The URL can be used to link to this page

Forum Info-TechMarlcrtplaw-dty Company: Forum Info -Tech Email: sales@foruminfotech.net Contact: Tim Barr Address: 160 W. Foothill Parkway Suite 4105-231 Corona, CA 92882 Phone: (951) 256-4070 Website: www.foru m i nfotech. net Submission Date: Mar 1, 2024 2:02 PM Marketplace.city Marketplace.city General Andrew Watkins, President and COO 500 West Madison, Chicago, IL 60661 RESPONSE DOCUMENT REPORT FORM No. TBD Managed IT Services RESPONSE DEADLINE: March 1, 2024 at 7:00 pm Report Generated: Monday, March 4, 2024 Forum Info -Tech Response CONTACT INFORMATION RESPONSE DOCUMENT REPORT FORM No. TBD Managed IT Services ADDENDA CONFIRMATION Addendum #1 Confirmed Feb 27, 2024 3:14 PM by Tim Barr QUESTIONNAIRE 1. Solution Overview of your offerings and solution PLEASE PROVIDE A 2 -PAGE SOLUTION NARRATIVE DESCRIBING YOUR PROPOSED SOLUTION AND HOW IT FITS THE CITY OF LA QUINTA'S NEEDS.* Please be sure to address the following: (a) Number of years in business (b) Taxpayer identification number (c) Number of years performing Managed IT Services (d) Resumes of the Project Manager and key personnel who will be responsible for performance if any agreement results from this RFP (e) Firm ownership and if incorporated, list the state in which the firm is incorporated and the date of incorporation (f) If the firm is a subsidiary of a parent company, identify the parent company La_Qu i nta_F IT_Ove rvi ew. p df 2. Cybersecurity PLEASE CONFIRM YOU ARE ABLE TO PROVIDE CYBERSECURITY/NETWORK SECURITY SERVICES, INCLUDING ANTI-VIRUS, SECURITY UPDATES AND PATCH MANAGEMENT.* Yes RESPONSE DOCUMENT REPORT Standard - Managed IT Services Page 2 RESPONSE DOCUMENT REPORT FORM No. TBD Managed IT Services PLEASE DESCRIBE YOUR INCIDENT RESPONSE FOR A SECURITY EVENT.* Maximum response length: 300 characters OODA: FIT Observes with security monitoring to find threats, then Orients/evaluates what's happening in the cyberthreat arena. Based on context, we Decide/choose the best tactics for fast recovery and minimal damage, then Act to remediate, recover, and improve procedures so it doesn't happen again. HAVE ANY OF YOUR CLIENTS EXPERIENCED A RANSOMWARE ATTACK IN THE LAST 12 MONTHS? IF SO, HOW DID YOUR COMPANY RESPOND?* Maximum response length: 300 characters None of our clients have experienced a ransomware attack. ARE YOU ABLE TO ADMINISTER AND MANAGE ON-GOING TRAINING PROGRAMS AND REGULAR PHISH AND RELATED TESTS FOR ALL LA QUINTA EMPLOYEES? Yes PLEASE LIST ANY CYBERSECURITY CERTIFICATIONS THAT YOUR COMPANY HAS ACHIEVED.* Maximum response length: 300 characters FIT provides the Overwatch security products which cover email, endpoints, SaaS products, vulnerability scanning, vulnerability remediation, and a 24/7/365 Security Operations Center (SOC) based in Indiana. There are no "certifications" for Overwatch, but our team is highly trained on the platform. PLEASE DESCRIBE YOUR APPROACH TO REAL-TIME PERIMETER MONITORING.* Please specify the ability to access real-time security information and log data, as well as stored logs. Maximum response length: 300 characters RESPONSE DOCUMENT REPORT Standard - Managed IT Services Page 3 RESPONSE DOCUMENT REPORT FORM No. TBD Managed IT Services AI -powered network detection & response leverages big data analytics and Al to drill down on real alerts. Security analysts based in the US monitor alerts and respond to threats around the clock. Al constantly monitors logs for anomalies and provides alerts for a scalable and customized process. DO YOU MAINTAIN 24/7/365 HEALTH MONITORING AND AVAILABILITY OF THE DELIVERY PLATFORM?* Maximum response length: 300 characters 24/7/365 network monitoring monitors the critical health status of devices and line of business applications, remotely diagnoses problems before they occur, and our 24/7/365 global team restarts essential services as needed to minimize network and device downtime that causes lost productivity DO YOU PROVIDE ANNUAL SECURITY ARCHITECTURE REVIEW AND VULNERABILITY ASSESSMENTS?* Maximum response length: 300 characters FIT believes that vulnerability scanning and response should happen in real-time, not annually. FIT Overwatch continuously scans for vulnerabilities with Al and big data analytics, detects vulnerabilities and alerts, and provides remediation for compliance with regulatory and security mandates. 3. Network Reliability PLEASE CONFIRM YOU OFFER NETWORK MANAGEMENT AND INFRASTRUCTURE SUPPORT SERVICES.* Yes CAN YOU PROVIDE INSTALLATION, CONFIGURATION, ADMINISTRATION, AND MAINTENANCE OF ALL NETWORK EQUIPMENT INCLUDING SWITCHES, FIREWALLS, ROUTERS, CABLING, WIRELESS ACCESS POINTS, AND OTHER DEVICES?* Yes PLEASE LIST THE STEPS TAKEN TORE PAIR AN INTERNET OUTAGE, INCLUDING COMMUNICATION AND ESCALATION PROTOCOLS. HOW LONG DOES IT USUALLY TAKE TO RESTORE INTERNET, AND HOW OFTEN DO CLIENTS HAVE OUTAGES?* RESPONSE DOCUMENT REPORT Standard - Managed IT Services Page 4 RESPONSE DOCUMENT REPORT FORM No. TBD Managed IT Services Maximum response length: 300 characters Our technicians work closely with the internet provider to determine the cause of the outage. Is it internal, or from the ISP? Tickets are managed through the FIT Workspace.All tickets are escalated after one hour. Our clients rarely lose internet, outages vary based on the ISP. ARE YOU ABLE TO OFFER 24/7/365 SYSTEM MONITORING AND EMAIL MONITORING?* Yes PLEASE CONFIRM YOU ARE ABLE TO CONDUCT A NIGHTLY BACKUP PLAN FOR CRITICAL SERVERS, INCLUDING A REGULARLY -TESTED RECOVERY PROCESS* Yes CAN YOU PROVIDE SUPPORT SERVICES FOR VOIP /ANALOG TELEPHONE MANAGEMENT? Please list any specific experience with Mitel. Maximum response length: 300 characters FIT currently manages a multi -site Mitel Hybrid Deployment (Cloud and On Premise) for a large client. FIT worked with an authorized Mitel Service Provider to help architect, design, and deploy the Mitel network, and manages both the telephone and computer network for this client with onsite staff. 4. Device/Hardware Management CAN YOU PROVIDE ALL MAINTENANCE, MONITORING, AND SUPPORT FOR HARDWARE (SERVER, DESKTOP, LAPTOP, MOBILE), AND INVENTORY CONTROL AND MANAGEMENT (HARDWARE AND SOFTWARE)?* Yes IF NO, PLEASE ELABORATE. Maximum response length: 300 characters RESPONSE DOCUMENT REPORT Standard - Managed IT Services Page 5 RESPONSE DOCUMENT REPORT FORM No. TBD Managed IT Services No response submitted PLEASE CONFIRM THAT YOUR SERVICES COVER PROCUREMENT MANAGEMENT (SELECTION OF COMMERCIALLY RATED EQUIPMENT, ORDER PLACEMENT, ORDER TRACKING, SHIPPING, EQUIPMENT RETURNS, AND SOURCING AND ORDERING OF REPLACEMENT PARTS).* Yes IF NO, PLEASE ELABORATE. Maximum response length: 300 characters No response submitted WHAT IS YOUR PROCESS FOR KEEPING TRACK OF ALL LA QUINTA IT INVENTORY? Maximum response length: 300 characters Our proprietary FIT Workspace shows all assets in real time including Manufacturer, model number, serial number, IP address, OS type, and version where applicable. Inventories are "live" and automatically change billing when changed. Reducing/adding units=changing billing the following month. 5. Customer Service/Help Desk Support PLEASE DESCRIBE THE CUSTOMER SERVICE AND HELP DESK SUPPORT YOUR SERVICES PROVIDE. (For example, 24/7/365 support) Maximum response length: 300 characters FIT provides live customer service 24/7/365. FIT has has California and US -based techs but also technical resources globally that have worked for FIT for years Our global team works overnight to provide 24/7/365 care and do upgrades/maintenance overnight so no work is encumbered in working hours. PLEASE DESCRIBE THE LOCATION OF YOUR OFFICE HEADQUARTERS. * RESPONSE DOCUMENT REPORT Standard - Managed IT Services Page 6 RESPONSE DOCUMENT REPORT FORM No. TBD Managed IT Services Maximum response length: 300 characters FIT is headquartered at 160 Foothill Pkwy, Suite 105-231, Corona, CA 92882. FIT has been 100% remote since 2016 so we hire exceptional technical resources that live near our clients, reducing commuting time and maximizing employee and client satisfaction causing over 70 5 -star Google reviews. DO YOU HAVE A LOCAL OFFICE IN SOUTHERN CALIFORNIA WITHIN A 2 -HOUR DRIVE FROM LA QUINTA? (NOTE: YOUR PROPOSAL MAY BE DISQUALIFIED IF YOU ARE UNABLE TO PROVIDE ONSITE STAFFING FOR THE CITY, OR DO NOT HAVE AN OFFICE IN SOUTHERN CALIFORNIA)* Please specify where your local office is located. Maximum response length: 300 characters Yes. FIT is headquartered at 160 Foothill Pkwy, Suite 105-231, Corona, CA 92882 with employees throughout the Inland Empire. FIT will also provide two local employees to work full-time within the City of La Quinta. DURING BUSINESS HOURS, HOW LONG WOULD IT TAKE SOMEONE TO ARRIVE ON-SITE IN THE EVENT OF AN IT EMERGENCY? <1 hour DURING AFTER HOURS, HOW LONG WOULD ITTAKE SOMEONE TO ARRIVE ON-SITE IN THE EVENT OF AN IT EMERGENCY? 1-2 hours ON-SITE STAFFING AVAILABILITY? (NOTE: YOUR PROPOSAL MAY BE DISQUALIFIED IF YOU ARE UNABLE TO PROVIDE ONSITE STAFFING FOR THE CITY) Is your firm able to provide a minimum of 2 on-site desktop technicians, with one of the two technicians being proficient in Networking? Yes RESPONSE DOCUMENT REPORT Standard - Managed IT Services Page 7 RESPONSE DOCUMENT REPORT FORM No. TBD Managed IT Services WILL THE ON-SITE TECHNICIANS BE ABLE TO WORK CONCURRENTLY WITH CITY STAFF'S WORK SCHEDULE, INCLUDING AS -NEEDED ADJUSTMENTS TO WORK LATER HOURS FOR EVENTS SUCH AS CITY COUNCIL, COMMISSION HEARINGS, AND SPECIAL EVENTS AT CITY HALL AND OTHER LOCATIONS?* (Monday through Friday 7:30am to 5:30pm) (Tuesdays may require working as late as 10pm occasionally with notice in advance) ONE ON-SITE TECHNICIAN MUST ALWAYS BE PRESENT Yes PLEASE DESCRIBE THE GUARANTEED AND AVERAGE RESPONSE TIME FOR REQUESTS DURING BUSINESS HOURS AND AFTER HOURS. Maximum response length: 300 characters With On-site technicians, the response is almost immediate. Average response time for all clients is within 10 minutes, during business hours, and within 20 minutes for after hours. FIT has a global team that provides 24/7/365 live help desk support. Guaranteed response is 1 hour. PLEASE UPLOAD RESPONSE TIME AND SUPPORT SLAS. Fo ru m_I nfo-Tech_SLA. pdf WHAT IS THE AVAILABILITY OF KEY STAFF DURING NORMAL BUSINESS HOURS? Maximum response length: 300 characters FIT will have two onsite technical resources positioned in the City during business hours. Additionally, our remote help desk/Tier II & III are available 24/7/365 for escalation purposes. FIT has multiple technical resources located throughout the Inland Empire within a two hour radius as needed. ARE THERE ANY PENALTIES FOR YOUR COMPANY IF GUARANTEED RESPONSE TIMES AREN'T MET?* Maximum response length: 300 characters There are no contractual penalties at this time. DESCRIBE YOUR WORK ORDER/TICKET SYSTEM. RESPONSE DOCUMENT REPORT Standard - Managed IT Services Page 8 RESPONSE DOCUMENT REPORT FORM No. TBD Managed IT Services Maximum response length: 300 characters FIT uses ConnectWise, and industry standard ticketing system. Clients can place a ticket directly through the proprietary role based FIT Workspace, via email, or phone. Users can see their open and closed tickets through the Workspace. Administrators can see all tickets in the Workspace. WHAT ARE THE STEPS USED TO ESCALATE CHRONIC OR CHALLENGING PROBLEMS?* Maximum response length: 300 characters If a helpdesk technician cannot resolve an issue within one hour, the issue is escalated. For a challenging issue, your onsite resources would escalate to our Tier II, Tier III technical resources for support. Local vCIO or Executive Management involvement is available as needed for extreme issues. 6. Organizational Governance THE SELECTED LA QUINTA MANAGED IT SERVICES PARTNER IS EXPECTED TO CONTRIBUTE TO ORGANIZATIONAL GOVERNANCE AND SUPPORT AND ADHERE TO CITY RULES AND REGULATIONS. PLEASE CONFIRM YOU CAN PROVIDE THESE SERVICES.* Yes PLEASE SELECT WHETHER YOU CAN PROVIDE THE FOLLOWING. User onboarding/offboarding Active Directory Management System, network, and application documentation Provide customized IT policies and provide best practices and recommendations Regular reporting on purchases, assets, current activities and issues, and project status reports Have experience in Surplusing and Auditing based on State of California compliance activities for Cities RESPONSE DOCUMENT REPORT Standard - Managed IT Services Page 9 RESPONSE DOCUMENT REPORT FORM No. TBD Managed IT Services 7. Management of Existing Enterprise Applications DESCRIBE HOW MAJOR SOFTWARE UPGRADES WILL BE APPLIED. ARE THERE EXTRA FEES FOR UPGRADES? IF SO, PLEASE DESCRIBE.* Maximum response length: 300 characters Software upgrades other than Microsoft and Adobe products are billable projects that require provisioning of resources on servers, scheduling downtime and performing the upgrades in non -business hours with vendor interaction. Our goal would be to migrate future apps to the cloud for easy upgrades. PLEASE DESCRIBE YOUR EXPERIENCE ADMINISTERING MICROSOFT 365 FOR CLIENTS. PLEASE DESCRIBE ANY MICROSOFT 365 CERTIFICATIONS YOU HOLD. * Maximum response length: 300 characters FIT manages Microsoft 365 for 90% of our clients and considers M365 a "standard" line of business we support. The FIT Workspace allows Admins within the City to do simple tasks like adding/removing users via a simple wizard. See the additional information section for more info on the FIT Workspace. PLEASE DESCRIBE YOUR FAMILIARITY AND EXPERIENCE WITH OTHER EXISTING LA QUINTA TECHNOLOGY, AS LISTED IN THE OPPORTUNITY OVERVIEW ABOVE. * Please be sure to highlight technologies you are unfamiliar with. Maximum response length: 500 characters FIT has high expertise with all listed networking, Meraki, Datto, Sonicwall, Ubiquiti, and of course the Microsoft servers and VMware as well as specialized products for Police/Fire departments. We currently manage Mitel phone systems, Windows and Apple workstations/laptops. Mobile endpoints are managed with Microsoft Intune. M365 and Adobe products are core software and our technical resources have familiarity with other listed software. FIT provides 24/7/365 SOC and SIEM for security. 8. Strategic Adoption of New Technologies PLEASE CONFIRM YOU CAN ASSIST THE CITY IN ADOPTING AND IMPLEMENTING NEW TECHNOLOGIES.* RESPONSE DOCUMENT REPORT Standard - Managed IT Services Page 10 RESPONSE DOCUMENT REPORT FORM No. TBD Managed IT Services Yes WHAT IS YOUR PROCESS AND CRITERIA FOR EVALUATING NEW SOFTWARE AND HARDWARE?* Maximum response length: 300 characters The process is to ascertain the needs. Research software based on those needs. provide a short list of options to the client. Have demonstrations and often a trial period of the software. Allow the client to make a choice. Once purchased, implement and support. PLEASE PROVIDE SPECIFIC EXAMPLES OF HOW YOU HAVE WORKED WITH CUSTOMERS THAT BEGAN WITH SIGNIFICANT TECHNOLOGY LIMITATIONS AND HELPED TO SUCCESSFULLY TRANSFORM THEM INTO ORGANIZATIONS WITH WELL PLANNED AND EXECUTED TECHNOLOGY STRATEGIES? WHAT WERE THE CRITICAL SUCCESS FACTORS IN THIS TRANSFORMATION?* Maximum response length: 500 characters The crucial success factors for digital transformation are being proactive, focusing on needs and not tools, good planning and great implementation/training. A specific example is FIT providing high level cyber security services to a comparably sized City. We listened to their needs, didn't "force" our cyber stack on them but instead found software that matched their unique needs, went through the approval process, implemented and trained the staff for a very successful and timely project. 9. Prior Experience and Case Studies HOW MANY TOTAL STATE AND LOCAL GOVERNMENTS USE YOUR COMPANY FOR MANAGED IT SERVICES?* 1-10 ARE THE MAJORITY OF YOUR CLIENTS IN THE PUBLIC SECTOR OR THE PRIVATE SECTOR? PLEASE PROVIDE AN ESTIMATED PERCENTAGE BREAKDOWN IF POSSIBLE. * Maximum response length: 100 characters 10% of FIT clients are public sector. The others are SMB and organizations up to 200 people. PLEASE PROVIDE REFERENCES FOR THE CITY OF LA QUINTA* RESPONSE DOCUMENT REPORT Standard - Managed IT Services Page 11 RESPONSE DOCUMENT REPORT FORM No. TBD Managed IT Services Please download the below document, complete, and upload. • MarketDlace.city Reference Marketplace.city_Reference_Document_IT_Manages_Services_La_Quinta_CA.xlsx 10. Pricing and Model PLEASE PROVIDE A PRICING ESTIMATE TO THE CITY BASED ON THE INFORMATION PROVIDED IN THIS RFP.* Please download the below document, complete, and upload. Please be sure to include a detailed fee schedule for the services requested by this RFP and any complementary services offered along with corresponding prices. The initial contract is anticipated for a period of 5 years commencing on or before July 1, 2024, with the potential for an option to renew it for two additional years. Please include renewal costs as well. • Basic Pricing Template .xlsx La_Quinta_Basic_Pricing_Template_.xlsx PLEASE DESCRIBE THE KEY INFORMATION YOU WILL NEED FROM THE CITY OF LA QUINTA IN ORDER TO PROVIDE THEM WITH A MORE ACCURATE PRICING ESTIMATE.* Maximum response length: 300 characters An accurate count of users, managed devices (workstations, laptops), and G3 services used. Are there email archives for public record searches? # of email addresses for office users vs volunteers with an email address. Level of cyber security desired for the City with SIEM and SOC. PLEASE UPLOAD ANY STANDARD PRICING DOCUMENTS YOU WISH TO SHARE. Services_Guide_-_Revised_08_24_2023.pdf 11. Implementation PLEASE DESCRIBE YOUR IMPLEMENTATION METHODOLOGY, INCLUDING AVERAGE IMPLEMENTATION TIME.* Maximum response length: 500 characters RESPONSE DOCUMENT REPORT Standard - Managed IT Services Page 12 RESPONSE DOCUMENT REPORT FORM No. TBD Managed IT Services FIT follows the Prepare/Plan/Design/Validate/Deploy methodology. A statement of work is agreed upon before executing any project with goals, projected timeline, estimated hours and costs. A Project Manager is assigned to work with the client and/or vendor. Deployment occurs usually in none -business hours for a minimum of disruption. Examples of projects: Microsoft Essentials rollout (1.25 hrs/device), replace old servers (up to 100 hours), cloud migration (60-100 hours),software rollout . IF WE ELECT TO MOVE FORWARD WITH YOUR COMPANY, WHAT CITY OF LA QUINTA RESOURCES WOULD YOU REQUIRE (E.G., INFORMATION, DATA, STAFF RESOURCES, COMMUNICATION) DURING MIGRATION AND ON AN ONGOING BASIS?* Maximum response length: 300 characters Understanding current "pain points"/issues. Access to former MSP IT Glue data if available. Inventory lists of hardware/software. Weekly Kickoff Meeting with Department Heads and City Manager until onboarding is complete, then 30 -min weekly or 60 -min bi- weekly call with department heads as needed. 12. Other PLEASE SIGN THE FOUR SUPPLEMENTAL DOCUMENTS ATTACHED. * 1. Acknowledgement of Insurance Requirements (Attachment 2) Proposals must include a written statement that, if selected, the proposer will provide the minimum insurance coverage and indemnification noted in Exhibits E and F, respectively, of the City's Agreement for Contract Services included as Attachment 1. 2. Non -Collusion Affidavit (Attachment 3) Proposals must include an executed Non -Collusion Affidavit, included as Attachment 3, executed by an official authorized to bind the firm. 3. Acknowledgement of Addenda (Attachment 4) If any addendum/addenda are issued, the proposer shall initial the Acknowledgement of Addenda, included as Attachment 4. ATTACHMENTS 1. Agreement for Contract Services RESPONSE DOCUMENT REPORT Standard - Managed IT Services Page 13 RESPONSE DOCUMENT REPORT FORM No. TBD Managed IT Services 2. Insurance Requirements Acknowledgement Must be executed by proposer and submitted with the proposal 3. Non -Collusion Affidavit Must be executed by proposer and submitted with the proposal 4. Addenda Acknowledgement Must be executed by proposer and submitted with the proposal • Supplemental Attachments .docx La_Quinta_Non- Collusion_Form.pdfLa_Quinta_Acknowledgement_of_Addendums.PDFLa_Quinta_Insurance_Requirements.pdfMSA_Revised_02_15_ 2023.pdfATTACHMENT_1_CONTRACT_EXAM PLE_RFP_2024.pdf PLEASE INDICATE ANY BUSINESS DESIGNATIONS YOU HAVE: Select all that apply. Small Business Classification Local to California ANYTHING ELSE YOU WANT TO TELL US?* Is there anything else important we should know about your solution, company or proposal? Please upload any supporting documents. La—Qu inta_Additional_I nformation_.pdfLa_Qu inta_EXAM PLE_FIT_2024_Acceptable_Use_Pol icy. pdfLa—Qu i nta_EXAM PLE_FIT_2024_N etwork_Management_Policy. pdfLa—Qu inta_EXAM PLE._FIT_2024_Security_Awareness_Policy_.pdfFIT _Secure_Care_- _OPEN_XDR_COM PETITIVE_MATRIX.pdfFlT_Secure_Care_Managed_XDR.pdfFIT_Secure_Care_Email_Security.pdfFlT_Secure_Care_- _12_Ways_to_Protect_Business_Checklist.pdfFlT_Secure—Ca re—Vu InerabiIity_M an age ment.pdf BY SUBMITTING, I UNDERSTAND THAT THE CITY OF LA QUINTA AND MARKETPLACE. CITY WILL RECEIVE THIS INFORMATION. I HAVE READ AND UNDERSTAND THE TERMS OF THIS OPPORTUNITY.