicious. Such files will be included in a list of quarantined items, so they may be controllably downloaded, released, reported or deleted them from the Client’s system.
20. Microsoft 365 Security Configuration
Microsoft 365 Security Configuration provides measurement (scores) of the Client’s security posture (for example, multi-factor authentication implementation, conditional access and alerting) and the implementation of improvement actions – which will result in higher scores. The service allows the Client to compare its scoring with benchmarks and other organisations’ scoring. The purpose is to increase level of compliance with security recommendations and reduce the risk posed by security threats.
21. Proactive Threat and Breach Detection
21.1 Intelligent Ransomware Detection
Lantech’s Intelligent Ransomware Detection comprises a monitoring agent which monitors ransomware canaries and on detection of a potential security incident, invokes an investigation by a team of security experts. Ransomware canaries are lightweight files, typically in .docx, .xlsx and .jpg formats that are installed in strategic locations in a Desktop’s file system. The canary files are constantly monitored for signs of tampering which can give an early indication of potential ransomware incidents. If the files are modified or changed in any way, an investigation is immediately opened with Lantech’s security operations centre team to confirm whether those changes are the result of a ransomware infection or malicious encryption. The security operations centre team provides a team of always-on expert security professionals who investigate potential threats and help remediate cyber threats, including any underlying persistent foothold threats.
21.2 Layered Antivirus Protection
Lantech will supply, install and configure industry-recognised anti-virus and anti-spam software on the each applicable component of the IT Equipment. Lantech will:
- Manage the updating of anti-virus definitions on each of the components of the IT Equipment.
- Schedule regular full system anti-virus scans and regular anti-spyware scans on all Workstations and Servers
- Monitor Workstations and Servers on a daily basis to ensure that protection remains active and automatically raise an alert if protection is disabled
21.3 If the Client accidentally introduces Malware onto the IT Equipment, Lantech shall remove such Malware. This undertaking is however subject to the provisions of clause 8.8 of these Supplementary Terms, and the Client acknowledges that if in the reasonable opinion of Lantech, sub-clause 4.2.8 of this Agreement is repeatedly breached by the Client, Lantech shall be entitled to act in accordance with the provisions of sub-clause 8.8, which includes charging the Client for the removal of such Malware, and in extreme cases, terminating this Agreement.
22. External Vulnerability Monitoring
Lantech’s External Vulnerability Monitoring monitors open firewall and router ports for potential security exposure. By reporting open ports connected to services including remote desktops, Windows file sharing, SQL Server databases, etc. it is possible to identify potential external vulnerabilities and address them. The report generated by the External Vulnerability Monitoring service shows each scanned IP address, protocol and port numbers, the last time it was queried by External Vulnerability Monitoring service and (if available) the service running on a particular port. By scanning regularly, it is possible for Lantech to identify any configuration changes or unexpected activity that may otherwise go unnoticed. Whilst any open port can be an attack surface, such are often required to provide necessary services to the Client. The External Vulnerability Monitoring service provides visibility so that ports can be open in a secure and appropriate manner.
23. Compliance Logging for GDPR
Compliance Logging for GDPR is provided by Lantech for on-premise domain controllers and helps the Client to ensure the security of personal information by protecting against unauthorized changes, determine whether someone is trying to gain unauthorized access, ensure that that End Users have only the correct levels of permission they need, and ensure that there are no unauthorized changes that affect group policies.
Compliance Logging for GDPR includes logging:
- When Active Directory objects are modified
- Logon and logoff actions, showing successful logins, failed logins, and End Users logged into multiple devices
- Changes to End User Accounts, including dates of creation, deletion, modifications, and End User password resets
- Current permissions and permission modifications
- All aspects of group policy change activity, including creation, deletion, renames and modifications
24. Managed Anti-Malware
24.1 Lantech will provide an industry standard security product for all Workstations and Servers. Lantech’s anti-Malware product is focussed on security and speed. It employs a unique approach to Malware protection and is largely cloud-based. This approach means that its monitoring and detection are carried out with very little performance impact compared with other anti-Malware software and obviates the need for constant updating of workstations or servers with virus definitions. The service includes:
- Secure and resilient distributed cloud architecture – Uses multiple secure data centres globally to support the Client and roaming End Users with full-service resilience and redundancy
- Layered End User and device defences – Stops attacks that take advantage of poor End User awareness, not just those that target device vulnerabilities
- Malware detection and prevention – Blocks Malware, browser-based attacks, crypto-jacking, credential-stealing Malware, script-based, and file-less attacks, and a wide range of other threats
- Multi-shield protection – protection includes real-time, behaviour, core system, web threat, identity, phishing, evasion, and offline shields for detection, prevention and protection from complex attacks
- Malicious script protection – detects, blocks, and remediates (quarantines) evasive script attacks, whether they are file-based, file-less, obfuscated, or encrypted, and prevents malicious behaviours from executing in PowerShell, JavaScript, and VBScript.
