ITPS Limited

Remote Monitoring, Management & Patching

ITPS Remote Monitoring & Management [RMM] and Patching services provide you with support and management for your on-premise or co-located infrastructure and desktop devices. The service has tiered options that provide you with increasingly comprehensive levels of support.

Features

• Tiered offerings of remote monitoring and management, patching & anti-virus
• 24/7 support available on all of your devices and systems
• Detect– Monitoring alerts are automatically sent to client by platform
• Respond– Monitoring alerts processed by us and validated; customer contacted
• Resolve– Monitoring alerts processed by us; remedial action taken
• Manage- Monitoring alerts processed by us; unlimited remedial action taken
• Deploy Patching– Automated deployment of vendor patches during agreed window
• Managed Patching- Scheduled remote “hands-on” deployment
• Desktop Antivirus- Centralised definition, update and outbreak management
• Server Antivirus- Centralised definition, update and outbreak management

Benefits

• Multi-channel Service Desk Portal, Telephone and Email Ticket Creation/Categorisation
• UK based support available 24x7x365
• Fully ITIL aligned
• ISO 27001 and ISO 9001 compliant
• Tiered offerings ensure you only procure the service you require
• Breadth of devices supported in centralised location
• Wide range of reports available for your environment’s health/performance
• Maximise your system availability & performance
• Controlled preventative maintenance ensures security posture
• Highlights systems issues before failure

£5 to £350 a device

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at David.Warrington@itps.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

423809112665814

Contact

David Warrington
0191 442 8300
David.Warrington@itps.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: RMM platform can be integrated into several PSA systems: Autotask, ConnectWise, and Tigerpaw
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: None
• System requirements: None

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Our longest Service Request response SLA is 1 hour during business hours or 2 hours at any time with a 24x7 support option.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Please see the service description for details on various service desk levels and applicable SLAs. The RMM & Patching Service will be delivered as one of the following options per device:; ; Level 1 - Monitoring alerts are automatically sent to the customer by the event management platform, with no remedial action taken by ITPS.; ; Level 2 - Monitoring alerts processed by ITPS and validated as authentic; customer contacted by agreed method (phone or email), no remedial action taken by ITPS.; ; Level 3 - Monitoring alert processed by ITPS; troubleshooting and remote remedial action are taken by ITPS on behalf of the client.; ; The Patching Service will be delivered as one of the following options:; ; i)Deploy– Scheduled automated deployment of all vendor patches during the agreed window as stated in an SoW.; ; ii)Manage– Scheduled remote “hands-on” deployment of specified vendor patches during the agreed window as stated in an SoW.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: ITPS has a fully comprehensive onboarding process that ensures the customer does not suffer any service degradation and ultimately ensures that systems and data are not placed at unnecessary risk.; ; ITPS utilises a mature set of ITIL aligned onboarding processes and Prince 2 methodology when transitioning Support Services. We follow these processes so that your service provision is efficient, cost-effect and with minimal impact to achieve the following:; ; •Consistent, Predictable Service- Onboarding allows us to gather information on systems that can be passed on to the Service Desk, allowing engineers to provide End-users with practical support from day one.; ; •Minimised Risk- By onboarding properly, we minimise the risk to you by gaining a complete understanding of incumbent systems and creating a roadmap for migration to new systems if needed.; ; •Mutual Education- The onboarding doesn’t just let ITPS get to know a new Customer; it also provides; the new Customer with the opportunity to learn about ITPS and how we deliver our services.; ; •Through effective shadowing, information gathering and documentation during Service Transition, we can streamline moving new Customers across to our Service Desk & Support Services.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: ITPS will ensure that data is provided in a suitable format at the end of the contract.
• End-of-contract process: At the end of service, agents & probes are removed from the clients' environment. Any Asset Information will be provided to the client in a CSV format. The above is included within the contract and there is not a separate charge.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The RMM platform can be accessed via a mobile application. The mobile application has a subset of the overall features available on desktops.
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: No

Scaling

• Independence of resources: The RMM platform is built on scalable infrastructure. The platform is monitored by our 24 NOC, which includes capacity management.