* RESPONSE DOCUMENT REPORT Standard - Managed IT Services Page 14 RESPONSE DOCUMENT REPORT FORM No. TBD Managed IT Services Confirmed RESPONSE DOCUMENT REPORT Standard - Managed IT Services Page 15 INFO -TECH it Solullur3 h l F17 Forum Info -Tech Proposed Solutions for the City of La Quinta, CA Company Name: Forum Info -Tech Company Headquarters: Corona, CA Company FEIN: 20-3380971 Date of incorporation: 08/17/2005 California Multiple Award Schedules (CMAS) Number: 3-20-70-3858A Ownership: Privately held, owners are based in Corona, CA, and not a subsidiary of another company Awards: Ranked #85 in the 2023 MSP501 list. Awarded Top 100 "MSP" and "Cloud Provider" in 2022 Background For nearly two decades Forum Info -Tech (FIT) has provided Managed IT Services within the Inland Empire, throughout Southern California, and now across the entire United States. With local government clients including the City of Palos Verdes Estates, the City of Rolling Hills, and the City of Anaheim, and with a fulltime on-site staff that manages all the IT and Mitel Telecommunication needs at the Toyota Arena and the Ontario Convention Center, FIT is confident in our ability to provide Managed IT Services for the City of La Quinta, providing seamless day-to-day operations, and best practices for the City that keep your IT infrastructure sound and safe. FIT has nearly 20 years of experience in Network Management and has migrated over 50 clients to the cloud in both AWS and Azure should the City choose to move to the Cloud in the coming years. In addition to the two full-time dedicated staff that FIT will place within the City of La Quinta just as we do for the Toyota Arena and the Ontario Convention Center, FIT will provide the services of a virtual CIO (vCIO) whose job is to work with the City on long range plans and projects so the City can budget accordingly. FIT will use their collective decades of experience managing the governance of the network and suggesting/providing "best of class" technologies to aid the City and it's residents. FIT provides an exceptional level of Cyber Security products that, when used together, will provide the City with seamless security information and event management (SIEM) from email, endpoints, SaaS applications, and throughout the network. With a US Based Security Operations Center (SOC) and , vulnerability scanning and, more importantly, vulnerability remediation, the FIT Overwatch system will keep the City, its network, and its data secure. With a fully staffed Project Management team, FIT can seamlessly procure and deliver technology needed by the City, including Computers, tablets, peripherals and some software. Fit is also confident in disposing hardware within the laws of California as we do with other municipalities. How FIT meets the City of La Quinta's needs Forum Info -Tech is a local, stable, established MSP without a Corporate parent that oversees from afar. FIT will provide two full-time technical resources to work the hours specified in the bid. During the transition period, FIT will begin the process of transferring services from the current MSP. A dedicated Project Manager and vCIO will be assigned to the transition project who will update the City Counsel regularly until the Transition is completed. FIT's proprietary dashboard/interface, the FIT Workspace, is a productivity tool for our technicians and key Administrative staff within the City. The Workspace allows selected Admins within the City as well as our techs to set up and remove users in Outlook in minutes by following a simple wizard. In addition, the Workspace shows a full inventory of FIT managed hardware including software updates, status of back-ups, and the FIT Workspace provides User Management including the ability to recover accounts, change passwords, and see who is falling for Phishing emails, all in one simple dashboard. The FIT Workspace also allows users to enter tickets directly into our ConnectWise ticketing system (which can also be done with email or phone), see the status of open and closed tickets for the user, and for Admins, see tickets from all users. We will implement the FIT Workspace for all users and provide this time -saving tool throughout the City. FIT has years of experience working closely with municipalities including Police and EMS departments to ensure technology is utilized effectively. We will do the same with the City of La Quinta. Key Leaders and contacts within FIT: • Biren Shukla, Founder/CEO/Chief Visionary Biren founded Forum Info -Tech in 2004 based on his extensive technical experience. He is actively involved in day-to-day operations, knows clients by name, helps with planning and projects, and stays ahead of technology by attending conferences and research. • Greg Forquer, vCIO Greg has 26 years of IT background, both on the end user and the MSP sides of the table. Greg serves as virtual CIO for our clients and helps with long term planning and project management. • Spent Thomas, Project Manager Spent has 16 years of experience with MSPS, and currently manages some of FIT's largest projects including active cloud migrations. • Rachene Javier -Cabana, Project Manager Rachene is another Project Manager within FIT. Chene is the primary "go to" person when hardware/software are required handling purchases, delivery, and 1000 other projects for FIT. • Harina Shukla, CFO and Operations Manager Harina joined FIT in 2005 and currently manages accounting and HR while serving as a key operations person. Harina was instrumental in tying billing to our inventory management software so accurate equipment counts are done automatically each month. INFO TECH IT Solutions That FIT Service Level Agreements These are the Forum Info -Tech published Response and Resolution Times. Obviously if FIT has an employees onsite, these times may be faster. Response & Resolution Times 7ha rdkw% lahkshoRs Ma rayrrs a spwcr and rr'.c,AWn Wsws for mach pnoniykeal Support Tiers The folkwingdetails dascrihe our support tier revels; ki suppW Inudenrs Crag+n in Per 1, wnare Me )nitre traubletiakar rs Created, and theJoaue Is Tier 1 Support id4n[i figd and GraarJX �p�umanted, and bdF�G ha rdwarpf�7trxarp trau¢leshog2rrt� is iniriar�d All svpporL i rtcldenes Lhet tiamoL be eesahved wdh Tie► f Support are escalated to Ter Z wi7dre more Tier :2 Supp -ori cwnplex support on hardwer$1sofkWeF6 issues Cao he provided by mora experlenead agineem $uppim inri*ntz #hat rannPt W rtsal d by Ticr2 Cuppprf ars csGmfatadt4 Tier 3. WhorF;upper Tier 3 Support Is proWded by rho Masi quellrJed afld axperlences €r}glnaers who have the ebltlry to Calfabvrate ,vitt 3rd part fv-gndorl support w*rrews to raaalya the most curriprcx Issues r sorvies not avaifablke (VI usors 2 fFdtrrs and functions unavailable) 1 1+�Jtiiin 1 hour Significant degradation of Servirs (large number of users or business 2 MIN 4 hours a hours oriticaf functions affected - Limiters degradation of service (limited nurr}ber of users or 48 hours functinn5 affected, business kVithirr 24 hours process can cpntfnua). Srnaff service d�gr&d8fi�n (tiu.5ink!5. Pro4e55can 86 hours Within AB hours A rontinu9 one user affactad). J. Support Tiers The folkwingdetails dascrihe our support tier revels; ki suppW Inudenrs Crag+n in Per 1, wnare Me )nitre traubletiakar rs Created, and theJoaue Is Tier 1 Support id4n[i figd and GraarJX �p�umanted, and bdF�G ha rdwarpf�7trxarp trau¢leshog2rrt� is iniriar�d All svpporL i rtcldenes Lhet tiamoL be eesahved wdh Tie► f Support are escalated to Ter Z wi7dre more Tier :2 Supp -ori cwnplex support on hardwer$1sofkWeF6 issues Cao he provided by mora experlenead agineem $uppim inri*ntz #hat rannPt W rtsal d by Ticr2 Cuppprf ars csGmfatadt4 Tier 3. WhorF;upper Tier 3 Support Is proWded by rho Masi quellrJed afld axperlences €r}glnaers who have the ebltlry to Calfabvrate ,vitt 3rd part fv-gndorl support w*rrews to raaalya the most curriprcx Issues �i +++%'forum r`*+i • INFO-TECRINC IT Solutions That FIT Services Guide This Services Guide contains provisions that define, clarify, and govern the services described in the quote that has been provided to you (the "Quote"). If you do not agree with the terms of this Services Guide, you should not sign the Quote and you must contact us for more information. This Services Guide is our "owner's manual" that generally describes all managed services provided or facilitated by Forum Info -Tech, Inc. ("Forum Info -Tech," "we," "us," or "our"); however, only those services specifically described in the Quote (collectively, the "Services"). will be facilitated and/or provided to you ("Customer," "you," or "your"). Activities or items that are not specifically described in the Quote will be out of scope and will not be included unless otherwise agreed to by us in writing. This Services Guide contains important provisions pertaining to the auto -renewal of the Services in the Quote, as well as fee increases that may occur from time -to -time. Please read this Services Guide carefully and keep a copy for your records. Initial Audit / Diagnostic Services If an Initial Audit / Diagnostic Services are listed in the Quote, then we will audit your managed information technology environment (the "Environment") to determine the readiness for, and compatibility with, ongoing managed services. Our auditing services are comprised of: • Audit to determine general Environment readiness and functional capability • Review of hardware and software configurations • Review of ERP, CRM and other SaaS applications • Review of overall business and application workflow • Review of current vendor service / warranty agreements for Environment hardware and software • Basic security vulnerability check • Basic backup and file recovery solution audit • Speed test and ISP audit • Office Telephone, Wireless, Print and Internet Service vendor service audit • Asset inventory • Email and website hosting audit • IT support process audit If deficiencies are discovered during the auditing process (such as outdated equipment or unlicensed software), we will bring those issues to your attention and discuss the impact of the deficiencies on our provision of the Services and provide you with options to correct the deficiencies. Please note, unless otherwise expressly agreed by us in writing, auditing services do not include the remediation of any issues, errors, or deficiencies ("Issues"), and we cannot guarantee that all Issues will be detected during the auditing process. Issues that are discovered in the Environment after the auditing process is completed may be addressed in one or more subsequent quotes. Onboardina Services If onboarding services are listed in the Quote, then one or more of the following services will be provided to you. • Uninstall any monitoring tools or other software installed by previous IT service providers. • Compile a full inventory of all protected servers, workstations, and laptops. • Uninstall any previous endpoint protection and install our managed security solutions (as indicated in the Quote). • Install remote support access agents (i.e., software agents) on each managed device to enable remote support. • Configure WindowsS and application patch management agent(s) and check for missing security updates. • Uninstall unsafe applications or applications that are no longer necessary. • Optimize device performance including disk cleanup and endpoint protection scans. Review firewall configuration and other network infrastructure devices. • Review and document current server configuration and status. • Determine existing business continuity strategy and status, prepare backup file recovery and incident response option for consideration. • Review password policies and update user and device passwords. • Onboard and transfer licensing management through partner agreements with Microsoft, AWS, and other applicable tools. This list is subject to change if we determine, in our discretion, that different or additional onboarding activities are required. If deficiencies are discovered during the onboarding process, we will bring those issues to your attention and discuss the impact of the deficiencies on our provision of our monthly managed services. Please note, unless otherwise expressly stated in the Quote, onboarding-related services do not include the remediation of any issues, errors, or deficiencies ("Issues"), and we cannot guarantee that all Issues will be detected during the onboarding process. The duration of the onboarding process depends on many factors, many of which may be outside of our control—such as product availability/shortages, required third party vendor input, .As such, we can estimate, but cannot guarantee, the timing and duration of the onboarding process. We will keep you updated as the onboarding process progresses. Off Boarding • Subject to the Customer's payment of any and all fees and charges due through the date of expiration or termination and if Customer is not in breach or default of any of its obligations hereunder, Forum Info -Tech will perform the following tasks for offboarding: • Removal of monitoring agents from Servers • Removal of Endpoint Protection software from Servers • Removal of monitoring agents from Workstations • Removal of Endpoint Protection software from Workstations • Removal of Microsoft 365 Licenses from client's account • Removal of SQL or Remote Desktop licenses provided by Forum Info -Tech • Removal of credentials from Network devices • Removal of Backup software from Servers • Removal of Microsoft 365 Backup • Removal of FIT Security Care products • Removal of all client data from internal systems, including documentation and passwords • Instruct and advise client on removal of consolidated billing on all cloud platforms Ongoing / Recurring Services Ongoing/recurring services are services that are provided to you on an ongoing basis and, unless otherwise indicated in a Quote, are billed to you monthly. Some ongoing/recurring services will begin with the commencement of onboarding services; others will begin when the onboarding process is completed. Please direct any questions about start or "go live" dates to your technician. Managed Services The following Services/Service Plans, if listed on the Quote, will be provided to you. Workstation Care Plan 8x5 Proactive Monitoring This product monitors the health of a workstation, proactively warning us about possible hardware failures and application errors. It also allows tech support or the end user to remotely connect to the workstation through LogMeln Pro. Antivirus Licensing & Monitoring This product provides basic malware protection. Our system administrators will receive alerts about threats found and remediate any problems remotely. Advanced Endpoint Protection is available as an upgrade, and it includes behavior detection, firewall and web filtering. Proactive Patching Services When Microsoft releases patches, our NOC team will test the patches for one week to mitigate possible issues. Once patches are tested, they may be whitelisted or blacklisted for deployment. Whitelisted patches are deployed on a scheduled decided by the customer. Operating System Support We provide technical support for the Operating System installed on the workstation. This includes troubleshooting error messages, device drivers, feature updates and system health. Remote Hardware Diagnostics We offer remote assistance in diagnosing hardware problems. Onsite visits are available at an extra cost. User Care Plan Technical Support — Microsoft Applications We will assist users with applications developed by Microsoft, such as Microsoft Office, Teams, Planner, etc. Technical Support — Corporate Email Security We will assist with set up of multi -factor authentication for email accounts and assist users identifying threats sent by email messages (phishing, malicious payloads, etc.) Technical Support — Cloud Connectivity We will assist users with cloud connectivity problems on authorized workstations. This includes problems with credentials, multi -factor authentication or issues with the LevelCloud Dashboard. Technical Support — Current Application We will provide technical support only for Current line -of -business ("LOB") applications. A Current LOB Application is an application that has not been discontinued or retired by the developer or distributor of the application, that the developer or distributor offer standard support and maintenance services for and has a valid and current maintenance agreement between the client and the developer or distributor. If we are unable to remediate an issue with a Current LOB Application, then you will be required to contact the manufacturer/distributor of the software for further support. Please note: Manufacturers/distributors of such software may charge fees, some of which may be significant, for technical support; therefore, we strongly recommend that you maintain service or support contracts for all Current LOB Applications ("Service Contract"). On occasion and in our discretion, we may provide you with advice or suggestions concerning support for non -Current LOB Applications. Please note, if such advice or suggestions are provided, they are on a "best efforts" basis with no guarantee of remediation whatsoever. If you request that we work with a vendor/manufacturer to diagnose or remediate issues with non -Current LOB Applications, then that service, if provided to you, will be billed to you at out then -current hourly rates. In addition, the vendor/manufacturer may charge service fees to provide such support, and those fees will be passed through to you. Vendor Management - Current Application If problems cannot be solved by basic support, Forum Info -Tech will be the interface between the Customer and the vendor. We will contact the company responsible for application and work with them, on behalf of the Customer, until the problem is resolved. Please note: We do not warrant or guarantee that any particular issue or problem can or will be resolved by the applicable vendor, nor do we guarantee that the issue(s) or problem(s) will be fully remediated in a particular time period. Multi Factor Authentication Advanced two factor authentication with advanced admin features. Secures on -premises and cloud -based applications. Permits custom access policies based on role, device, location. Identifies and verifies device health to detect "risky" devices. Server Care Plan 247 Proactive Monitoring This product monitors the health of a server, proactively warning us about possible hardware failures and application errors. It also provides information about failed services, disk space and performance. 247 Emergency Technical Support If servers are not working or reporting offline, our team will provide 247 support for your critical workloads. Antivirus Licensing & Monitoring This product provides basic malware protection. Our system administrators will receive alerts about threats found and remediate any problems remotely. Proactive Patching Services When Microsoft releases patches, our NOC team will test the patches for one week to mitigate possible issues. Once patches are tested, they may be whitelisted or blacklisted for deployment. Whitelisted patches are deployed on a scheduled decided by the customer. Remote / In -House / On Site Hardware Diagnostics In case servers have problems that cannot be fixed remotely, we provide in-house and onsite support for critical workloads until functionality is restored. Database Care Services For applications that use database services like Microsoft SQL Server, Progress, Pervasive, Oracle and others, our team provides database maintenance services following industry best practices. Vendor Management - Warranty Services If physical components of a server should fail, our team works directly with the manufacturer to obtain replacement parts and install them as fast as possible. We also monitor warranty of servers and work with our customers to plan for server replacements before warranty expires. Data Care Plan Server Backup Monitoring & Maintenance We will monitor your server backup jobs 24/7, including offsite backups and provide maintenance on backup chains and backup retention to meet the customers' needs. We will also provide data restoration services in case of disaster or human error. Offsite Replication & Retention Backups will be replicated to a second and third locations depending on customers' needs and compliance requirements. Backed up data will be retained at a minimum on a rolling 7 day basis. Backup Testing We will test restoring backups from the current backup set every 30 days or less, depending on customers' needs. This ensures backups are healthy and can be restored from. Backup Alerts: Managed servers will be configured to inform of any backup failures Recovery of Data: If you need to recover any of your backed up data, then the following procedures will apply: • Service Hours: Backed up data can be requested during our normal business hours, which are currently 6:OOam — 6:OOpm PST Monday through Friday, excluding Forum Info -Tech observed holidays • Request Method. Requests to restore backed up data should be made by creating a support ticket. Requests made by any other method may delay our response to you. • Restoration Time: We will endeavor to restore backed up data as quickly as possible following our receipt of a request to do so; however, in all cases data restoration services are subject to (i) technician availability and (ii) confirmation that the restoration point(s) is/are available to receive the backed up data. Network Care Plan Network Switch Monitoring & Maintenance We will provide basic switch monitoring (basic status as online / offline and system hardware load load) or advanced switch monitoring (traffic insights, VLANs, security, etc.), along with remediation in case of failure and firmware upgrades. Firewall / Router Monitoring & Maintenance We will provide basic firewall / router monitoring (basic status as online / offline and system hardware load) or advanced firewall monitoring (traffic insights, VLANs, security, etc.), along with remediation in case of failure and firmware upgrades. Wireless Infrastructure Monitoring & Maintenance We will provide wireless infrastructure monitoring and maintenance. This service includes wireless surveys, optimization of access point placement, creation / removal / maintenance of wireless SSIDs and wireless security. Quality of Service Monitoring & Maintenance We will advise and assist with Quality -of -Service configurations for sensitive services such as video conferencing and VoIP. Virtual CIO Service NCIO Service) Plan Forum Info -Tech will act as the main point of contact for certain business-related IT issues and concerns. For example, we will: • Assist in creation of information/data-related plans and budgets. • Provide strategic guidance and consultation across different technologies. • Create company -specific best standards and practices. • Provide education and recommendations for business technologies. • Participate in scheduled meetings to maintain goals. • Maintain technology documentation. • Assess and make recommendations for improving technology usage and services. FIT Secure Care (Basic Plan) FIT Detective - Dark Web Monitoring Service Credentials supplied by Client will be added into a system that continuously uses human and machine - powered monitoring to determine of the supplied credentials are located on the dark web. If compromised credentials are found, they are reported to Help Desk Services staff who will review the incident and notify affected end-users. Dark web monitoring can be a highly effective tool to reduce the risk of certain types of cybercrime; however, we do not guarantee that the dark web monitoring service will detect all actual or potential uses of your designated credentials or information. FIT PhishNet: Security Testing and Training FIT PhishNet is a solution to keep your users sharp and well trained to protect your most valuable data, and to help identify potential malware and phishing attacks before they can infiltrate your organization's network. • Online, on -demand training videos (multi-lingual). Online, on -demand quizzes to verify employee retention of training content. • Baseline testing to assess the phish-prone percentage of users; simulated phishing email campaigns designed to educate employees about security threats. Please see Anti-virus: Anti-Malware and Breach / Cyber Security Incident Recovery sections below for important details. FIT Email Threat Protection Managed email protection from phishing, business email compromise (BEC), SPAM, and email - based malware. • Friendly Name filters to protect against social engineering impersonation attacks on managed devices. • Protection against social engineering attacks like whaling, CEO fraud, business email compromise or W-2 fraud. • Protects against newly registered and newly observed domains to catch the first email from a newly registered domain. • Protects against display name spoofing. • Protects against "looks like" and "sounds like" versions of domain names. FIT Office 365 Security Monitoring A managed security product that collects, aggregates, and normalizes log data from Office 365 tenants using BARRACUDA'S analytics platform, SIEM, threat intelligence, and 24/7 365 Security Operations Center. Identify threat like behavior in 0365 like unauthorized access to cloud mailboxes, admin changes in the environment, impossible logins, mass file downloads, and brute force attacks. We will setup, monitor and maintain Office 365 Security Monitoring as part of the services provided. FIT Microsoft 365 Backup Microsoft 365 Backup automatically backs up all information stored in Microsoft 365, including mailboxes, OneDrive, and SharePoint, and Microsoft Teams data to an encrypted storage. FIT Security Care (Advanced Plan) The Advanced Plan contains all products in the Basic Plan plus.