- End User identity and privacy protection – helps to prevent attacks including DNS poisoning, key-logging, screen grabbing, cookie-scraping, clipboard grabbing, and browser and session hijacking by malicious software
- White and blacklisting – Offers direct control over application execution
24.2 Lantech will:
- Schedule regular full system anti-virus scans and regular anti-spyware scans on all Desktops and Servers
- Monitor Desktops and Servers on a daily basis to ensure that protection remains active and automatically raise an alert if protection is disabled
25. Advanced Security Awareness Training
Lantech’s Advanced Security Awareness Training includes a number of services which are targeted at increasing End User’s awareness of cyber security threats and how to mitigate them. Advanced Security Awareness Training is a recurring service under which Lantech will provide:
- Access to a wide range of cyber training materials for all End Users, with automated training campaigns and scheduled email reminders
- A ‘Virtual Risk Officer’ which provides risk scores which can be reported by End User, groups of End Users or the whole organisation
26. Simulated Phishing Attacks and Testing
Approximately once a month, Lantech will provide fully automated, configurable simulated phishing attacks, with reporting of results.
Enhanced Security Package – Service Component Description
27. Centralised Email Signature Management
Lantech will provide access to a centralised email signature management service for Office365 / Exchange Online subscribers. The service is intuitive to use and guarantees consistency and accuracy of email signature information. The service delivers:
- The addition of a full, dynamic, professional email signature to every email sent from any item of the IT Equipment
- A management console which the Client can use to customise email signature layout, including:
- The layout of the signature
- Disclaimer messages
- Promotional banners
- Social media icons
- Photographs of End Users
28. Email, Teams, SharePoint and OneDrive Backup
28.1 Lantech’s Backup Service for Microsoft 365 protects the Client against loss of data that is held within Microsoft’s cloud infrastructure. Unexpected data loss can typically be due to user error or occur if an End User subscription expires, and Lantech’s service, in addition to providing the Client with additional control over its data, mitigates the risk of such data loss.
28.2 Lantech will back-up the Client’s Microsoft 365 data based on the number of End Users and storage capacity set out on the Order; backup data is stored on a backup appliance which is located at Lantech’s Data Centre.
28.3 Microsoft 365 backups include:
- OneDrive file and folder data backups (documents), per End User
- Exchange data, including emails, email attachments, notes, deleted items, contacts (excluding photographs), tasks and calendar events (including attendees, recurrence, attachments and notes)
- SharePoint primary, custom, group and team site collections; folders, document libraries and sets; site assets, templates and pages
- Groups (including conversations, plans, files, sites and calendar)
- Teams (including wiki and chat)
- Audit logs, data controls and export capabilities
28.4 Backups can be configured to run automatically or on-demand.
28.5 The Backup and Recovery Service is fully managed by Lantech.
28.6 The backup system will automatically notify Lantech of backup success or failure.
28.7 Backups are encrypted at rest and during transmission.
28.8 Backup data will be retained for ninety days.
28.9 Data restoration:
- Data restores will only be initiated by Lantech when requested by an authorised representative of the Client
- Lantech will use reasonable endeavours to restore data at the level of granularity (including image, directory or file level) requested by the Client
- Lantech will use reasonable endeavours to restore data to the location that is specified by the Client
28.10 Whilst Lantech shall execute automatic backups and monitor the performance of the backup service 24 x 7 x 365, Lantech will carry out the following activities during the Hours of Cover:
- Respond to Client requests for data restores
- Respond to and investigate any Incidents that arise in the service which cannot be remediated automatically, whether raised by the Client or by Lantech’s monitoring agents
28.11 Test Data Restore
In response to requests from the Client, Lantech will perform occasional test restores of backed-up data to ensure that backups are functioning correctly. This will be implemented by Lantech contacting the Client to agree a test target (for example a mailbox or SharePoint Site) and carrying out the test restore at an agreed time. Lantech will charge for providing Test Data Restores at its prevailing rate.
29. IT Budget Preparation
If applicable and if requested by the Client, Based on its recommendations provided in the Technology Business Review, Lantech will assist the Client with budget planning, providing IT-spend analysis to maximise the return on IT investment.
