Enterprise Detection & Response (EDR): Centralized managed EDR to include antimalware, antivirus, automated detection and response. Patch Management: Manage windows patches and automatic deployment in accordance with the patch management policy. Manage 3rd party patches and automatic deployment in accordance with patch management policy. Maintenance: Ongoing maintenance of workstations and servers to include, but not limited to: Temp File Cleanup, Disk Cleanup, Memory utilization. Management: 24x7 management of server and network components, including CPU, Memory, Network Utilization, Hard Drive, Uptime/Downtime, usage, trending, event log, security issues, Warranty Status. 8x5 management of all workstation and laptops to include CPU, Memory, Hard Drive and warranty status. Sales Support: Recommend and assist in procurement of IT-related hardware such as workstations, desktops, servers, AV equipment and network equipment. If vendor has bulk purchasing agreements those must be passed to TRRC without markup. Equipment configuration/set up may be billed as part of management services. Backup Services: Backup of central server encrypted to onsite and offsite repository with full image-level backup. Backup of Microsoft 365 environment. Annual testing of data recovery. IT Support Services: Provide for 8x5 IT help desk services, remote support and onsite support at TRRC headquarters. Provide for 8x5 IT help desk and remote support for remote offices. Emergency Support Services: Provide for 24x7 on-call support services for emergency/after-hours issues. Annual IT Audit: Need for a certified information systems auditor to conduct an annual IT audit to review the TRRC network and computer systems in accordance with Commonwealth of Virginia audit guidelines. To include audit services, external penetration testing, and internal vulnerability scanning. Email service: Manage and maintain the Microsoft 365 licensing and email platform for the agency. Provide user-level spam and phishing support. Security Training: Provide for quarterly phishing tests on the agency email system and domains. Provide quarterly web-based security training in accordance with Commonwealth of Virginia audit guidelines.