- FIT lus: FIT Network Security Monitoring In today's cyber -landscape, a rule-based intrusion detection system and firewall is simply not enough to keep hackers out. Network Security Monitoring is not your traditional IDS system. Using real-time streaming data analytics, the appliance correlates events from traffic moving north -south and east -west inside a network. As a partner of BARRACUDA, FIT will setup, monitor and maintain network security monitoring as part of the services provided. Key Features: Denial of Service (DOS) attacks - Identifies unusual traffic from organization -owned devices, bring leveraged to perform a denial -of -service attack FTP and Cloud Storage Exfiltration - Monitors network traffic over protocols that facilitate large data transfer and alerting when unusual quantities or file types are being transferred Cross -Site Scription - Identifies web server -client traffic patterns indicating cross -site scription attacks (XSS) Command and Control Communication - Correlates network traffic to discover malware communicating with external attackers, which is a sign of a compromised attack FIT Log Security Monitoring Provides real-time visibility in your systems with Log Monitoring. The product collects, aggregates, and normalizes log data from hundreds of sources for Al enabled analysis using BARRACUDA's analytics platform, SIEM, threat intelligence, and 24/7 365 Security Operations Center. The BARRACUDA SOC functions as an extension of your team with full transparency and viability using the Customer Security Dashboard. As a partner of BARRACUDA, FIT will set up, monitor and maintain log security monitoring as part of the services provided. Key Features: - Monitors for Cloud Infrastructure attacks, Anomalous Privilege Escalation, Unauthorized Access, Third -Party Violations, Compromised User Credentials and Multi -Vector Attacks - Al Analytics Engine - Strong reporting - Deployment of physical or virtual appliance for on -prem logs (like syslog) - Support key industry and regulatory compliance standards such as continuous monitoring and log retention - Ability to merge data from existing security tools with multiple sources to provide greater visibility and re -use existing investments Additional Available Services The following services are available on an ad-hoc, by -request basis, and will be provided to or facilitated for you only if specifically listed in the Quote. Additional fees will apply for these services unless they are expressly included in one of our Service Plans listed above. 247 User Care We understand that sometimes you may need after-hours support. 24x7 User Care provides Customer with 247 access to a technical team for hardware or software support. This service covers the number of users listed in the Quote. Server Next — Generation Antivirus Primary endpoint security layer. Software agents installed in covered server devices protect against malware and prevents intruder access. Used in coordination with other endpoint security layers and security solutions to form a comprehensive defense strategy. • Next -generation deep learning malware detection, file scanning, and live protection for Server OS • Web access security and control, application security and control, intrusion prevention system • Data loss prevention, exploit prevention, malicious traffic detection, disk and boot record protection FIT Vulnerability Assessment Our Vulnerability Assessment are done by scanning your Public IP address. Our team inspects the client's network for known vulnerabilities or weaknesses, while the Pen Test attempts to gain access to the clients network. Both are done in accordance with highest security standards and best practices, keeping the client compliant with any industry or state/federal regulations. The Summary and Technical Report will identify & grade vulnerabilities or weaknesses that need to be addressed and remedied, and you and your team can of course charge separately for that service. (We are also available for remediation work if necessary, at an additional cost.) FIT Penetration Testing A penetration test is the process of identifying and exploiting vulnerabilities, trying to use the most diverse methods from the perspective of an attacker. This process is a key part of the information security, allowing quickly and effectively identify vulnerabilities and their proper risk. The vulnerability assessment process aims at identifying and reporting on observed vulnerabilities. A penetration test attempts to exploit vulnerabilities of existing systems to determine whether unauthorized access and / or malicious code execution is possible. The test includes testing the network and application layers and can be performed externally (run external to the customer's network, for example via the Internet) and / or internally (performed within the customer's network). Managed Detection and Response • 247 Managed network detection and response. • Real time and continuous (247) monitoring and threat hunting. • Real time threat response. • Alerts handled in accordance with our Alert Notification table, below. • Security reports, such as privileged activities, security events, and network reports, available upon request. • 24x7x365 access to a security team for incident response* * Remediation services provided on a time and materials basis. Please see Anti-virus: Anti-Malware and Breach Cyber Security Incident Recovery sections below for important details. NIST Risk Assessment • Perform a cybersecurity assessment under NIST CSF using the NIST Risk Management Framework & NIST 800-53. • Identifies how Client currently assesses, mitigates, and tracks its cybersecurity requirements. • Identifies authorized and unauthorized devices in the managed network. • Identifies gaps or deficiencies in the Client's operations that would prevent compliance under NIST CSF. The assessment will cover the following five core areas of the NIST framework: IDENTIFY PROTECT DETECT ��1' tit1 �•..�r'tw �� Y•��Ji YY4a.r � �•M�A j.uny -MM,. 4IshmW ■UL4V7 iwVYS�Yo �. W- W%wfl, �,�� • YMM�Y4 Y>SM V[�lil••P!4 •ijLI�7MY/1 1[IN ay i�r.+ate -NeA*lS t1YrY�yi • rwr��eo • �rinrw� � nohr'w rararyy�Y4 rti•I�iyJpr RESPOND RE 6v6 l -}I?A�iV ri•1A� +"NMMf rN�F4r • �JY�i ' �Ylh • 1/MI ISF � � • �IiY14 Yjii The results of the assessment will be provided in a report that will identify detected risks and your organization's current maturity levels (i.e., indicators that represent the level of capabilities within your organization's security program) and will propose actionable activities to help increase relevant maturity levels and augment your organization's security posture. Please Note: This service is limited to an assessment/audit off. Remediation of issues discovered during the assessment, as well as additional solutions required to bring your managed environment into compliance, are not part of this service. After the audit is complete, we will discuss the results with you to determine what steps, if any, are needed to bring your organization into full compliance. Security Incident and Event Monitoring (SIEM) The SIEM service utilizes threat intelligence to detect threats that can exploit potential vulnerabilities against your managed network. • Initial Assessment. Prior to implementing the SIEM service, we will perform an initial assessment of the managed network at your premises to define the scope of the devices/network to be monitored (the "Initial Assessment"). • Monitoring. The SIEM service detects threats from external facing attacks as well as potential insider threats and attacks occurring inside the monitored network. Threats are correlated against known baselines to determine the severity of the attack. • Alerts & Analysis. Threats are reviewed and analyzed by third -party human analysts to determine true/false positive dispositions and actionability. If it is determined that the threat was generated from an actual security -related or operationally deviating event (an "Event"), then you will be notified of that Event. • Events are triggered when conditions on the monitored system meet or exceed predefined criteria (the "Criteria"). Since the Criteria are established and optimized over time, the first thirty (30) days after deployment of the SIEM services will be used to identify a baseline of the Client's environment and user behavior. During this initial thirty (30) day period, Client may experience some "false positives" or, alternatively, during this period not all anomalous activities may be detected. Note: The SIEM service is a monitoring and alert -based system only; remediation of detected or actual threats are not within the scope of this service and may require Client to retain Forum Info-Tech's services on a time and materials basis. Updates and Patching Please refer to FIT Patching Policy on definitions of various types of patching, frequency and other details Labor for New / Replacement Workstations Includes all labor charges for setup of new workstations, or replacement of existing workstations. • Labor covers: o New computers / additional computers added during the term of the Quote o Replacement of existing computers that are four (4) or more years old (as determined by the manufacturer's serial number records) o Replacement of existing computers that lost/stolen or irreparably damaged and/or out of warranty but not yet four years old o Operating systems upgrades – subject to hardware compatibility Offsite Data Storage Additional charge for storing data offsite in a datacenter. Managed Network Devices A service that covers management of Routers, Switches and Firewall. Please Note: The new name for this service is Network Care—please see above for a description of this service. Cloud Infrastructure or AWS Infrastructure: This is AWS or Azure Infrastructure cost which is being passed through to client. This line item will fluctuate based on increase/decrease in computing resources such as CPU, Memory and Storage. The cost generally includes the following: - Virtual Windows Servers - Windows Server Licensing - Enterprise Storage(Hard Drives) - Enterprise Compute(vCPU, ram) Cloud Managed Services: A set of services provided to clients with cloud servers in either AWS or Azure. This includes things such as 24/7 Monitoring of Servers, Windows Security and Patch Management, User Management, Backup Management, Microsoft Application Upgrades and Helpdesk Services Backup As a Service This service is now referred to as Data Care. Clients that have this service can expect to have their cloud servers backed up in their cloud provider's infrastructure (data center). FIT Workspace FIT Workspace is a client portal that offers our clients the following benefits: - Live information on status of all services contracted through Forum Info -Tech - Management of service tickets and invoices - Management of user accounts, licenses, and inventory - Automation of user account adds, moves, and changes - Account compromise recovery - User sessions and profile management Video Conferencing -as -a -Service FIT will provide management and monitoring of the Video Conferencing Equipment and provide support for such equipment during our normal business hours. FIT Managed Website Plus Building and maintaining an online presence that speaks volumes about your product or service is paramount. FIT Managed Website Plus is a service designed for busy business owners and executives who are wearing multiple hats and just don't have the time to continuously keep the website updated. Instead of working directly with the web developers, you will be working with a FIT's Dedicated Resource who will act as your one stop shop and your interface with our marketing partner(Pronto Marketing). This package includes a brand new website that will be developed as per the client's needs. The process starts with a detailed survey, analysis followed by a sitemap and mockup, skinning the website, creating inner pages and making the website live. This process takes anywhere from 30 to 60 days provided all content is delivered to us in a timely manner. During the term of this service, we periodically improve the website and track results using FIT Digital Marketing solutions to market your website's products and services. Customer will own the website and all the content only after completing a minimum twelve (12) month term in this program. Digital Signage Service This services is for clients that need to display things on their TV's This service includes the cloud Software Licensing and Support and is billed per TV. Marketing4WiFi Dashboard A service that provided a collection of services to provide a WiFi Landing page for guests. This service is usually charged per Wireless Access Point. FIT Managed Backup as a Service This service provides a backup of all Microsoft 365 products DataGuard DataGuard is a service provided to clients that have an onsite backup appliance that requires onsite and offsite backup. The devices that are purchased by clients are based on their then server capacity and generally come with some amount of offsite backup. In some instance, there is a separate charge for offsite backup and disaster recovery management services. Offsite backup varies from Onsite Appliance only backup, Offsite Backup(1 year Retention, 7 year or Infinite Cloud Retention). The following restrictions apply: • Upgrades or installs of new or replacement computers are limited to four (4) devices per month unless otherwise approved in advance by Forum Info -Tech • This service is not available for used or remanufactured computers • New/replacement computers must be business -grade machines (not home) from a major manufacturer like Dell, HPE, or Lenovo Software Licensing (applies to all software licensed by or through Forum Info -Tech) All software provided to you by or through Forum Info -Tech is licensed, not sold, to you ("Software"). In addition to any Software -related requirements described in Forum Info-Tech's Master Services Agreement, Software may also be subject to end user license agreements (EULAs), acceptable use policies (AUPs), and other restrictions all of which must be strictly followed by you and any of your authorized users. When installing/implementing software licenses in the managed environment or as part of the Services, we may accept (and you agree that we may accept) any required EULAs or AUPs on your behalf. You should assume that all Software has an applicable EULA and/or AUP to which your authorized users and you must adhere. If you have any questions or require a copy of the EULA or AUP, please contact us. Covered Hardware Unless otherwise stated in the Quote, Managed Services will be applied to the technology assets such as computers, servers, and networking equipment owned by the Customer. Forum Info - Tech will assist connecting from a personal device to the organization's technology at the Customer's discretion, but support of any personal devices is not included. Forum Info -Tech may exclude specific devices not under a maintenance and support agreement from the applicable hardware manufacturer or beyond typical useful life for such hardware ("Covered Hardware"). Physical Locations Covered by Services Services will be provided remotely unless, in our discretion, we determine that an onsite visit is required. Forum Info -Tech visits will be scheduled in accordance with the priority assigned to the issue (below) and are subject to technician availability. Unless we agree otherwise, all onsite Services will be provided at Client's primary business location. Additional fees may apply for onsite visits: Please review the Service Level section below for more details. Term; Termination The Services will commence, and billing will begin, on the date indicated in the Quote ("Commencement Date") and will continue through the initial term listed in the Quote ("Initial Term"). We reserve the right to delay the Commencement Date until all onboarding/transition services (if any) are completed, and all deficiencies / revisions identified in the onboarding process (if any) are addressed or remediated to Forum Info-Tech's satisfaction. The Services will continue through the Initial Term until terminated as provided in the Agreement, the Quote, or as indicated in this section (the "Service Term"). Removal of Software Agents; Return of Firewall & Backup Appliances: Unless we expressly direct you to do so, you will not remove or disable, or attempt to remove or disable, any software agents that we installed in the managed environment or any of the devices on which we installed software agents. Doing so without our guidance may make it difficult or impracticable to remove the software agents, which could result in network vulnerabilities and/or the continuation of license fees for the software agents for which you will be responsible, and/or the requirement that we remediate the situation at our then -current hourly rates, for which you will also be responsible. Depending on the particular software agent and the costs of removal, we may elect to keep the software agent in the managed environment but in a dormant and/or unused state. Within ten (10) days after being directed to do so, Client will remove, package and ship, at Client's expense and in a commercially reasonable manner, all hardware, equipment, and accessories provided to Client by Forum Info -Tech that were used in the provision of the Services. If you fail to timely return all equipment to us, or if the equipment is returned to us damaged (normal wear and tear excepted), then we will have the right to charge you, and you hereby agree to pay, the replacement value of all such unreturned or damaged equipment. Minimum Requirements / Exclusions The scheduling, fees and provision of the Services are based upon the following assumptions and minimum requirements: • Server hardware must be under current warranty coverage. • All equipment with Microsoft Windows® operating systems must be running then -currently supported versions of such software and have all of the latest Microsoft service packs and critical updates installed. • All software must be genuine, licensed, and vendor -supported. • Server file systems and email systems (if applicable) must be protected by licensed and up-to- date virus protection software. • The managed environment must have a currently licensed, vendor -supported server -based backup solution that can be monitored. • All wireless data traffic in the managed environment must be securely encrypted. • All servers must be connected to working UPS devices. • Recovery coverage assumes data integrity of the backups or the data stored on the backup devices. We do not guarantee the integrity of the backups or the data stored on the backup devices. Server restoration will be to the point of the last successful backup. • Client must provide all software installation media and key codes in the event of a failure. • Any costs required to bring the Environment up to these minimum standards are not included in this Services Guide. • Client must provide us with exclusive administrative privileges to the Environment. • Client must not affix or install any accessory, addition, upgrade, equipment, or device on to the firewall, server, or NAS appliances (other than electronic data) unless expressly approved in writing by us. Exclusions. Services that are not expressly described in the Quote will be out of scope and will not be provided to Client unless otherwise agreed, in writing, by Forum Info -Tech. Without limiting the foregoing, the following services are expressly excluded, and if required to be performed, must be agreed upon by Forum Info -Tech in writing: • Customization of third party applications, or programming of any kind. • Support for operating systems, applications, or hardware no longer supported by the manufacturer. • Data/voice wiring or cabling services of any kind. • Battery backup replacement. • Equipment relocation. • The cost to bring the managed environment up to these minimum requirements (unless otherwise noted in the Quote). • The cost of repairs to hardware or any supported equipment or software, or the costs to acquire parts or equipment, or shipping charges of any kind. Service Levels Automated monitoring is provided on an ongoing (i.e., 24x7x365) basis. Response, repair, and/or remediation services (as applicable) will be provided only during our business hours (currently M -F, 6 AM — 6 PM Pacific Standard Time, excluding legal holidays and Forum Info -Tech observed holidays as listed below), unless otherwise specifically stated in the Quote or as otherwise described below. We will respond to problems, errors, or interruptions in the provision of the Services during business hours in the timeframe(s) described below. Severity levels will be determined by Forum Info -Tech in our discretion after consulting with the Client. All remediation services will initially be attempted remotely; Forum Info -Tech will provide onsite service only if remote remediation is ineffective and, under all circumstances, only if covered under the Service plan selected by Client. ResponseTrouble Priority (in hours) Service not available (all users and 1 Within 1 hour functions