Optional Services – Service Component Description
The following services will be provided if individually set out on the Order
30. After Hours Support
After Hours Support provides:
- 24 x 7 response to and where possible (for example when not requiring assistance from the Client) remediation of Incidents that are identified by Lantech’s monitoring system;
- 24 x 7 Helpdesk Support, providing response and remediation of Critical and High Priority Incidents raised by the Client
- The application of patches and associated Equipment re-boots outside of Working Hours.
31. Mobile Device Management
Mobile device operating system support and management is provided via a Lantech-supplied Microsoft InTune subscriptions or other Lantech-supplied MDM software subscription. Mobile device management includes:
- Enrolment of devices and End Users
- Publishing security settings, certificates and profiles to devices
- Resource access control
- Monitoring and management, including measuring and reporting device compliance and app inventory
- Publishing mobile apps to devices
- Configuration of email applications
- Securing and removal of corporate data
Mobile device management does not include the publishing or management of anti-Malware software or hardware support for physical devices.
32. Microsoft 365 Security Review
Lantech will provide a review of the clients Microsoft 365 environment against best practice standards. The review will focus on the deployed controls and settings in the Clients Microsoft 365 tenant.
33. Vulnerability Scan / Penetration Testing
Penetration testing is a security exercise in which Lantech attempts to find and exploit vulnerabilities the Client’s IT Infrastructure. The simulated attack will typically include brute force attacks and SQL injections. After completing the penetration test, Lantech will share its findings with the Client. This information can then be used to implement security upgrades to mitigate any vulnerability discovered during the test.
34. Managed Next Generation Anti-Malware with SOC
Lantech’s Managed Next Generation Anti-Malware service provides full Security Operations Centre (‘SOC’) supported Endpoint monitoring and threat detection to identify active threats and remediate attacks. Using advanced artificial intelligence and machine learning, Lantech rapidly identifies and halts the most sophisticated attacks, minimising harm and reducing risk to the Client’s Endpoints. In more extreme cases such as ransomware, the SOC will roll back to restore system and data access.
35. Security Information and Management
35.1 The service includes containment and remediation elements, thus the Client should ensure that this service does not conflict with the provisions of any cyber-insurance policy that is held by the Client prior to subscribing to this service.
35.2 The Security Information and Management service comprises four elements:
35.2.1 Predict
- Security analysts: Lantech’s security operations centre is staffed with a team of experts in various disciplines, continuously studying the security landscape to be aware of new attack tactics, techniques and procedures
- Threat intelligence: Study global and community threat intelligence anticipate new attack types, proactively prioritize and address exposures. This intelligence is then used to feed back into the preventive and detective capabilities, thus closing the loop on the entire process
35.2.2 Prevent
- Configuration assessment: Identify insecure configurations to reduce the attack surface.
- Deception: Use ‘honeynet’ deception to expose malicious activity and make it more difficult to locate legitimate systems and vulnerabilities to attack.
- Vulnerability assessment: Prioritized scanning, detailed reports and recommendations
35.2.3 Detect
- Endpoint detection and response: Block threats and reduce dwell time at all stages of the threat chain, including lateral movement.
- Behaviour analysis: Use machine learning to understand normal system activities within an enterprise and expose anomalous behaviour.
- Containment: Automate actions such as isolating the compromised system, disabling the affected account, killing the process and sharing the intelligence gained
35.2.4 Respond
- Remediate: Investigate and resolve issues discovered via detection, provide forensic analysis and root cause analysis, and to recommend new preventive measure to avoid future incidents.
- Forensic investigation: Determine the root cause and full scope of the breach for retrospective analysis of what exactly happened
- Monitoring at the core: Determine how the hacker gained a foothold, whether an unknown or un-patched vulnerability was exploited, which file or executable contained the attack and the number of systems impacted
- Determine the data (if any) that was ex-filtrated
36. Managed Firewall
Lantech’s Managed Firewall service includes two services, Firewall Management and Firewall Content Management.
36.1 The Firewall Management service includes:
- Updating firmware and software to maintain security levels
- Managing access in response to Client requests
- Changes to rules in response to Client requests
36.2 Firewall Content Management
The Firewall Content Management service provides filtering of access to websites, allowing the Client to selectively block End User access to specified websites. The service includes:
- Set up and configuration of Firewall Content Management service
- Changes to setup, including unblocking websites, making exceptions for users and individual Endpoints in response to Client requests
- Checking blockages and resolving content filtering issues