The vendor is required to provide recommendations for updating the current system including hardware, migration of data etc., and provide on-going maintenance of all IT hardware and applicable software.
a. Proactive system maintenance & security
• FIPS 140-2 remote monitoring and management platform
• Perform proactive maintenance of all network devices, including warranty tracking, network monitoring, and asset management.
• Conduct routine maintenance, monthly system reviews, and security management, including penetration testing to prevent cyber threats, av & MS updates and patch deployment.
• Attend meetings as needed, provide reports detailing system health, security measures, and incident reports.
• Perform monthly audits to verify all security measures are functioning, configured properly and maintain compliance with cyber-JIF requirements and best practices.
• Current and historical reporting.
• Unlimited remote support of network infrastructure and servers.
b. On-site remote IT support
• On-site maintenance when remote troubleshooting is not successful.
• Implement a work ticketing system with clear response times outlined.
• Response times:
o Minimum standard service requests: response within 2 to 4 hours.
o Minimum emergency issues (ex: server failures, email access issues, network outages): response time within 2 hours.
c. Active directory
• Manage policies
• Monitor critical server services
• Manage stale user accounts and machines
• Onboard and off board users
• Password management
d. Firewall
• Performance monitoring.
• Manage firewall logs for errors or critical issues or threats.
• Apply critical patches or firmware updates.
e. End point detection and response
• Manage logs for errors or critical issues or threats.
• Apply critical patches or updates.
• Research alerts and escalate as necessary.
f. 24/7 IT support and monitoring
• 24/7 remote it support with emergency on-site response when necessary.
• Conduct continuous remote monitoring and email system support.
g. Software and hardware support
• Software maintenance & updates for:
o Microsoft operating systems and microsoft office suite.
o Mainstream 3rd party applications such as chrome, adobe and similar.
o Network firewalls, security software, anti-virus solutions, and backup appliances.
• Hardware support as follows:
o Preventative maintenance, troubleshooting, and
technical support for all (30) workstations, (3) servers and all multifunction printer/copier/scanners.
• Point of contact responsibilities:
o Designated point of contact for it issues and application support
h. Network monitoring & security
• 2fa/MFA for all administrative accounts.
• Continuously monitor internet usage, web portals, and it ticketing systems.
• Maintain network security usage logs and perform routine system housekeeping.
• Document all it processes and security procedures, ensuring compliance cyber-JIF, best practices and regulatory requirements.
• Manage and monitor network switches.
• Manage and monitor wireless access points.
i. Data protection, backup, and disaster recovery
• Assist in implementing and maintaining data backup solutions and disaster recovery plans.
• Support on-site and off-site backup solution including data vaulting off-site.
• Manage email archiving compliance and retention policies.
• Troubleshoot hardware and software issues remotely and on-site as
required.
• Maintain hardware and software inventory and licensing documentation.
6. local and cloud/off-site recovery.
• Disaster recovery imaging solution.
j. Specialized support for authority applications
• Assist in support of all authority applications.
k. IT strategy, planning, and budgeting
• VCIO with responsibility to assist with account management, compliance, planning and budgeting.
• Dedicated technical account manager (TAM) to assist in technology alignment, vendor coordination and planning.
• Annual technology reviews to assess and plan for future IT system upgrades and roadmap development.
• Document and track critical system warranties, certificates and renewals
• Advising on capital and operational budgeting for IT infrastructure and technology improvements.
• Collaborating with authority cyber insurance and risk management to ensure compliance with cybersecurity best practices and industry standards.
l. managed email security service
m. VPN
• Maintain net extender VPN
• Manage and monitor secure credentials for all users using the VPN, including 2fa.
- Contract Period/Term: 2 years
- Walkthrough Date: May 13, 2025
- Questions/Inquires Deadline: May 15, 2025