unavailable). Significant degradation of service (large 2 Within 2 hours number of users or business critical functions affected) Limited degradation of service (limited 3 Within 2 hours number of users or functions affected, business process can continue). Small service degradation (business process can continue, one user affected). * All time frames are calculated as of the time that we are notified of the applicable issue / problem by Client through our designated support portal, help desk, or by telephone at the telephone number listed in the Quote. Notifications received in any manner other than described herein may result in a delay in the provision of remediation efforts. Rates Support During Off-Hours/Non-Business Hours: Technical support provided outside of our normal business hours is offered on a case-by-case basis and is subject to technician availability. If Forum Info - Tech agrees to provide off-hours/non-business hours support ("Non -Business Hour Support"), then that support will be provided on a time and materials basis (which is not covered under any Service plan), and will be billed to Client at the following increased hourly rates: Business Hours Remote Support Monday -Friday, Sam PST to 5pm PST Included excluding holidays Business Hours Onsite Support Monday -Friday, Sam PST to 5pm PST $175/hour excluding holidays Emergency* After Hours Remote Support All other times and on observed holidays $250/hour Emergency* After Hours Onsite Support All other times and on observed holidays $250/hour Non -Emergency After Hours Remote Support All other times and on observed holidays $250/hour (subject to availability) Non -Emergency After Hours Onsite Support All other times and on observed holidays $250/hour (subject to availability) *Emergency shall be defined as a Priority 1 event. Note: • All hourly services are billed in 15 -minute increments, and partial increments are rounded up to the next highest increment. • A one (1) hour minimum applies to all Non -Business Hour Support. • A four (4) hour minimum, in addition to travel time, applies to all on-site service calls. Billing and Technician travel time are calculated based upon the table above. • The above -listed rates are subject to change from time to time. Forum Info -Tech -Observed Holidays: Forum Info -Tech observes the following holidays: • New Year's Day • Memorial Day • Independence Day • Labor Day • Thanksgiving Day • The day following Thanksgiving Day • Christmas Day • Day After Christmas Fees The fees for the Services will be as indicated in the Quote. Changes to Environment. Initially, you will be charged the monthly fees indicated in the Quote. Thereafter, if the managed environment changes, or if the number of authorized users accessing the managed environment changes, then you agree that the fees will be automatically and immediately modified to accommodate those changes. Travel Time. If onsite services are provided, it will be billed to you at our current hourly rates, portal to portal and roundtrip. In addition, you will be billed for all tolls, parking fees, and related expenses that we incur if we provide onsite services to you. Agaointment Cancellations. You may cancel or reschedule any appointment with us at no charge by providing us with notice of cancellation at least one business day in advance. If we do not receive timely a notice of cancellation/re-scheduling, or if you are not present at the scheduled time or if we are otherwise denied access to your premises at a pre -scheduled appointment time, then you agree to pay us a cancellation fee equal to two (2) hours of our normal consulting time (or non -business hours consulting time, whichever is appropriate), calculated at our then -current hourly rates. Additional Terms & Policies Authenticity Everything in the managed environment must be genuine and licensed—including all hardware, software, etc. If we ask for proof of authenticity and/or licensing, you must provide us with such proof. All minimum hardware or software requirements as indicated in a Quote or this Services Guide ("Minimum Requirements") must be implemented and maintained as an ongoing requirement of us providing the Services to you. Monitoring Services; Alert Services Unless otherwise indicated in the Quote, all monitoring and alert -type services are limited to detection and notification functionalities only. These functionalities are guided by Client -designated policies, which may be modified by Client as necessary or desired from time to time. Initially, the policies will be set to a baseline standard as determined by Forum Info -Tech; however, Client is advised to establish and/or modify the policies that correspond to Client's specific monitoring and notification needs. Unless otherwise indicated in the Quote, all monitoring and alert -type services are limited to detection and notification functionalities only. Monitoring levels will be set by Forum Info -Tech, and Client shall not modify these levels without our prior written consent. Configuration of Third Party Services Certain third party services provided to you under this Services Guide may provide you with administrative access through which you could modify the configurations, features, and/or functions ("Configurations") of those services. However, any modifications of Configurations made by you without our knowledge or authorization could disrupt the Services and/or or cause a significant increase in the fees charged for those third party services. For that reason, we strongly advise you to refrain from changing the Configurations unless we authorize those changes. You will be responsible for paying any increased fees or costs arising from or related to changes to the Configurations. Dark Web Monitoring Our dark web monitoring services utilize the resources of third -party solution providers. Dark web monitoring can be a highly effective tool to reduce the risk of certain types of cybercrime; however, we do not guarantee that the dark web monitoring service will detect all actual or potential uses of your designated credentials or information. Modification of Environment Changes made to the Environment without our prior authorization or knowledge may have a substantial, negative impact on the provision and effectiveness of the Services and may impact the fees charged under the Quote. You agree to refrain from moving, modifying, or otherwise altering any portion of the Environment without our prior knowledge or consent. For example, you agree to refrain from adding or removing hardware from the Environment, installing applications on the Environment, or modifying the configuration or log files of the Environment without our prior knowledge or consent. Co -Managed Environment In co -managed situations (e.g., where you have designated other vendors or personnel, or "Co -managed Providers," to provide you with services that overlap or conflict with the Services provided by us), we will endeavor to implement the Services in an efficient and effective manner; however, (a) we will not be responsible for the acts or omissions of Co -Managed Providers, or the remediation of any problems, errors, or downtime associated with those acts or omissions, and (b) in the event that a Co -managed Provider's determination on an issue differs from our position on a Service -related matter, we will yield to the Co - Managed Provider's determination and bring that situation to your attention Anti -Virus; Anti-Malware Our anti-virus / anti-malware solution will generally protect the Environment from becoming infected with new viruses and malware ("Viruses"); however, Viruses that exist in the Environment at the time that the security solution is implemented may not be capable of being removed without additional services, for which a charge may be incurred. We do not warrant or guarantee that all Viruses and malware will be capable of being detected, avoided, or removed, or that any data erased, corrupted, or encrypted by malware will be recoverable. To improve security awareness, you agree that Forum Info -Tech or its designated third party affiliate may transfer information about the results of processed files, information used for URL reputation determination, security risk tracking, and statistics for protection against spam and malware. Any information obtained in this manner does not and will not contain any personal or confidential information. Breach/Cyber Security Incident Recovery Unless otherwise expressly stated in the Quote, the scope of the Services does not include the remediation and/or recovery from a Security Incident (defined below). Such services, if requested by you, will be provided on a time and materials basis under our then -current hourly labor rates. Given the varied number of possible Security Incidents, we cannot and do not warrant or guarantee (i) the amount of time required to remediate the effects of a Security Incident (or that recovery will be possible under all circumstances), or (ii) that all data or systems impacted by the incident will be recoverable or remediated. For the purposes of this paragraph, a Security Incident means any unauthorized or impermissible access to or use of the Environment, or any unauthorized or impermissible disclosure of Client's confidential information (such as user names, passwords, etc.), that (i) compromises the security or privacy of the information or applications in, or the structure or integrity of, the managed environment, or (ii) prevents normal access to the managed environment, or impedes or disrupts the normal functions of the managed environment. Environmental Factors Exposure to environmental factors, such as water, heat, cold, or varying lighting conditions, may cause installed equipment to malfunction. Unless expressly stated in the Quote, we do not warrant or guarantee that installed equipment will operate error -free or in an uninterrupted manner, or that any video or audio equipment will clearly capture and/or record the details of events occurring at or near such equipment under all circumstances. Fair Usage Policy Our Fair Usage Policy ("FUP") applies to all services that are described or designated as "unlimited" or which are not expressly capped in the number of available usage hours per month. An "unlimited" service designation means that, subject to the terms of this FUP, you may use the applicable service as reasonably necessary for you to enjoy the use and benefit of the service without incurring additional time -based or usage -based costs. However, unless expressly stated otherwise in the Quote, all unlimited services are provided during our normal business hours only and are subject to our technicians' availabilities, which cannot always be guaranteed. In addition, we reserve the right to assign our technicians as we deem necessary to handle issues that are more urgent, critical, or pressing than the request(s) or issue(s) reported by you. Consistent with this FUP, you agree to refrain from (i) creating urgent support tickets for non -urgent or non-critical issues, (ii) requesting excessive support services that are inconsistent with normal usage patterns in the industry (e.g., requesting support in lieu of training), (iii) requesting support or services that are intended to interfere, or may likely interfere, with our ability to provide our services to our other customers, or (iv) declining to work with the technician we select to work on your particular issue or problem. Hosted Email You are solely responsible for the proper use of any hosted email service provided to you ("Hosted Email"). Hosted Email solutions are subject to acceptable use policies ("AUPs"), and your use of Hosted Email must comply with those AUPs—including ours. In all cases, you agree to refrain from uploading, posting, transmitting or distributing (or permitting any of your authorized users of the Hosted Email to upload, post, transmit or distribute) any prohibited content, which is generally content that (i) is obscene, illegal, or intended to advocate or induce the violation of any law, rule or regulation, or (ii) violates the intellectual property rights or privacy rights of any third party, or (iii) mischaracterizes you, and/or is intended to create a false identity or to otherwise attempt to mislead any person as to the identity or origin of any communication, or (iv) interferes or disrupts the services provided by Forum Info -Tech or the services of any third party, or (v) contains Viruses, trojan horses or any other malicious code or programs. In addition, you must not use the Hosted Email for the purpose of sending unsolicited commercial electronic messages ("SPAM") in violation of any federal or state law. Forum Info -Tech reserves the right, but not the obligation, to suspend Client's access to the Hosted Email and/or all transactions occurring under Client's Hosted Email account(s) if Forum Info -Tech believes, in its discretion, that Client's email account(s) is/are being used in an improper or illegal manner. Patch Management We will keep all managed hardware and managed software current with critical patches and updates ("Patches") as those Patches are released by the applicable manufacturers. Patches are developed by third party vendors and, on rare occasions, may make the Environment, or portions of the Environment, unstable or cause the managed equipment or software to fail to function properly even when the Patches are installed correctly. We will not be responsible for any downtime or losses arising from or related to the installation or use of any Patch. We reserve the right, but not the obligation, to refrain from installing a Patch if we are aware of technical problems caused by a Patch, or we believe that a Patch may render the Environment, or any portion of the Environment, unstable. Backup (BDR) Services All data transmitted over the Internet may be subject to malware and computer contaminants such as viruses, worms and trojan horses, as well as attempts by unauthorized users, such as hackers, to access or damage Client's data. Neither Forum Info -Tech nor its designated affiliates will be responsible for the outcome or results of such activities. BDR services require a reliable, always -connected internet solution. Data backup and recovery time will depend on the speed and reliability of your internet connection. Internet and telecommunications outages will prevent the BDR services from operating correctly. In addition, all computer hardware is prone to failure due to equipment malfunction, telecommunication -related issues, etc., for which we will be held harmless. Due to technology limitations, all computer hardware, including communications equipment, network servers and related equipment, has an error transaction rate that can be minimized, but not eliminated. Forum Info -Tech cannot and does not warrant that data corruption or loss will be avoided, and Client agrees that Forum Info -Tech shall be held harmless if such data corruption or loss occurs. Client is strongly advised to keep a local backup of all of stored data to mitigate against the unintentional loss of data. Procurement Equipment and software procured by Forum Info -Tech on Client's behalf ("Procured Equipment") may be covered by one or more manufacturer warranties, which will be passed through to Client to the greatest extent possible. By procuring equipment or software for Client, Forum Info -Tech does not make any warranties or representations regarding the quality, integrity, or usefulness of the Procured Equipment. Certain equipment or software, once purchased, may not be returnable or, in certain cases, may be subject to third party return policies and/or re -stocking fees, all of which shall be Client's responsibility in the event that a return of the Procured Equipment is requested. Forum Info -Tech is not a warranty service or repair center. Forum Info -Tech will facilitate the return or warranty repair of Procured Equipment; however, Client understands and agrees that (i) the return or warranty repair of Procured Equipment is governed by the terms of the warranties (if any) governing the applicable Procured Equipment, for which Forum Info -Tech will be held harmless, and (ii) Forum Info -Tech is not responsible for the quantity, condition, or timely delivery of the Procured Equipment once the equipment has been tendered to the designated shipping or delivery courier. Business Review / IT Strategic Planning Meetings We strongly suggest that you participate in business review/strategic planning meetings as may requested by us from time to time. These meetings are intended to educate you about recommended (and potentially crucial) modifications to your IT environment, as well as to discuss your company's present and future IT - related needs. These reviews can provide you with important insights and strategies to make your managed IT environment more efficient and secure. You understand that by suggesting a particular service or solution, we are not endorsing any specific manufacturer or service provider. VCTO or VCIO Services The advice and suggestions provided by us in our capacity as a virtual chief technology or information officer will be for your informational and/or educational purposes off. Forum Info -Tech will not hold an actual director or officer position in Client's company, and we will neither hold nor maintain any fiduciary relationship with Client. Under no circumstances shall Client list or place Forum Info -Tech on Client's corporate records or accounts. Sample Policies, Procedures. From time to time, we may provide you with sample (i.e., template) policies and procedures for use in connection with Client's business ("Sample Policies"). The Sample Policies are for your informational use only, and do not constitute or comprise legal or professional advice, and the policies are not intended to be a substitute for the advice of competent counsel. You should seek the advice of competent legal counsel prior to using or distributing the Sample Policies, in part or in whole, in any transaction. We do not warrant or guarantee that the Sample Policies are complete, accurate, or suitable for your (or your customers') specific needs, or that you will reduce or avoid liability by utilizing the Sample Policies in your (or your customers') business operations. Penetration Testing; Vulnerability Assessment You understand and agree that security devices, alarms, or other security measures, both physical and virtual, may be tripped or activated during the penetration testing process, despite our efforts to avoid such occurrences. You will be solely responsible for notifying any monitoring company and all law enforcement authorities of the potential for "false alarms" due to the provision of the penetration testing services, and you agree to take all steps necessary to ensure that false alarms are not reported or treated as "real alarms" or credible threats against any person, place or property. Some alarms and advanced security measures, when activated, may cause the partial or complete shutdown of the Environment, causing substantial downtime and/or delay to your business activities. We will not be responsible for any claims, costs, fees or expenses arising or resulting from (i) any response to the penetration testing services by any monitoring company or law enforcement authorities, or (ii) the partial or complete shutdown of the Environment by any alarm or security monitoring device. No Third Party Scanning Unless we authorize such activity in writing, you will not conduct any test, nor request or allow any third party to conduct any test (diagnostic or otherwise), of the security system, protocols, processes, or solutions that we implement in the managed environment ("Testing Activity"). Any services required to diagnose or remediate errors, issues, or problems arising from unauthorized Testing Activity are not covered under the Quote, and if you request us (and we elect) to perform those services, those services will be billed to you at our then -current hourly rates. Obsolescence If at any time any portion of the managed environment becomes outdated, obsolete, reaches the end of its useful life, or acquires "end of support" status from the applicable device's or software's manufacturer ("Obsolete Element"), then we may designate the device or software as "unsupported" or "non-standard" and require you to update the Obsolete Element within a reasonable time period. If you do not replace the Obsolete Element reasonably promptly, then in our discretion we may (i) continue to provide the Services to the Obsolete Element using our "best efforts" only with no warranty or requirement of remediation whatsoever regarding the operability or functionality of the Obsolete Element, or (ii) eliminate the Obsolete Element from the scope of the Services by providing written notice to you (email is sufficient for this purpose). In any event, we make no representation or warranty whatsoever regarding any Obsolete Element or the deployment, service level guarantees, or remediation activities for any Obsolete Element. Licenses If we are required to re -install or replicate any software provided by you as part of the Services, then it is your responsibility to verify that all such software is properly licensed. We reserve the right, but not the obligation, to require proof of licensing before installing, re -installing, or replicating software into the managed environment. The cost of acquiring licenses is not included in the scope of the Quote unless otherwise expressly stated therein. VOIP — Dialing 911 (Emergency) Services The following terms and conditions apply to your use of any VoIP service that we facilitate for you or that is provided to you by a third parry provider of such service. Please note, by using VoIP services you agree to the provisions of the waiver at the end of this section. If you do not understand or do not agree with any of the terms below, you must not subscribe to, use, or rely upon any VoIP service and, instead, you must contact us immediately. There is an important difference in how 9-1-1 (i.e., emergency) services can be dialed using a VoIP service as compared to a traditional telephone line. Calling emergency services using a VoIP service is referred to as "E911." Registration: You are responsible for activating the E911 dialing feature by registering the address where you will use the VoIP service. This will not be done for you, and you must take this step on your own initiative. To do this, you must log into your VoIP control panel and provide a valid physical address. If you do not take this step, then E911 services may not work correctly, or at all, using the VoIP service. Emergency service dispatchers