Analytics

• Service usage metrics: Yes
• Metrics types: Availability
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: ITPS will provide data on a suitable secure media or secure cloud storage.
• Data export formats:
  • CSV
  • ODF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99.99% - Availability indication is based on an average of 730 hours per month. Excludes planned and emergency maintenance.
• Approach to resilience: ITPS operate Private Cloud services from multiple data centres, with infrastructure which is designed to be resilient. In that server (Compute) resources are provided and operate in a resilient manner with resiliency assured at the operating system level, e.g. should a server fail another is initiated (started-up/booted) to take over processing.; ; Some applications operate with multiple servers and load balancing.; ; Storage is based upon SAN technology from tier-1 SAN providers.; ; Networking is virtualised and resilient, with multiple levels of resilience at both the technology and connectivity level.; ; Multiple diverse National Tier-1 telecommunications suppliers provide high capacity optical circuits linking each ITPS data centre to each other and multiple diverse supplier high capacity routes to the Internet are also provisioned into each ITPS data centre. This allows ITPS multiple diverse routes to the Internet.; ; Where customers contract it, applications can operate with assured resiliency levels built into the service, i.e. the application and or data can operate in more than one data centre and be either Active Passive or Active Active over multiple data centres.
• Outage reporting: All outages will be reported via the Service Status page and the notifications service within the ITPS Customer Portal. Outages are identified as Planned Maintenance, Emergency maintenance, and platform issues. In addition, the designated Service Delivery Manager will proactively contact customers, as appropriate, via email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Management and Support interfaces are logically and physically segmented in a restricted secure management network. Access to this network is highly restricted to named individuals and access is provided using the principles of least privilege. Access to the network requires users to authenticate using strong, complex credentials and MFA.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Bsi
• ISO/IEC 27001 accreditation date: 31/01/2022
• What the ISO/IEC 27001 doesn’t cover: None
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ITPS are ISO27001 certified.; The SIRO is the Managing Director - Garry Sheriff; The CSO is the Chief Technology Officer - Andy Hunter; All processes and policies are audited through our internal auditing process and verified by external auditors, BSI.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: ITPS Change Management Process provides a single process for the management of changes to infrastructure, applications, and systems which make up the services for which ITPS ITS are responsible.; All ITS related changes are managed by Change Management and includes repeatable changes and other changes that have varying degrees of complexity and risk and are non-repeatable.; The purpose of Change Management is:; ; • Ensure that Changes are accurately recorded; • Ensure that the impact of Changes is assessed, that Changes are feasible and that Changes are justified and classified; ; Normal P3; High P2; Emergency P1; Retrospective
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: ITPS views vulnerability management in the context of prevention and correction. With prevention being established from the design stage, through into implementation stage and then correction, and further prevention, in the operational stages of contracts.; ; The high and low-level design process and documentation would agree on what relevant vulnerability prevention has been designed into the solution, and the design documents will document how vulnerabilities have been addressed and tested.; ; Acceptance testing shall demonstrate that all known (currently designed for) vulnerabilities have been mitigated successfully.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: ITPS design and implement protective monitoring processes which typically monitor:; ; • System / circuit availability .; • Virus and Malware.; • System performance warnings and failures.; • Backup Success / failures.; • Intrusion detection and prevention..; • Configuration management systems.; • The OS version and Patching status of every system being monitored is centrally held and updated.; • Application monitoring.; • Data monitoring and storage facilities.; • Routine maintenance schedules.; • ISMS and QMS systems monitor conformance with the plans for ongoing compliance in respect of the continued confidentiality, availability and integrity of systems.
• Incident management type: Supplier-defined controls
• Incident management approach: ITPS has the following pre-defined process for managing incidents:; 1. Initial diagnosis; 2. Incident escalation; 3. Investigation and diagnosis; 4. Resolution and recovery; ; Users can report incidents via a call, e-mail or portal. When the incident is closed a courtesy call and/or email is automatically sent to the user confirming that the ticket has been resolved.; The information is recorded within the Helpdesk System whereby reports are generated monthly, weekly or daily, depending on contractual requirements. The time of response and resolution is reported; along with the percentage of calls that are meeting the SLA.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Our environmental-footprint strategy seeks to address greenhouse-gas (GHG) emissions and waste across our entire operation as we strive to continually strengthen our environmental practices. We will comply with all applicable environmental laws and regulations. We recognise that GHG emissions represent a significant part of our firm's environmental footprint, from the electricity we use in our offices to the travel our people undertake. We aim to lower indirect emissions by finding alternatives to travel where we can, and by encouraging colleagues to choose travel options that are better for the environment. We are committed to reducing waste across our global operational sites. We aim to reduce waste generation and seek to minimize the waste we send to landfills. We promote reuse and recycling, as well as the use of supplies that are recycled and recyclable and whose production and use minimize the consumption of natural resources. We encourage our offices to drive initiatives to reduce waste, including sorting and recycling materials, donating used technology equipment, putting drinking water taps in place, reducing food waste, and running recycling campaigns. As part of our sustainable-procurement strategy, we have adopted a Supplier Code of Conduct that sets forth our expectations of our suppliers, including reducing environmental impact. In addition, we engage with suppliers to improve the environmental impact of the products and services we purchase. Beyond reducing our own footprint, we conduct research to advance the global debate on a wide range of sustainability and resource productivity topics. Our research provides an evidence base and set of analytical tools to enable sound decision making about sustainable development.
• Covid-19 recovery:

