The Vendor is required to provide of providing enterprise-class managed information technology services in alignment with a co-managed service delivery model.
- The Managed Services provided by the selected vendor include:
• Infrastructure Management
• Cloud Services Management
• Security Operations
• Monitoring and Incident Response
• Backup and Disaster Recovery
• Non-Endpoint Technical Support
• Change and Configuration Management
• Governance and Compliance
• Vendor and Licensing Management
• Provisioning of Resources
- Endpoint Device Provisioning and Maintenance
• The procurement, configuration, deployment, and lifecycle management of all endpoint devices used by its personnel.
• Laptops, desktops, tablets, mobile phones, and peripherals (e.g., monitors, printers, docking stations).
• Installation and maintenance of local operating systems, drivers, and user-level software.
• Hardware repairs, upgrades, and replacements in accordance with organizational standards.
- Endpoint Support and Helpdesk Services
• Operate its own helpdesk or service desk to address all endpoint-related support issues using Contractor’s ITSM tool.
• On-site end-user support
• Troubleshooting and resolving hardware, operating system, and application issues on endpoint devices.
• Providing end-user assistance for login issues, software errors, printing, and device connectivity.
• Supporting remote access tools and VPN Departments installed on endpoint devices.
- Endpoint Security and Compliance
• Responsible for enforcing endpoint-level security policies and compliance controls. This includes:
• Deployment and management of endpoint protection software (e.g., antivirus, anti-malware, host firewalls).
• Enforcement of device encryption, screen lock policies, and local password policies.
• Management of mobile device policies (e.g., via MDM) where applicable.
• Ensuring compliance with organizational, legal, and regulatory requirements as they pertain to endpoint devices.
- Endpoint Patch and Software Management
• Manage patching and software updates for all endpoint devices. This includes:
• Application of operating system and third-party application updates in a timely manner.
• Deployment and version control of productivity software (e.g., Microsoft Office, Teams, and browsers).
• Maintenance of standardized software images and deployment processes.
- Endpoint User Access and Authentication
• Manage local user accounts and settings on endpoint devices, including:
• Assignment and revocation of administrative rights at the device level.
• Configuration of device-specific login policies (e.g., biometric authentication, smart card use).
• Management of cached credentials, local policies, and profiles.
- Integrated Services
• Ensure that devices meet minimum technical requirements to support access to managed services (e.g., compatible browsers, authentication Departments).
• Provide timely communication regarding device-related issues that may impact the performance or integration of Contractor-managed services.
• Cooperate with the Contractor in joint troubleshooting efforts where endpoint and system-level issues intersect.
- Cloud Services Management
• Administer Microsoft Azure infrastructure, including virtual machines, storage, networking, and resource groups.
• Manage Microsoft 365 tenant-level services, excluding endpoint configuration and local application support.
• Oversee Power Platform environments, including administration of Power Apps, Power BI Workspaces, and Data verse schema.
• Configure and maintain Azure Synapse Workspaces, including setup, security, linked services, datasets, and pipelines.
• Perform cross-platform integration and configuration across Azure, Microsoft 365, Power Platform, and Synapse services.
• Monitor and optimize resource usage and costs across all managed environments.
- Security Operations
• Configure, monitor, and maintain perimeter and internal security systems, including firewalls, IDS/IPS, and threat protection tools.
• Administer identity and access controls, including MFA, conditional access, SSO, and role-based access management.
• Perform patch management across servers, network devices, and core systems.
• Conduct vulnerability scanning regularly and implement timely remediation actions.
• Monitor security and compliance configurations for Microsoft 365, Power Platform, Azure, and
Synapse environments.
• Operate Security Information and Event Management (SIEM) tools and respond to incidents per established procedures.
- Monitoring and Incident Response
• Provide 24/7 monitoring of infrastructure, cloud services, Power Platform environments, BI gateways, and Synapse pipelines.
• Implement monitoring tools and service-specific thresholds to ensure effective detection of performance and availability issues.
• Detect, classify, and investigate incidents, initiating resolution and escalation according to predefined protocols.
• Maintain active communication with the Department throughout the incident lifecycle, following agreed-upon procedures.
• Conduct root cause analysis for major or recurring incidents and deliver summary reports.
• Ensure incident response and resolution meet defined Service Level Agreements (SLAs).
- Backup and Disaster Recovery
• Configure and manage scheduled backups for virtual machines, storage, databases, Data verse (as supported), and Synapse services.
• Define and enforce retention policies and ensure secure storage of backup data.
• Perform periodic recovery and restore tests to validate backup integrity and disaster recovery readiness.
• Develop, maintain, and update disaster recovery (DR) plans and procedures, providing documentation to the Department.
• Create and maintain recovery playbooks for key cloud services.
• Support ongoing DR testing and readiness activities in coordination with the Department.
- Non-Endpoint Technical Support
• Operate a service desk to intake and resolve service requests, incidents, and changes related to infrastructure, platforms, and cloud services (excluding endpoint devices).
• Provide issue triage and support for Microsoft 365 tenant services, Power Platform, and Azure Synapse.
• Escalate unresolved issues to Microsoft or other third-party vendors on behalf of the Department.
• Ensure availability of qualified personnel during business hours, with after-hours support for critical incidents.
• Deliver infrastructure and platform-level support, including for tenant-level Power BI and related services.
• Maintain clear boundaries excluding end-user device and local application support.
- A staffing plan that details on-site and off-site resources, shift coverage, after-hours support, and escalation procedures for critical incidents.
- Contract Period/Term: 3 years
- Questions/Inquires Deadline: April 18, 2025