will only send emergency personnel to a properly registered E911 service address. Location: The address you provide in the control panel is the location to which emergency services (such as the fire department, the police department, etc.) will respond. For this reason, it is important that you correctly enter the location at which you are using the VoIP services. PO boxes are not proper addresses for registration and must not be used as your registered address. Please note, even if your account is properly registered with a correct physical address, (i) there may be a problem automatically transmitting a caller's physical location to the emergency responders, even if the caller can reach the 911 call center, and (ii) a VoIP 911 call may go to an unstaffed call center administrative line or be routed to a call center in the wrong location. These issues are inherent to all VoIP systems and services. We will not be responsible for, and you agree to hold us harmless from, any issues, problems, incidents, damages (both bodily- and property -related), costs, expenses, and fees arising from or related to your failure to register timely and correctly your physical location information into the control panel. Address Change Us: If you change the address used for E911 calling, the E911 services may not be available and/or may operate differently than expected. Moreover, if you do not properly and promptly register a change of address, then emergency services may be directed to the location where your services are registered and not where the emergency may be occurring. For that reason, you must register a change of address with us through the VoIP control panel no less than three (3) business days prior to your anticipated move/address change. Address changes that are provided to us with less than three (3) business days notice may cause incorrect/outdated information to be conveyed to emergency service personnel. If you are unable to provide us with at least three (3) business days notice of an address change, then you should not rely on the E911 service to provide correct physical location information to emergency service personnel. Under those circumstances, you must provide your correct physical location to emergency service dispatchers if you call them using the VoIP services. If you do not register the VoIP service at your location and you dial 9-1-1, that call will be categorized as a "rogue 911 call." If you are responsible for dialing a rogue 911 call, you will be charged a non-refundable and non -disputable fee of $250/call. Power Loss: If you lose power or there is a disruption to power at the location where the VoIP services are used, then the E911 calling service will not function until power is restored. You should also be aware that after a power failure or disruption, you may need to reset or reconfigure the device prior to utilizing the service, including E911 dialing. Internet Disruption: If your internet connection or broadband service is lost, suspended, terminated or disrupted, E911 calling will not function until the internet connection and/or broadband service is restored. Account Suspension: If your account is suspended or terminated, then all E911 dialing services will not function. Network Congestion: There may be a greater possibility of network congestion and/or reduced speed in the routing of E911 calls as compared to 911 dialing over traditional public telephone networks. WAIVER: You hereby agree to release, indemnify, defend, and hold us and our officers, directors, representatives, agents, and any third party service provider that furnishes VoIP-related services to you, harmless from any and all claims, damages, losses, suits or actions, fines, penalties, costs and expenses (including, but not limited to, attorneys' fees), whether suffered, made, instituted or asserted by you or by any other party or person (collectively, "Claims") arising from or related to the VoIP services, including but not limited to any failure or outage of the VoIP services, incorrect routing or use of, or any inability to use, E911 dialing features. The foregoing waiver and release shall not apply to Claims arising from our gross negligence, recklessness, or willful misconduct. Acceptable Use Policy The following policy applies to all hosted services provided to you, including but not limited to (and as applicable) hosted applications, hosted websites, hosted email services, and hosted infrastructure services ("Hosted Services"). Forum Info -Tech does not routinely monitor the activity of hosted accounts except to measure service utilization and/or service uptime, security -related purposes and billing -related purposes, and as necessary for us to provide or facilitate our managed services to you; however, we reserve the right to monitor Hosted Services at any time to ensure your compliance with the terms of this Acceptable Use Policy (this "AUP") and our master services agreement, and to help monitor and ensure the safety, integrity, reliability, or security of the Hosted Services. Similarly, we do not exercise editorial control over the content of any information or data created on or accessible over or through the Hosted Services. Instead, we prefer to advise our customers of inappropriate behavior and any necessary corrective action. If, however, Hosted Services are used in violation of this AUP, then we reserve the right to suspend your access to part or all of the Hosted Services without prior notice. Violations of this AUP: The following constitute violations of this AUP: • Harmful or illegal uses: Use of a Hosted Service for illegal purposes or in support of illegal activities, to cause harm to minors or attempt to contact minors for illicit purposes, to transmit any material that threatens or encourages bodily harm or destruction of property or to transmit any material that harasses another is prohibited. • Fraudulent activity: Use of a Hosted Service to conduct any fraudulent activity or to engage in any unfair or deceptive practices, including but not limited to fraudulent offers to sell or buy products, items, or services, or to advance any type of financial scam such as "pyramid schemes," "Ponzi schemes," and "chain letters" is prohibited. • Forgery or impersonation: Adding, removing, or modifying identifying network header information to deceive or mislead is prohibited. Attempting to impersonate any person by using forged headers or other identifying information is prohibited. The use of anonymous remailers or nicknames does not constitute impersonation. • SPAM: Forum Info -Tech has a zero tolerance policy for the sending of unsolicited commercial email ("SPAM"). Use of a Hosted Service to transmit any unsolicited commercial or unsolicited bulk e-mail is prohibited. You are not permitted to host, or permit the hosting of, sites or information that is advertised by SPAM from other networks. To prevent unnecessary blacklisting due to SPAM, we reserve the right to drop the section of IP space identified by SPAM or denial -of -service complaints if it is clear that the offending activity is causing harm to parties on the Internet, if open relays are on the hosted network, or if denial of service attacks are originated from the hosted network. • Internet Relay Chat (IRC). The use of IRC on a hosted server is prohibited. • Open or "anonymous" proxy: Use of open or anonymous proxy servers is prohibited. • Crypto mining. Using any portion of the Hosted Services for mining cryptocurrency or using any bandwidth or processing power made available by or through a Hosted Services for mining cryptocurrency, is prohibited. • Hosting spammers: The hosting of websites or services using a hosted server that supports spammers, or which causes (or is likely to cause) our IP space or any IP space allocated to us or our customers to be listed in any of the various SPAM databases, is prohibited. Customers violating this policy will have their server immediately removed from our network and the server will not be reconnected until such time that the customer agrees to remove all traces of the offending material immediately upon reconnection and agree to allow Forum Info -Tech to access the server to confirm that all material has been completely removed. Any subscriber guilty of a second violation may be immediately and permanently removed from the hosted network for cause and without prior notice. • Email/message forging: Forging any email message header, in part or whole, is prohibited. • Unauthorized access: Use of the Hosted Services to access, or to attempt to access, the accounts of others or to penetrate, or attempt to penetrate, Forum Info-Tech's security measures or the security measures of another entity's network or electronic communications system, whether or not the intrusion results in the corruption or loss of data, is prohibited. This includes but is not limited to accessing data not intended for you, logging into or making use of a server or account you are not expressly authorized to access, or probing the security of other networks, as well as the use or distribution of tools designed for compromising security such as password guessing programs, cracking tools, or network probing tools. • IP infringement: Use of a Hosted Service to transmit any materials that infringe any copyright, trademark, patent, trade secret or other proprietary rights of any third party, is prohibited. • Collection of personal data: Use of a Hosted Service to collect, or attempt to collect, personal information about third parties without their knowledge or consent is prohibited. • Network disruptions and sundry activity. Use of the Hosted Services for any activity which affects the ability of other people or systems to use the Hosted Services or the internet is prohibited. This includes "denial of service" (DOS) attacks against another network host or individual, "flooding" of networks, deliberate attempts to overload a service, and attempts to "crash" a host. • Distribution of malware: Intentional distribution of software or code that attempts to and/or causes damage, harassment, or annoyance to persons, data, and/or computer systems is prohibited. • Excessive use or abuse of shared resources: The Hosted Services depend on shared resources. Excessive use or abuse of these shared network resources by one customer may have a negative impact on all other customers. Misuse of network resources in a manner which impairs network performance is prohibited. You are prohibited from excessive consumption of resources, including CPU time, memory, and session time. You may not use resource -intensive programs which negatively impact other customers or the performances of our systems or networks. • Allowing the misuse of your account: You are responsible for any misuse of your account, even if the inappropriate activity was committed by an employee or independent contractor. You shall not permit your hosted network, through action or inaction, to be configured in such a way that gives a third party the capability to use your hosted network in an illegal or inappropriate manner. You must take adequate security measures to prevent or minimize unauthorized use of your account. It is your responsibility to keep your account credentials secure. To maintain the security and integrity of the hosted environment, we reserve the right, but not the obligation, to filter content, DNS requests, or website access for any web requests made from within the hosted environment. Revisions to this AUP: We reserve the right to revise or modify this AUP at any time. Changes to this AUP shall not be grounds for early contract termination or non-payment. ta ATTACHMENT 3 NON -COLLUSION AFFIDAVIT FORM Must be executed by proposer and submitted with the proposal BjRi�ty 614UK LPI (name) hereby declare as follows. I am�r ofICJI (Title) (Company) the party making the foregoing proposal, that the proposal is not made in the interest of, or on behalf of, any undisclosed person, partnership, company, association, organization, or corporation; that the proposal is genuine and not collusive or sham; that the proposer has not directly or indirectly induced or solicited any other proposer to put in a false or sham proposal, and has not directly or indirectly colluded, conspired, connived, or agreed with any proposer or anyone else to put in a sham proposal, or that anyone shall refrain from proposing; that the proposer has not in any manner, directly or indirectly, sought by agreement, communication, or conference with anyone to fix the proposal price of the proposer or any other proposer, or to fix any overhead, profit, or cost element of the proposal price, or of that of any other proposer, or to secure any advantage against the public body awarding the agreement of anyone interested in the proposed agreement; that all statements contained in the proposal are true; and, further, that the proposer has not, directly or indirectly, submitted his or her proposal price or any breakdown thereof, or the contents thereof, or divulged information or data relative hereto, or paid, and will not pay, any fee to any corporation, partnership, company, association, organization, proposal depository, or to any member or agent thereof to effectuate a collusive or sham proposal. I declare under penalty of perjury under the laws of the State of California that the foregoing is true and correct. /:? Proposer Signature: Proposer Name: Proposer Title: Company Name: Address: T 4rCE O I d 0 w �cbUT91,CLiekk1Z6'rE 105-231 WROW- 6 CAA 29 g 2 Page 12 of 13 ATTACHMENT 4 CEMENT OF RECEIR7 OF ADDENDA ACKNUwLED asai; cuted by proposer and submitted with the pra A been issued, mark "NIA" under Addendum No• Most be exeindicating If no addenda has b Not Applicable and sign Page 13 of 13 4aara ATTACHMENT 2 INSURANCE REQUIREMENTS ACKNOWLEDGEMENT Must be executed by proposer and submitted with the proposal I, Biren Shukla hereby acknowledge and confirm that Forum Info -Tech has reviewed the City's indemnification and minimum insurance requirements as listed in Exhibits E and F of the City's Agreement for Contract Services (Attachment 1); and declare that insurance certificates and endorsements verifying compliance will be provided if an agreement is awarded. I am President and CEO of Forum Info -Tech. (Title) (Company) Commercial General Liability (at least as broad as ISO CG 0001) $1,000,000 (per occurrence); $2,000,000 (general aggregate) Must include the following endorsements: General Liability Additional Insured General Liability Primary and Noncontributory Commercial Auto Liability (at least as broad as ISO CA 0001) $1,000,000 (per accident) Personal Auto Declaration Page if applicable Errors and Omissions Liability $1,000,000 (per claim and aggregate) Worker's Compensation (per statutory requirements) Must include the following endorsements: Worker's Compensation Waiver of Subrogation Worker's Compensation Declaration of Sole Proprietor if applicable Cyber Liability $1,000,000 (per occurrence) $2,000,000 (general aggregate) Forum Info -Tech Master Services Agreement Hello and thank you for trusting Forum Info -Tech, Inc. ("Forum IT," "we," "us," or "our") to provide you with professional information technology services. This Master Services Agreement (this "Agreement") governs our business relationship with you, so please read this document carefully and keep a copy for your records. SCOPE a) Context. Throughout this Agreement, references to "Client," "you," or "your" mean the entity who has accepted a quote, proposal, service order, or similar document (electronic or otherwise) from Forum IT. (In this Agreement we refer collectively to these type of documents as a "Quote," although the actual title(s) or caption(s) of the service - related document might vary.) b) Scope of Services. This is a "master" agreement and, as such, specific services are not listed in this Agreement. Instead, any services to be provided to you or facilitated for you (as applicable) will be described in a Quote (collectively, "Services"). The scope of our engagement with you is limited to those services expressly listed in a Quote; all other services, projects, and related matters are out -of -scope and will not be provided to you unless we expressly agree to do so in writing (collectively, "Out of Scope Services"). In addition to a Quote, the Services are also defined, clarified, and governed under an additional document that we will refer to in this Agreement as a "Services Guide." Our Services Guide is akin to a "user manual" that provides important and binding details about the Services, for example, (i) how the Services are provided/delivered, (ii) service levels applicable to the Services, (iii) additional payment terms/obligations, and (iv) auto -renewal terms for the Services. Please read both the Quote and the Services Guide before accepting the Quote. If you have any questions about either of those documents or this Agreement, please do not sign the Quote and, instead, contact us for more information. c) Version. Each Quote will be governed under the version of this Agreement that is in place as of the "last updated" date indicated at the bottom of this document. For that reason, you should keep a copy of this document and make a note of the date indicated below when you accept a Quote. d) Conflicts. The provisions of a Quote govern over conflicting or different terms contained in this Agreement and the Services Guide—this allows us to craft solutions to meet your needs by making applicable changes in the Quote. Conflicting language between the Services Guide and this Agreement will be interpreted in favor of the Services Guide. e) Third Party Providers/Services. Some services may be provided to you directly by our personnel, such as situations in which our personnel install software agents on managed devices or physically install equipment at your premises. These services are distinguishable from services that are provided to you or us by third party providers, who are often referred to in the industry as "upstream providers." (In this Agreement, we refer to upstream providers as "Third Party Providers" and the services that are provided by Third Party Providers are referred to as "Third Party Services"). By way of example, Third Party Services may include help desk services, malware detection and remediation services, firewall and endpoint security -related services, backup and disaster recovery solutions, and the provision of software used to monitor the managed part of your network, among others. i. Selection. As your managed information technology provider, we will select the Third Party Providers that provide services appropriate for your managed information technology environment (the "Environment") and facilitate the provision of Third Party Services to you. Not all Third Party Services will be expressly identified as being provided by a Third Party Provider, and we reserve the right to change Third Party Providers in our sole discretion as long as the change does not materially diminish the Services that we are obligated to provide or facilitate under a Quote. ii. Reseller. We are resellers and/or facilitators of the Third Party Services and do not provide those services to you directly. For this reason, we are not and cannot be responsible for any defect, omission, or failure of any Third Party Service or any failure of any Third Party Provider to provide its services to you or to us. Third Party Services are provided on an "as is" basis only. If an issue requiring remediation arises with a Third Party Service, then we will endeavor to provide a reasonable workaround or, if available, a "temporary fix" for the situation; however, we do not warrant or guarantee that any particular workaround or fix will be available or achieve any particular result, or that Third Party Services will run in an uninterrupted or error -free manner. iii. Pass Through Increases. We reserve the right to pass through to you any increases in the costs and/or fees charged by Third Party Providers for the Third Party Services ("Pass Through Increases"). Since we do not control Third Party Providers, we cannot predict whether such price increases will occur, however, should they occur, we will endeavor to provide you with as much advance notice as reasonably possible. IMPLEMENTATION a. Advice; Instructions. From time to time, we may offer you specific advice and directions related to the Services ("Advice"). For example, our Advice may include increasing server or hard drive capacity, increasing CPU power, replacing obsolete equipment, or requesting that you refrain from engaging in acts that disrupt the Environment or that make the Environment less secure. You are strongly advised to promptly follow our Advice which, depending on the situation, may require you to make additional purchases or investments in the Environment at your sole cost. We are not responsible for any problems or issues (such as downtime or security -related issues) caused by your failure to promptly follow our Advice. If, in our reasonable discretion, your failure to follow our Advice makes part or all of the Services economically or technically unreasonable or impracticable to provide or facilitate, then we may terminate the applicable Services for Cause (explained below) by providing notice of termination to you or, alternatively, we may adjust the scope of the Quote to exclude any impacted or affected portion of the Environment. Unless specifically and expressly stated in writing by us (such as in a Quote), any services required to remediate issues caused by your failure to follow our Advice, or your unauthorized modification of the Environment, as well as any services required to bring the Environment up to or maintain the Minimum Requirements (defined below), are out -of -scope. i. Shared Responsibility. Some Services utilize a "shared responsibility" model, meaning that they may require your input, analysis, and/or ongoing participation to function efficiently and effectively. (For example, anti-malware solutions generally protect a managed system against malware-related issues, however, those solutions are most effective if a network's users remain vigilant against, and educated about, the various threats that exist online.) Please refer to the Services Guide to ensure that you remain knowledgeable about recommended best practices and responsibilities that may be imposed upon you for the proper implementation and operation of the Services. ii. Co -Management. In co -managed situations (e.g., where you have designated other vendors or personnel, or "Co - Managed Providers," to provide you with services that overlap or conflict with the Services provided or facilitated by us), we will