  Covid-19 recovery

  To meet the challenges posed by the pandemic, IT Professional Services Ltd had to react in agile and decisive way. As we move into the next phase, now is the time for ITPS to seek out and seize the opportunities emerging in the recovery. This involves conducting an “after-action review” to collect data and insights on lessons learned from the pandemic, and then using these to prioritise actions to enhance business value today and build strategic resilience for tomorrow. IT Professional Service Ltd has Identified identified three key lessons that we have adopted for long-term resilience: 1. Plan and prepare for the next inevitable disruption by designating a crisis response team, designing a crisis response plan aligned to our strategy, goals and purpose, and building an integrated resilience program. 2. We have broken down silos between resilience competencies and teams, and integrate them to coordinate the tactics, tools and technologies needed for an effective crisis response. 3. We have built organisational resilience by establishing high-level resilience governance, revisiting and rethinking our crisis management structure and response strategy, and fostering a culture of resilience.
• Tackling economic inequality:

  Tackling economic inequality

  ITPS have put the following procedures in place to tackle Economic Inequality: 1.Entrepreneurship, growth and business creation IT Professional Services has identified opportunities to grow supplier diversity in the contract supply chain or in the community where the contract is performed, including SME and VCSE participation and new business creation. Engagement activities for potential new suppliers to the contract supply chain, prior to awarding subcontracts, such as advertising upcoming opportunities and meet the buyer events. Measures to make the supply chain working environment conducive to a diverse range of suppliers and growing businesses, such as structuring the supply chain selection process in a way that encourages participation by new and growing businesses. 2.Employment Implementing recruitment practices and employment conditions, such as the five foundational principles of quality work set out in the Good Work Plan that has attracted good candidates from all backgrounds, minimising turnover of staff and improving productivity. Support for the contract workforce by providing careers advice, including mentoring, mock interviews and CV advice, and opportunities for in-work progression and career development into known skills shortages or high-growth areas. Offering opportunities for work experience or similar activities. Providing apprenticeships, traineeships and T Level industry placement opportunities (Levels 2, 3 and 4+) in relation to the contract. 3. Demonstrate action to identify and manage cyber security risks in the delivery of the contract Identifying measures to mitigate and manage cyber security risks within the supply chain, such as engaging with the supply chain to identify and build resilience against cyber security risks and actions to raise cyber security awareness. A commitment to adopting required technical standards and best practice, such as the ‘10 Steps to Cyber Security’ or Cyber Essentials and Cyber Essentials Plus certification.
• Equal opportunity:

  Equal opportunity

  IT Professional Services procedures in the workplace are there to ensure that all our employees / workers are treated appropriately and fairly and that, all things being equal, no candidate is treated unfairly because of their age, gender, race, sexuality or any other protected characteristic. Establishing equal opportunities in the workplace include: Ensuring that all similarly qualified employees have equal access and opportunity to all training and advancement facilities regardless of sex, gender, age or disability. No employee should be overlooked for training or promotion because of any protected characteristic. Making reasonable adjustments in the workplace to accommodate physically challenged employees. Ensuring that no employee is paid any more or less than any of their colleagues who are equally qualified, equally experienced and performing the same role. Advertising new roles externally as well as internally so that anyone who meets the qualifying criteria gets the opportunity to apply. Making sure that no employee is dismissed solely because of a personal characteristic. Ensuring that the same rules apply to employees from all religions regarding extra time off during religious holidays.
• Wellbeing:

  Wellbeing

  IT Professional Services Limited is committed to providing a healthy working environment and improving the quality of working lives for all staff. The wellbeing strategy aims to support the company's mission and core values of freedom of thought and expression, freedom from discrimination and the recognition that IT Professional Services Limited's staff is its greatest asset. Through the integration of wellbeing in all work activities and practices, a positive environment can be created that is compatible with promoting staff engagement, performance and achievement. The wellbeing strategy’s ultimate goal is to improve the health, safety and wellbeing of the compay's staff and to prevent work associated ill health, for the overall benefit of staff and the organisation. This encompasses the physical, mental and social health of employees and recognises that employees’ values, personal development and work within the company contribute to their overall wellbeing at work. This strategy document aims to bring together all initiatives already in place within the company for supporting and maximising the health and wellbeing of staff. Through the coordination of current wellbeing activities and the identification of further opportunities, an action plan has be established that consolidates existing work and achieves additional progress. This action plan has been developed using CIPD’s five recognised domains of wellbeing, namely: health, work, values/principles, collective/social and personal growth. The company's strategy aims to represents a commitment to an integrated approach to staff wellbeing that creates: A sense of belonging An environment and culture based on shared values and trust An environment where staff wellbeing is integrated into day-to-day practices An environment that recognises skills / personal development

Pricing

• Price: £5 to £350 a device
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: ITPS can offer a trial of the RMM for up to 60 days, utilizing the full range of features and functionality.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at David.Warrington@itps.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.