endeavor to implement the Services in an efficient and effective manner; however, (a) we will not be responsible for the acts or omissions of Co -Managed Providers, or the remediation of any problems, errors, or downtime associated with those acts or omissions, and (b) in the event that a Co -Managed Provider's determination on an issue differs from our position on a Service -related matter, we will yield to the Co -Managed Provider's determination and bring that situation to your attention. iii. Prioritization. All Services will be implemented and/or facilitated (as applicable) on a schedule, and in a prioritized manner, as we determine reasonable and necessary. Exact commencement/ start dates may vary or deviate from the dates we state to you depending on the Services being provided and the extent to which prerequisites (if any), such as transition or onboarding activities, must be completed. iv. Modifications. To avoid a delay or negative impact on the Services, we strongly recommend that you refrain from modifying or moving the Environment, or installing software in the Environment, unless we expressly authorize such activity. In all situations (including those in which we are co -managing an Environment with your as described above), we will not be responsible for changes to the Environment that are not authorized by us or any issues or errors that arise from those changes. b) Third Party Support. If, in our discretion, a hardware or software issue requires vendor or OEM support, we may contact the vendor or OEM (as applicable) on your behalf and invoice you for all fees and costs involved in that process ("OEM Fees"). If OEM Fees are anticipated in advance, we will endeavor to obtain your permission before incurring such expenses on your behalf unless exigent circumstances require us to act otherwise. We do not warrant or guarantee that the payment of OEM Fees will resolve any particular problem or issue, it being understood that the resolution process can sometimes require the payment of OEM Fees to narrow (or potentially eliminate) potential issues. c) Authorized Contact(s). We will be entitled to rely on any directions or consent provided by your personnel or representatives who you designate to provide such directions or consent ("Authorized Contacts"). If no Authorized Contact is identified in an applicable Quote or if a previously identified Authorized Contact is no longer available to us, then your Authorized Contact will be the person (i) who accepted the Quote, and/or (ii) who is generally designated by you during our relationship to provide us with direction or guidance. We will be entitled to rely upon directions and guidance from your Authorized Contact until we are affirmatively made aware of a change of status of the Authorized Contact. If your change is provided to us in writing (physical document or by email), then the change will be implemented within two (2) business days after the first business day on which we receive your change notice. If your change notice is provided to us in person or by telephone (live calls only), the change will be implemented on the same business day in which the conversation takes place. Do not use a ticketing system or help desk request to notify us about the change of an Authorized Contact; similarly, do not leave a recorded message for us informing us of a change to your Authorized Contact. We reserve the right but not the obligation to delay the Services until we can confirm the Authorized Contact's authority within your organization. d) Access. You hereby grant to us and our designated Third Party Providers the right to monitor, diagnose, manipulate, communicate with, retrieve information from, and otherwise access the Environment solely as necessary to enable us or those providers, as applicable, to provide the Services. Depending on the Service, we may be required to install one or more software agents into the Environment through which such access may be enabled. It is your responsibility to secure, at your own cost and prior to the commencement of any Services, any necessary rights of entry, licenses (including software licenses), permits or other permissions necessary for Forum IT or applicable Third Party Providers to provide the Services to you. Proper and safe environmental conditions must be always provided and assured by you. Forum IT shall not be required to engage in any activity or provide any Services under conditions that pose or may pose a safety or health concern to any personnel, or that would require extraordinary or non -industry standard efforts to achieve. e) Ongoing Requirements. Everything in the managed environment must be genuine and licensed—including all hardware, software, etc. If we ask for proof of authenticity and/or licensing, you must provide us with such proof. If we require certain minimum hardware or software requirements ("Minimum Requirements"), you agree to implement and maintain those Minimum Requirements as an ongoing requirement of us providing the Services to you. f) Response. Our response to issues relating to the Services will be handled in accordance with the provisions of the Quote or, if applicable, Services Guide. In no event will we be responsible for delays in our response or our provision of Services during (i) those periods of time covered under the Transition Exception (defined below), or (ii) periods of delay caused by Scheduled Down Time, Client -Side Downtime, Vendor -Side Downtime (all defined below). or (iii) periods in which we are required to suspend the Services to protect the security or integrity of the Environment or our equipment or network, or (iv) delays caused by a force majeure event. i. Scheduled Downtime. For the purposes of this Agreement, Scheduled Downtime will mean those hours, as determined by us but which will not occur between the hours of 9:00 AM and 5:00 PM Pacific Time, Monday through Friday without your authorization or unless exigent circumstances exist, during which time we will perform scheduled maintenance or adjustments to the Environment. We will use our best efforts to provide you with at least twenty-four (24) hours of notice prior to scheduling Scheduled Downtime. ii. Client -Side Downtime. We will not be responsible under any circumstances for any delays or deficiencies in the provision of, or access to, the Services to the extent that such delays or deficiencies are caused by your actions or omissions ("Client -Side Downtime"). Client -Side Downtime includes, but is not limited to, any period of time during which we require your participation, or we require information, directions, or authorization from you but cannot reach your Authorized Contact(s). iii. Vendor -Side Downtime. We will not be responsible under any circumstances for any delays or deficiencies in the provision of, or access to, the Services to the extent that such delays or deficiencies are caused by third party service providers, third party licensors, or "upstream" service or product vendors. iv. Transition Exception. You acknowledge and agree that for the first forty-five (45) days following the commencement date of any Service, as well as any period of time during which we are performing off -boarding - related services (e.g., assisting you in the transition of the Services to another provider, terminating a service, etc.), the response time commitments provided to you will not apply to us, it being understood that there may be unanticipated downtime or delays related to those activities (the "Transition Exception"). FEES; PAYMENT a) Fees. You agree to pay the fees, costs, and expenses charged by us for the Services in accordance with the amounts, methods, restrictions, and schedules described in each Quote and the Services Guide ("Fees"). In addition to the Fees, you are responsible for any miscellaneous costs and expenses (not to exceed $250/month without your prior consent) that we incur in providing or facilitating the Services to you ("Miscellaneous Expenses"). Miscellaneous Expenses will generally appear as a line item entry on your invoice(s) and may include, for example, small device purchases (such as a UPS), delivery/postal/courier costs, data migration tools, and registration/service initiation fees charged by Third Party Providers. You are responsible for sales tax and any other taxes or governmental fees associated with the Services. If you qualify for a tax exemption, you must provide us with a valid certificate of exemption or other appropriate proof of exemption. You are also responsible for all freight, insurance, and taxes (including but not limited to import or export duties, sales, use, value add, and excise taxes). b) Reconciliation. Fees for certain Third Party Services that we facilitate or resell to you may begin to accrue prior to the "go -live" date of an applicable Service. (For example, Microsoft Azure or AWS -related fees begin to accrue on the first date on which we start creating and/or configuring certain hosted portions of the Environment; however, the Services that rely on Microsoft Azure or AWS may not be available to you until a future date). -You understand and agree that you will be responsible for the payment of all fees for Third Party Services that are required to begin prior to the "go- live" date of Services ("Initial Fees"), and we reserve the right to reconcile amounts owed for Initial Fees by including those fees on your monthly invoices. c) Nonpayment. Fees that remain unpaid for more than thirty (30) days when due will be subject to interest on the unpaid amount(s) until and including the date payment is received, at the lower of either 1% per month or the maximum allowable rate of interest permitted by applicable law. We reserve the right, but not the obligation, to suspend part or all of the Services without prior notice to you in the event that any portion of undisputed fees are not timely paid. Monthly or recurring charges (if applicable) will continue to accrue during any period of suspension. Notice of disputes related to fees must be received by us within sixty (60) days after the applicable Service is rendered or the date on which you pay an invoice, whichever is later; otherwise, you waive your right to dispute the fee thereafter. We reserve the right to charge a reasonable reconnect fee (of no more than 10% of your monthly recurring fees) if we suspend the Services due to your nonpayment. d) Minimum Monthly Fees. The initial Fees indicated in Quote are the minimum monthly fees ("MMF") that will be charged to you during the term. You agree that the amounts paid by you under the Quote will not drop below the MMF regardless of the number of users or devices to which the Services are directed or applied, unless we agree to the reduction. All modifications to the amount of hardware, devices, or authorized users under the Quote (as applicable) must be in writing and accepted by both parties. e) Increases. We reserve the right to increase our monthly recurring fees by reflecting the increase on your monthly invoices; provided, however, if a single increase in a calendar year or all such increases, in the aggregate, in a calendar year is/are more than five percent (5%) of the fees charged for the same Services in the prior calendar year, then you will be provided with a sixty (60) day opportunity to terminate the Services by providing us with written notice of termination ("Termination Option Period"). If you timely terminate the Services during the Termination Option Period, you will be responsible for the payment of all fees that accrue up to the termination date and all pre -approved, non- mitigatable expenses that we incurred in our provision of the Services through the date of termination (such as "per seat licensing costs", as discussed below). Your continued acceptance or use of the Services after the Termination Option Period will indicate your acceptance of the increased fees. Pass Through Increases (described in the "Scope" section, above) are independent of any increases to our monthly recurring fees and will not be included in the five percent calculation described in this paragraph. f) Schedule of Payments. Unless otherwise indicated in the Quote, we do not pro -rate our fees for monthly recurring charges, meaning that you will be billed for an entire month of Services regardless of the actual "go -live" or commencement date of the Services. If the Services are anticipated to begin on a day other than the first day of a calendar month, you will be given the option to either (i) postpone the commencement of Services until the first day of the following calendar month, or (ii) agree that the Services will commence immediately, in which case you will be charged for the Services for the entire calendar month without proration. We require automatic payment for all invoiced fees via ACH or credit card. If you authorize payment by credit card and ACH, then the ACH payment method will be attempted first. If that attempt fails for any reason, then we will process payment using your designated credit card. i) ACH. When enrolled in an ACH payment processing method, you authorize us to electronically debit your designated checking or savings account for any payments due under the Quote. This authorization will continue until otherwise terminated in writing by you. We will apply a $20.00 service charge (or the maximum amount permitted by law, whichever is less) to your account for any electronic debit that is returned unpaid due to insufficient funds or due to your bank's electronic draft restrictions. ii) Credit Card. When enrolled in a credit card payment processing method, you authorize us to charge your credit card, as designated by you in our payment portal, for any payments due under the Quote. For each credit card transaction, we reserve the right to add a convenience fee to the applicable invoice which will not exceed the actual costs we incur to accept your credit card. g) Expenses. Any costs or expenses that we incur while providing the Services during a national, state, or local emergency or during a period in which there are fuel, manpower, or other national or local shortages ("State of Emergency") will be invoiced and payable by you. By way of example, such expenses may include incremental increases in the cost of gasoline or electrical power, or the purchase of health or safety equipment reasonably necessary to provide the Services to you. LIMITED WARRANTIES; LIMITATIONS OF LIABILITY a) Hardware / Software Purchases. All equipment, machines, hardware, software licenses, peripherals, or accessories purchased through Forum IT ("Third Party Products") are generally nonrefundable once the item is obtained from Forum IT's third party provider or reseller. If you desire to return a Third Party Product, then the third party provider's or reseller's return policies will apply. We do not guarantee that Third Party Products will be returnable, exchangeable, or that re- stocking fees can or will be avoided, and you agree to be responsible for paying all re -stocking or return -related fees charged by the third party provider or reseller. We will use reasonable efforts to assign, transfer and facilitate all warranties (if any) and service level commitments (if any) for the Third Party Products to you, but will have no liability whatsoever for the quality, functionality, or operability of anyThird Party Products, and we will not be held liable as an insurer or guarantor of the performance, uptime or usefulness of any Third Party Products. You will be responsible for all fees and costs (if any) charged for warranty -related service. All Third Party Products are provided "as is" and without any warranty whatsoever as between Forum IT and you (including but not limited to implied warranties). b) Liability Limitations. This paragraph limits the liabilities arising from the Services and is a bargained -for and material part of our business relationship with you. You acknowledge and agree that Forum IT would not provide any Services, or enter into any Quote or this Agreement, unless Forum IT could rely on the limitations described in this paragraph. In no event will either party be liable for any indirect, special, exemplary, consequential, or punitive damages, such as lost revenue, loss of profits (except for fees due and owing to Forum IT), savings, or other indirect or contingent event -based economic loss arising out of or in connection with the Services, this Agreement, any Quote, or for any breach hereof or for any damages caused by any delay in furnishing Services under this Agreement or any Quote, even if a party has been advised of the possibility of such damages; however, reasonable attorneys' fees awarded to a prevailing party (as described below), your indemnification obligations, and any amounts due and payable pursuant to the non -solicitation provision of this Agreement shall not be limited by the foregoing limitation. Except for the foregoing exceptions, a responsible party's ("Responsible Party's") aggregate liability to the other party ("Aggrieved Party") for damages from any and all claims or causes whatsoever, and regardless of the form of any such action(s), that arise from or relate to this Agreement (collectively, "Claims"), whether in contract, tort, indemnification, or negligence, shall be limited solely to the amount of the Aggrieved Party's actual and direct damages, not to exceed the amount of fees paid by you (excluding hard costs for licenses, hardware, etc.) to Forum IT for the specific Service upon which the applicable claim(s) is/are based during the three (3) month period immediately prior to the date on which the cause of action accrued or $10,000, whichever is greater. The foregoing limitations shall apply even if the remedies listed in this Agreement fail of their essential purpose; however, the limitations shall not apply to the extent that the Claims are caused by a Responsible Party's willful or intentional misconduct, or gross negligence. Similarly, a Responsible Party's liability obligation shall be reduced to the extent that a Claim is caused by, or the result of, the Aggrieved Party's willful or intentional misconduct, gross negligence, or to the extent that the Aggrieved Party failed to reasonably mitigate (or attempt to mitigate, as applicable) the Claims. Under no circumstances shall Forum IT have any liability for any claims or causes of action arising from or related to Out of Scope Services. c) Waiver of Liability for Admin/Root Access. We strongly suggest that you refrain from providing administrative (or "root)" access to the Environment to any party other than Forum IT, as such access by any person other than an Forum IT employee could make the Environment susceptible to serious security and operational issues caused by, among other things, human error, hardware/software incompatibility, malware/virus attacks, and related occurrences. If you request or require us to provide any non -Forum IT personnel (i.e., non -Forum IT employees, such as in a co -managed situation) with administrative or "root" access to any portion of the Environment, then you hereby agree to indemnify and hold us harmless from and against any and all Environment -related issues, downtime, exploitations, and/or vulnerabilities, as well as any damages, expenses, costs, fees, charges, occurrences, obligations, claims, and causes of action (collectively "Claims") arising from or related to any activities that occur, may occur, or were likely to have occurred in or through the Environment at an administrative or root level, as well as any issues, downtime, exploitations, vulnerabilities, or Claims that can reasonably be traced back or connected to activities occurring at the administrative or root level ("Activities") in the Environment provided, of course, that such Activities were not performed or authorized in writing by Forum IT. Forum IT's business records shall be final and determinative proof of whether any Activities were performed or authorized in writing by Forum IT. d) Waiver of Liability for Legacy Devices. As used herein, "Legacy Device" means a piece of equipment, device, hardware, or software that is outdated, obsolete, incompatible with industry -standards, and/or no longer supported by its original manufacturer. Legacy Devices may cause vulnerabilities in your network, or they may fail from time to time or cause other parts or processes of the Environment to operate improperly or (in some cases) fail. If a Legacy Device must remain in the Environment, or if we agree to allow a Legacy Device to operate within the Environment, or if you decline to promptly replace a Legacy Device when we request you to do so, then you understand and agree that (i) neither we nor any Third Party Provider will be responsible forthe remediation of issues arising from or related to the existence or use of the Legacy Device in the Environment, and (ii) we and our Third Party Providers will be held harmless from and against all issues, claims, and causes of action arising from or related to the existence or use of the Legacy Device in the Environment. We strongly advise you to review your company's insurance policies to determine the extent to which the existence of Legacy Devices in the Environment would create an exclusion of insurance coverage in the event of a security -related incident. INDEMNIFICATION Each party (an "Indemnifying Party") agrees to indemnify, defend, and hold the other party (an "Indemnified Party") harmless from and against any and all losses, damages, costs, expenses or liabilities, including reasonable attorneys' fees, (collectively, "Damages") that arise from, or are related to, the Indemnifying Party's breach of this Agreement. The Indemnified Party will have the right, but not the obligation, to control the intake, defense and disposition of any claim or cause of action for which indemnity may be sought under this section. The Indemnifying Party shall be permitted to have counsel of its choosing participate in the defense of the applicable claim(s); however, (i) such counsel shall be retained at the Indemnifying Party's sole cost, and (ii) the Indemnified Party's counsel shall be the ultimate determiner of the strategy and defense of the claim(s) for which indemnity is provided. No claim for which indemnity is sought by an Indemnified Party will be settled without the Indemnifying Party's prior written consent, which shall not be unreasonably delayed or withheld. TERM; TERMINATION Please note: This section contains important provisions relating to the automatic renewal of managed services; please review this section, as well as the terms of your Quote, carefully. There are several dates of which you should be aware, including the effective/termination dates of this Agreement and the effective/termination dates of the Services under a Quote. Each Quote will have its own term and will be terminated only as provided in this Agreement or as provided in the Quote or Services Guide. a) This Agreement. This Agreement applies to all Services and is effective as of the date on which we provide a Service to you or on the date on which you accept a Quote, whichever is earlier ("Effective Date"). This Agreement will terminate automatically (i) if you or we terminate this Agreement For Cause (described below), or (ii) twelve (12) months after the Services have been provided to you. Upon the termination of this Agreement or Services under a Quote, all Services will immediately and permanently cease; however, the termination of this Agreement or Services under a Quote shall not change or eliminate any fees that accrued and/or were payable to us prior to the date of termination, all of which shall be paid by you. Please note, this Agreement shall not be terminated by either party without cause if Services are in progress under a Quote. b) Quotes. The term of the Services will be as indicated in the applicable Quote and Services Guide. The termination of Services under one Quote shall not, by itself, cause the termination of (or otherwise impact) this Agreement or the status or progress of any other Services between the parties. Please note, a Quote and/or Services Guide may provide for auto - renewal of the Services; please review your documents carefully. c) Termination Without Cause. Unless otherwise indicated in the Quote or otherwise permitted under this Agreement, no party will terminate this Agreement without cause if, on the date of termination, Services are in progress. In addition, no party will terminate a Quote without cause prior to the Quote's natural (i.e., specified) expiration or termination date. (By way of example: If a Quote provides for an annual service, then the Services under that Quote cannot be terminated without cause prior to the expiration of one year). If you terminate the Services under a Quote without cause and without Forum IT's consent, then you agree to be responsible for paying the termination fee described in the "Termination for Cause" section, below. a) Termination For Cause. In the event that one party (a "Defaulting Party") commits a material breach under a Quote, Services Guide, or under this Agreement, the non -Defaulting Party will have the right, but not the obligation, to terminate immediately the Services under the relevant Quote (a "For Cause" termination) provided that (i) the non -Defaulting Party has notified the Defaulting Party of the specific details of the breach in writing, and (ii) the Defaulting Party has not cured the default within twenty (20) days (ten (10) days for non-payment by Client) following receipt of written notice of breach from the non -Defaulting Party. i) Remedies for Early Termination. If Forum IT terminates this Agreement or any Quote For Cause, or if you terminate any Services under a Quote without cause prior to such Quote's expiration date, then Forum IT shall be entitled to receive, and you hereby agree to pay to us, all amounts that would have been paid to Forum IT had this Agreement or Quote (as applicable) remained in full effect, calculated using the fees and costs in effect as of the date of termination ("Termination Fee"). If you terminate this Agreement or a Quote For Cause, then you will be responsible for paying only for those Services that were delivered properly and accepted by you up to the effective date of termination, as well as all per -seat licensing fees (described below), and nothing more. ii) Service Tickets. Given the vast number of interactions between hardware, software, wireless, and cloud -based solutions, a managed network may occasionally experience disruptions and/or downtime due to, among other things, hardware/software conflicts, communication -related issues, obsolete equipment, and/or user error ("Conflicts"). We cannot and do not guarantee that such Conflicts will not occur, and you understand and agree that the number of service tickets submitted by you is not, by itself, an indication of default by Forum IT. b) Client Activity as a Basis for Termination. If you or any of your staff, personnel, contractors, or representatives engages in any unacceptable act or behavior that renders it impracticable, imprudent, or unreasonable to provide the Services to you, then in addition to Forum IT's other rights under this Agreement, Forum IT will have the right upon providing you with ten (10) days prior written notice, to terminate this Agreement or the applicable Quote For Cause. c) Consent. You and we may mutually consent, in writing, to terminate a Quote or this Agreement at any time. d) Auto -Renewal. Unless otherwise expressly stated in the Quote, the term of any managed Service that is provided to you on an ongoing and recurring basis and which is invoiced monthly (a "Managed Service") will, unless terminated earlier as per this Agreement, automatically renew for contiguous terms equal to twelve (12) months of the Managed Service unless either party notifies the other of its intention to not renew the Managed Service no less than thirty (30) days before the end of the then -current Managed Service term. For the purposes of clarity, the term of non -Managed Services (such as one-time projects, break/fix assignments, temporary, non-recurring services, etc.) are not subject to auto -renewal. e) Equipment/ Software Removal. Upon termination of this Agreement or applicable Quote for any reason, you will provide us with access, during normal business hours, to your premises or any other locations at which Forum IT Equipment is located to enable us to remove all Forum IT Equipment from the premises. If you fail or refuse to grant Forum IT access as described herein, or if any of the Forum IT Equipment is missing, broken or damaged (normal wear and tear excepted) or any of Forum IT -supplied software is missing, we will have the right to invoice you for, and you hereby agree to pay immediately, the full replacement value of all missing or damaged items. Certain services may require the installation of software agents in the Environment ("Software Agents"). You agree not to remove, disable, circumvent, or otherwise disrupt any Software Agents unless we explicitly direct you to do so. f) Transition; Deletion of Data. If you request our assistance to transition away from our services, we will provide such assistance if (i) all fees due and owing to us are paid to us in full prior to Forum IT providing its assistance to you, and (ii) you agree to pay our then -current hourly rate for such assistance, with up -front amounts to be paid to us as we may require. For the purposes of clarity, it is understood and agreed that the retrieval and provision of passwords, log files, administrative server information, or conversion of data are transition services, and are subject to the preceding requirements. You also understand and agree that any software configurations that we custom create or program for you are our proprietary information and shall not be disclosed to you under any circumstances. Unless otherwise expressly stated in a Quote or Services Guide or prohibited by applicable law, we will have no obligation to store or maintain any Client data in our possession or control following the termination of this Agreement or the applicable Services. CONFIDENTIALITY a) Defined. For the purposes of this Agreement, Confidential Information means all non-public information provided by one party ("Discloser") to the other party ("Recipient"), including but not limited to customer -related data, customer lists, internal documents, internal communications, proprietary reports and methodologies, and related information. Confidential Information will not include information that: (i) has become part of the public domain through no act or omission of the Recipient, (ii) was developed independently by the Recipient, or (iii) is or was lawfully and independently provided to the Recipient prior to disclosure by the Discloser, from a third party who is not and was not subject to an obligation of confidentiality or otherwise prohibited from transmitting such information. b) Use. The Recipient will keep the Confidential Information it receives fully confidential and will not use or disclose such information to any third party for any purpose except (i) as expressly authorized by the Discloser in writing, or (ii) as needed to fulfill its obligations under this Agreement, or (iii) as required by any law, rule, or industry -related regulation. c) Due Care. The Recipient will exercise the same degree of care with respect to the Confidential Information it receives from the Discloser as it normally takes to safeguard and preserve its own confidential and proprietary information, which in all cases will be at least a commercially reasonable level of care. d) Compelled Disclosure. If a Recipient is legally compelled (whether by deposition, interrogatory, request for documents, subpoena, civil investigation, demand or similar process) to disclose any of the Confidential Information, and provided that it is not prohibited by law from doing so, that Recipient will immediately notify the Discloser in writing of such requirement so that the Recipient may seek a protective order or other appropriate remedy and/or waive the Discloser's compliance with the provisions of this Section. The Recipient will use its best efforts, as directed by the Discloser and at the Discloser's expense, to obtain or assist the Recipient in obtaining any such protective order. Failing the entry of a protective order or the receipt of a waiver hereunder, the Recipient may disclose, without liability hereunder, that portion (and only that portion) of the Confidential Information that the Recipient has been advised, by written opinion from its counsel (which shall be shared with the Discloser), that the Recipient is legally compelled to disclose. e) Additional NDA. In our provision of the Services, you and we may be required to enter into one or more additional nondisclosure agreements (each an "NDA") for the protection of a third party's Confidential Information. In that event, the terms of the NDA will be read in conjunction with the terms of the confidentiality provisions of this Agreement, and the terms that protect confidentiality most stringently shall govern the use and destruction of the relevant Confidential Information. If in the normal provision of the Services we are in receipt of or otherwise have access to personal health information (as defined in the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), we will be your business associate as that term is defined under HIPAA and will enter into a mutually agreeable Business Associate Agreement. OWNERSHIP Each party is, and will remain, the owner and/or licensor of all works of authorship, patents, trademarks, copyrights, and other intellectual property owned by such party ("Intellectual Property"), and nothing in this Agreement, any Quote, or a Services Guide conveys or grants any ownership rights or goodwill in one party's Intellectual Property to the other party. For the purposes of clarity, you understand and agree that we own any software, codes, algorithms, or other works of authorship that we create while providing the Services to you. If we provide licenses to you for third party software, then you understand and agree that such software is licensed, and not sold, to you, and your use of that software is subject to the terms and conditions of (i) this Agreement, (ii) the applicable Quote, (iii) written directions supplied to you by us, and (iv) any applicable EULA; no other uses of such third party software are permitted. To the maximum extent permitted by applicable law, we make no warranty or representation, either expressed or implied, with respect to third party software or its quality, performance, merchantability, or fitness for a particular purpose. ARBITRATION Except for undisputed collections actions to recover fees due to us ("Collections"), any dispute, claim or controversy arising from or related to this Agreement, including the determination of the scope or applicability of this agreement to arbitrate, shall be settled by arbitration before one arbitrator who is mutually agreed upon by the parties. The arbitration shall be administered and conducted by the American Arbitration Association (the "AAA") or if there is no AAA -certified arbitrator available within a twenty (20) mile radius of our office, then by any arbitration forum as determined by us, pursuant to the selected forum's arbitration rules for commercial disputes (the "Rules"). In the event of any inconsistency between the Rules and the procedures set forth in this paragraph, the procedures set forth in this paragraph will control. The arbitrator will be experienced in contract, intellectual property and information technology transactions. If the parties cannot agree on an arbitrator within fifteen (15) days after a demand for arbitration is filed, the arbitration venue shall select the arbitrator. The arbitration shall take place in our office unless we agree to a different venue. The arbitrator will determine the scope of discovery in the matter; however, it is the intent of the parties that any discovery proceedings be limited to the specific issues in the applicable matter, and that discovery be tailored to fulfill that intent. Initially, the cost of the arbitration shall be split evenly between the parties; however, the party prevailing in the arbitration shall be entitled to an award of its reasonable attorneys' fees and costs. MISCELLANEOUS a) Changes to Services Guide. Services we provide and/or facilitate may be further described and governed under our Services Guide (described above). We reserve the right, and you hereby agree that we are permitted, to modify our Services Guide (and the Services themselves) from time to time, in our discretion, to accommodate changes in the industry and relevant services required under a Quote. You will be notified of any changes that materially and negatively impact the Services (if any) by email. b) End User Agreements. Portions of the Services may require you to accept the terms of one or more third party end user license agreements (EULAs), third party customer agreements, and/or third party subscription agreements (collectively, "End User Agreements"). If the acceptance of an End User Agreement is required for you to receive any Services, then you hereby grant us permission to accept the applicable agreement(s) on your behalf. You may request a list of all End User Agreements into which we have entered on your behalf by sending your written request to us (email is sufficient for this purpose). If an End User Agreement deviates materially from industry -standards (i.e., contains terms that are different than those generally offered by similarly situated companies to end users on an industry -wide basis), then we will bring that situation to your attention. End User Agreements may contain service levels, warranties and/or liability limitations that are different than those contained in this Agreement. You agree to be bound by the terms of all applicable End User Agreements. If, while providing the Services, you or we are required to comply with an End User Agreement and that agreement is modified or amended, we reserve the right to modify or amend any applicable Quote with you to ensure your and our continued compliance with the terms of the applicable End User Agreement. c) BYOD. You hereby represent and warrant that we are authorized to access all devices, peripherals and/or computer processing units, including mobile devices (such as notebook computers, smart phones and tablet computers) that are connected to the Environment (collectively, "Devices"), regardless of whether such Devices are owned, leased or otherwise controlled by you. Unless otherwise stated in writing by us, Devices managed under a Quote will not receive or benefit from the Services while the devices are detached from, or unconnected to, the Environment. Client is strongly advised to refrain from connecting Devices to the Environment where such devices are not previously known to us and are not expressly covered under a managed service plan from us ("Unknown Devices"). We will not be responsible for the diagnosis or remediation of any issues in the Environment caused by the connection or use of Unknown Devices in the Environment, and we will not be obligated to provide the Services to any Unknown Devices. d) Equipment. The information on equipment returned to us at the end of the Services will be deleted; however, we cannot and do not guarantee that deleted information will be rendered irrecoverable under all circumstances. For that reason, we strongly recommend that you permanently delete any personal, confidential, and/or highly sensitive information from such equipment before returning that equipment to us. e) Compliance; No Legal Advice. Unless otherwise expressly stated in a Quote, the Services are not intended, and will not be used, to bring Client into full regulatory compliance with any rule, regulation, or requirement that may be applicable to Client's business or operations. Depending on the Services provided, the Services may aid Client's efforts to fulfill regulatory compliance; however, unless otherwise explicitly stated in the Quote, the Services are not (and should not be used as) a compliance solution. Neither the results of any Service nor any proposed or suggested remediation, action, or response plan ("Plan") are legal advice and shall not be construed as such. Client is responsible for obtaining its own legal representation related to any of Client's industry, regulatory, and/or statutory -related requirements ("Applicable Laws"). Client is advised to consult its own legal resources before relying on any advice or recommendations made by Forum IT that pertain to or impact Applicable Laws. Client understands that any Plan provided to Client will be based on the status of the applicable rules/laws in place at the time that the Plan is delivered, and subsequent changes to the status or content of any applicable laws/rules may render the Plan obsolete. f) Disclosure. You warrant and represent that you know of no law or regulation governing your business that would impede or restrict our provision of the Services, or that would require us to register with, or report our provision of the Services (or the results thereof), to any government or regulatory authority. You agree to promptly notify us if you become subject to any of the foregoing which, in our discretion, may require a modification to the scope or pricing of the Services. Similarly, if you are subject to responsibilities under any applicable privacy law (such as HIPAA), then you agree to identify to us any data or information subject to protection under that law prior to providing such information to us or, as applicable, prior to giving us access to such information. g) No Fiduciary. The scope of our relationship with you is limited to the specific Services provided to you; no other relationship, fiduciary or otherwise, exists or will exist between us. If, by operation of law, a fiduciary relationship is imposed or presumed for out -of -scope services, you hereby waive that relationship and any fiduciary obligations thereunder. h) Virtual Security. You understand and agree that no security solution is one hundred percent effective, and any security paradigm may be circumvented and/or rendered ineffective by certain malware, such as certain ransomware or rootkits that were unknown to the malware prevention industry at the time of infection, and/or which are downloaded or installed into the Environment. We do not warrant or guarantee that any security -related product or solution implemented or facilitated by us will be capable of being detecting, avoiding, quarantining or removing all malicious code, spyware, malware, etc., or that any data deleted, corrupted, or encrypted by any of the foregoing ("Impacted Data") will be recoverable. Unless otherwise expressly stated in a Quote, the recovery of Impacted Data is out -of -scope. Moreover, unless expressly stated in a Quote or Services Guide, we will not be responsible for activating multifactor authentication in any application in or connected to the Environment. You are strongly advised to (i) educate your employees to properly identify and react to "phishing" activity (i.e., fraudulent attempts to obtain sensitive information or encourage behavior by disguising oneself as a trustworthy entity or person through email), and (ii) obtain insurance against cyberattacks, data loss, malware-related matters, and privacy -related breaches, as such incidents can occur even under a "best practice" scenario. Unless a malware-related incident is caused by our intentionally malicious behavior or our gross negligence, we are held harmless from any costs, expenses, or damages arising from or related to such incidents. i) Physical Security. You agree to implement and maintain reasonable physical security for all managed hardware and related devices in your physical possession or control. Such security measures must include (i) physical barriers, such as door and cabinet locks, designed to prevent unauthorized physical access to protected equipment, (ii) an alarm system to mitigate and/or prevent unauthorized access to the premises at which the protected equipment is located, (iii) fire detection and retardant systems, and (iv) periodic reviews of personnel access rights to ensure that access policies are being enforced, and to help ensure that all access rights are correct and promptly updated. j) Updates. Patches and updates to hardware and software ("Updates") are created and distributed by third parties—such as equipment or software manufacturers—and may be supplied to us from time to time for installation into the Environment. If Updates are provided to you as part of the Services, we will implement and follow the manufacturers' recommendations for the installation of Updates; however, (i) we do not warrant or guarantee that any Update will perform properly, (ii) we will not be responsible for any downtime or losses arising from or related to the installation, use, or inability to use any Update, (iii) we will not be responsible for the remediation of any device or software that is rendered inoperable or non-functional due to the Update, and (iv) we reserve the right, but not the obligations, to refrain from installing an Update until we have determined, in our reasonable discretion, that the Updates will be compatible with the configuration of the Environment and materially beneficial to the features or functionality of the affected software or hardware. k) No Poaching. Each party (a "Restricted Party") acknowledges and agrees that during the term of this Agreement and for a period of one (1) year following the termination of this Agreement, the Restricted Party will not, individually or in conjunction with others, directly or indirectly solicit, induce or influence any of the other party's employees with whom the Restricted Party worked to discontinue or reduce the scope of their business relationship with the other party, or recruit, solicit or otherwise influence any employee of the other party with whom the Restricted Party worked to discontinue his/her employment or agency relationship with the other party. In the event of a violation of the terms of the restrictive covenants in this section, the parties acknowledge and agree that the damages to the other party would be difficult or impracticable to determine, and in such event, the Restricted Party will pay the other party as liquidated damages and not as a penalty an amount equal to one hundred thousand dollars ($100,000) or the amount that the other party paid to that employee in the one (1) year period immediately preceding the date on which the Restricted Party violated the foregoing restriction, whichever is greater. In addition to and without limitation of the foregoing, any solicitation or attempted solicitation for employment directed to a party's employees by the Restricted Party will be deemed to be a material breach of this Agreement, in which event the affected party shall have the right, but not the obligation, to terminate this Agreement or any then -current Quote immediately For Cause. 1) Collections. If we are required to send your account to Collections or to start any Collections -related action to recover undisputed fees, we will be entitled to recover all costs and fees we incur in the Collections process including but not limited to reasonable attorneys' fees and costs. m) Assignment. Neither this Agreement nor any Quote may be assigned or transferred by a party without the prior written consent of the other party. This Agreement will be binding upon and inure to the benefit of the parties hereto, their legal representatives, and permitted successors and assigns. Notwithstanding the foregoing, we may assign our rights and obligations hereunder to a successor in ownership in connection with any merger, consolidation, or sale of substantially all of the assets of our business or any other transaction in which ownership of more than fifty percent (50%) of our voting securities are transferred; provided, however, that the assignee expressly assumes our obligations hereunder. n) Amendment. This Agreement and any Quote may be amended only by a written document (email or similar electronic documents are sufficient for this purpose) that is initiated by us, and that specifically refers to this Agreement or the Quote being amended and is affirmatively accepted in writing (email or electronic signature is acceptable) by you. o) Time Limitations. The parties mutually agree that, unless otherwise prohibited by law, any action for any matter arising out of or related to any Service (except for issues of nonpayment by Client) must be commenced within six (6) months after the cause of action accrues or the action is forever barred. p) Severability. If any provision in this Agreement, any Quote, or the Services Guide is declared invalid by a court of competent jurisdiction, such provision will be ineffective only to the extent of such invalidity, illegibility or unenforceability so that the remainder of that provision and all remaining provisions will be valid and enforceable to the fullest extent permitted by applicable law. q) Other Terms. We will not be bound by any terms or conditions printed on any purchase order, invoice, memorandum, or other written communication supplied by you unless we have expressly acknowledged the other terms and, thereafter, expressly and specifically accepted such other terms in writing. r) No Waiver. The failure of either party to enforce or insist upon compliance with any of the terms and conditions of this Agreement, the temporary or recurring waiver of any term or condition of this Agreement, or the granting of an extension of the time for performance, will not constitute an Agreement to waive such terms with respect to any other occurrences. s) Merger. This Agreement coupled with the Quote and the Services Guide sets forth the entire understanding of the parties and supersedes any and all prior agreements, arrangements or understandings related to the Services; however, any payment obligations that you have or may have incurred under any prior superseded agreement are not nullified by this Agreement and remain in full force and effect. No representation, promise, inducement or statement of intention has been made by either party which is not embodied herein. We will not be bound by any of our agents' or employees' representations, promises or inducements unless they are explicitly set forth in this Agreement or in a Quote or Services Guide. Our website and marketing materials are provided to you for illustrative or educational purposes only and are not intended (and will not be interpreted as) creating additional duties, requirements, service levels, or promises or guarantees of specific services or specific service results. t) Force Majeure. Neither party will be liable to the other party for delays or failures to perform its obligations because of circumstances beyond such party's reasonable control. Such circumstances include, but will not be limited to, any intentional or negligent act committed by the other party, or any acts or omissions of any governmental authority, natural disaster, act of a public enemy, acts of terrorism, riot, sabotage, disputes or differences with workmen, power failure, communications delays/outages, delays in transportation or deliveries of supplies or materials, cyberwarfare, cyberterrorism, or hacking, malware or virus -related incidents that circumvent then -current anti-virus or anti-malware software, and acts of God. u) Survival. The provisions contained in this Agreement that by their context are intended to survive termination or expiration of this Agreement will survive. If any provision in this Agreement is deemed unenforceable by operation of law, then that provision shall be excised from this Agreement and the balance of this Agreement shall be enforced in full. v) Governing Law; Venue. This Agreement will be governed by, and construed according to, the laws of the state of California. You hereby irrevocably consent to the exclusive jurisdiction and venue of Riverside County, California for all non -arbitrable claims and causes of action with us that arise from or relate to this Agreement. w) No Third Party Beneficiaries. The Parties have entered into this Agreement solely for their own benefit. They intend no third party to be able to rely upon or enforce this Agreement or any part of this Agreement. x) Usage in Trade. It is understood and agreed that no usage of trade or other regular practice or method of dealing between the Parties to this Agreement will be used to modify, interpret, or supplement in any manner the terms of this Agreement. y) Notices; Writing Requirement. Where notice is required to be provided to a party under this Agreement, such notice may be sent by postal mail, overnight courier, or email as follows: notice will be deemed delivered three (3) business days after being deposited in postal mail, first class mail, certified or return receipt requested, postage prepaid, or one (1) day following delivery when sent by FedEx, DHL, or other overnight courier, or one (1) day after notice is delivered by email. Notice sent by email will be sufficient only if the message is sent to the last known email address of the recipient or such other email address that is expressly designated by the recipient for the receipt of legal notices. All electronic documents and communications between the parties, including email, will satisfy any "writing" requirement under this Agreement. z) Independent Contractor. Forum IT is an independent contractor, and is not your employer, employee, partner, or affiliate. aa) Contractors. Should we elect to use contractors to provide any portion of the Services to you, we will guarantee that work as if we performed that work ourselves. For the purposes of clarity, you understand and agree that Third Party Services are resold to you and, therefore, are not contracted or subcontracted services; and Third Party Providers are not our contractors or subcontractors. bb) Data & Service Access. Some of the Services may be provided by persons outside of the United States and/or your data may occasionally be accessed, viewed, or stored on secure servers located outside of the United States. You agree to notify us if your company requires us to modify these standard service provisions, in which case additional (and potentially significant) costs will apply. cc) "Per Seat" Licensing Fees. The Services may require us to purchase certain "per seat" licenses from Third Party Providers (such as, for example, Microsoft which sells per seat licenses under its "New Commerce Experience" licensing model). Unless otherwise expressly stated in a Quote, per seat licenses cannot be canceled once they are purchased and cannot be transferred to any other customer. If we purchase per seat licenses for you, then those licenses will require a definite term—such as a one (1) or three (3) year term—which may be paid annually or monthly but, in all cases, must be paid in full by you; please see your Quote for details. For that reason, you understand and agree that regardless of the reason for termination of the Services, you are required to pay for all applicable per seat licenses in full for the entire term of those licenses. Provided that you have paid for those licenses in full, you will be permitted to use the licenses until they expire, even if you move to a different managed service provider. dd) Counterparts. The parties intend to sign, accept and/or deliver any Quote, this Agreement, or any amendment in any number of counterparts, and each of which will be deemed an original and all of which, when taken together, will be deemed to be one agreement. Each party may sign, accept, and/or deliver any Quote, this Agreement, or any amendment electronically (e.g., by digital signature and/or electronic reproduction of a handwritten signature) or by reference (as applicable). Last Updated: February 2022 ATTACHMENT 1 AGREEMENT FOR CONTRACT SERVICES THIS AGREEMENT FOR CONTRACT SERVICES (the "Agreement") is made and entered into by and between the CITY OF LA QUINTA, ("City"), a California municipal corporation, and [insert type of business entity, e.g. sole proprietorship, California Limited Liability Corporation, etc], with a place of business at ("Contracting Party"). The parties hereto agree as follows: 1. SERVICES OF CONTRACTING PARTY. 1.1 Scope of Services. In compliance with all terms and conditions of this Agreement, Contracting Party shall provide those services related to MANAGED IT SERVICES, as speci% in the "Scope of Services" attached hereto as "Exhibit A" and incorporated herein reference (the "Services"). Contracting Party represents and warrants that Co cti rty is a provider of first-class work and/or services and Contracting Par e . n d in performing the Services contemplated herein and, in light of such sta s er ce, Contracting Party covenants that it shall follow industry standards in pe rmi ervices required hereunder, and that all materials, if any, will be of good qualit r the purpose intended. For purposes of this Agreement, the phrase "industry standard s an those standards of practice recognized by one or more first-class firms pe imilLgr services under similar circumstances. 1.2 Compliance with Law. IW� in accordance with all ordinances, res the City and any Federal, State, or local 1.3 Wage and Hour Compliance, Co Federal, State, and local wage and hour laws. ndered hereunder shall be provided �ttes, rules, regulations, and laws of gency of competent jurisdiction. shall comply with applicable 1.4 Licenses, Permits, Fees and Assessmefe otherwise specified herein, Contracting Party shall obtain at its sole cost and licenses, permits, and approvals as may be required by law for the performarequired by this Agreement, including a City of La Quinta business licenscting Party and its employees, agents, and subcontractors shall, at their soleexpense, keep in effect at all times during the term of this Agreement any licenses, permits, and approvals that are legally required for the performance of the Services required by this Agreement. Contracting Party shall have the sole obligation to pay for any fees, assessments, and taxes, plus applicable penalties and interest, which may be imposed by law and arise from or are necessary for the performance of the Services required by this Agreement, and shall indemnify, defend (with counsel selected by City), and hold City, its elected officials, officers, employees, and agents, free and harmless against any such fees, assessments, taxes, penalties, or interest levied, assessed, or imposed against City hereunder. Contracting Party shall be responsible for all subcontractors' compliance with this Section. 1.5 Familiarity with Work. By executing this Agreement, Contracting Party warrants that (a) it has thoroughly investigated and considered the Services to be performed, (b) it has investigated the site where the Services are to be performed, if any, and fully acquainted itself with the conditions there existing, (c) it has carefully considered how the Services should be performed, and (d) it fully understands the facilities, difficulties, and restrictions attending performance of the Services under this Agreement. Should Contracting Party discover any latent or unknown conditions materially differing from those inherent in the Services or as represented by City, Contracting Party shall immediately inform City of such fact and shall not proceed except at Contracting Party's risk until written instructions are received from the Contract Officer, or assigned designee (as defined in Section 4.2 hereof). 1.6 Standard of Care. Contracting Party acknowledges and understands that the Services contracteor under this Agreement require specialized skills and abilities and that, consistent%JLs understanding, Contracting Party's work will be held to an industry standard d workmanship. Consistent with Section 1.5 hereinabove, Contracting Pa p ity that it holds the necessary skills and abilities to satisfy the industry stan and qu lity s set forth in this Agreement. Contracting Party shall adopt reasonable meth he life of this Agreement to furnish continuous protection to the Services p ed b ontracting Party, and the equipment, materials, papers, and other compone to prevent losses or damages, and shall be responsible for all such damage on r property, until acceptance of the Services by City, except such losses or dam s a be caused by City's own negligence. The performance of Services by Cont hall not relieve Contracting Party from any obligation to correct any incomplete, r defective work at no further cost to City, when such inaccuracies are due to g e of Contracting Party. 1.7 Additional Services. In accordance with terms and conditions of this Agreement, Contracting Party shall perform service ada"'o to those specified in the Scope of Services ("Additional Services") only whe ect o so by the Contract Officer, or assigned designee, provided that Contras I not be required to perform any Additional Services without compensation. o ra Party shall not perform any Additional Services until receiving prior written h ation (in the form of a written change order if Contracting Party is a contractor pe ing the Services) from the Contract Officer, or assigned designee, incorporating erein any adjustment in (i) the Contract Sum, and/or (ii) the time to perform this Agreement, which said adjustments are subject to the written approval of Contracting Party. It is expressly understood by Contracting Party that the provisions of this Section shall not apply to the Services specifically set forth in the Scope of Services or reasonably contemplated therein. It is specifically understood and agreed that oral requests and/or approvals of Additional Services shall be barred and are unenforceable. Failure of Contracting Party to secure the Contract Officer's, or assigned designee's written authorization for Additional Services shall constitute a waiver of any and all right to adjustment of the Contract Sum or time to perform this Agreement, whether by way of compensation, restitution, quantum meruit, or the like, for Additional Services provided without the appropriate authorization from the Contract Officer, or assigned designee. -2- Compensation for properly authorized Additional Services shall be made in accordance with Section 2.3 of this Agreement. 1.8 Special Requirements. Additional terms and conditions of this Agreement, if any, which are made a part hereof are set forth in "Exhibit D" (the "Special Requirements"), which is incorporated herein by this reference and expressly made a part hereof. In the event of a conflict between the provisions of the Special Requirements and any other provisions of this Agreement, the provisions of the Special Requirements shall govern. 2. COMPENSATION. 2.1 Contract Sum. For the Services rendered pursuant to this Agreement, Contracting Party shall a compensated in accordance with "Exhibit B" (the "Schedule of Compensation") in amount not to exceed Dollars ($ or the life of the Agreement, encompassing the Initial and any Extended ntract Sum"), except as provided in Section 1.7. The method of compe sa s fo in the Schedule of Compensation may include a lump sum payment upon corn do nt in accordance with the percentage of completion of the Services, payment a and materials based upon Contracting Party's rate schedule, but not exceeding th o um, or such other reasonable methods as may be specified in the Schedule ns ion. The Contract Sum shall include the attendance of Contracting Party at al of eetings reasonably deemed necessary by City; Contracting Party shall not be a additional compensation for attending said meetings. Compensation may i c rsement for actual and necessary expenditures for reproduction costs, tran a ' ense, telephone expense, and similar costs and expenses when and if sp h Schedule of Compensation. Regardless of the method of compensation se fort i Schedule of Compensation, Contracting Party's overall compensation shall not e ed the Contract Sum, except as provided in Section 1.7 of this Agreement. 2.2 Method of Billing & Payment. Any month in ch n ting Party wishes to receive payment, Contracting Party shall submit to n er than the tenth (10th) working day of such month, in the form approved by Finance Director, an invoice for Services rendered prior to the date of the in e. Such invoice shall (1) describe in detail the Services provided, including time and materials, and (2) specify each staff member who has provided Services and the number of hours assigned to each such staff member. Such invoice shall contain a certification by a principal member of Contracting Party specifying that the payment requested is for Services performed in accordance with the terms of this Agreement. Upon approval in writing by the Contract Officer, or assigned designee, and subject to retention pursuant to Section 8.3, City will pay Contracting Party for all items stated thereon which are approved by City pursuant to this Agreement no later than thirty (30) days after invoices are received by the City's Finance Department. 2.3 Compensation for Additional Services. Additional Services approved in advance by the Contract Officer, or assigned designee, pursuant to Section 1.7 of this -3- Agreement shall be paid for in an amount agreed to in writing by both City and Contracting Party in advance of the Additional Services being rendered by Contracting Party. Any compensation for Additional Services amounting to five percent (5%) or less of the Contract Sum may be approved by the Contract Officer, or assigned designee. Any greater amount of compensation for Additional Services must be approved by the La Quinta City Council, the City Manager, or Department Director, depending upon City laws, regulations, rules and procedures concerning public contracting. Under no circumstances shall Contracting Party receive compensation for any Additional Services unless prior written approval for the Additional Services is obtained from the Contract Officer, or assigned designee, pursuant to Section 1.7 of this Agreement. 3. PERFORMANCE SCHEDULE. 3.1 Time of Ek5sence. Time is of the essence in the performance of this Agreement. If the ces not completed in accordance with the Schedule of Performance, as or ection 3.2 and "Exhibit C", it is understood that the City will suffer damage. 4K 3.2 Schedule P nce. All Services rendered pursuant to this Agreement shall be perfor igently and within the time period established in "Exhibit C" (the "Schedule of Pe 1 tensions to the time period specified in the Schedule of Performance maroved Wo in writing by the Contract Officer, or assigned designee. 3.3 Force Majeure. The time c' 'ed in the Schedule of Performance for performance of the Services rendere is Agreement shall be extended because of any delays due to unforeseeabl and the control and without the fault or negligence of Contracting Party, include g, bZh estricted to, acts of God or of the public enemy, fires, earthquakes, floods, epidquarantine restrictions, riots, strikes, freight embargoes, acts of any governmg other than City, and unusually severe weather, if Contracting Party (10) days of the commencement of such delay notify the Contract Offic o s ed designee, in writing of the causes of the delay. The Contract Officer, o si d designee, shall ascertain the facts and the extent of delay, and extend t e for performing the Services for the period of the forced delay when and if in the tract Officer's judgment such delay is justified, and the Contract Officer's determination, or assigned designee, shall be final and conclusive upon the parties to this Agreement. Extensions to time period in the Schedule of Performance which are determined by the Contract Officer, or assigned designee, to be justified pursuant to this Section shall not entitle the Contracting Party to additional compensation in excess of the Contract Sum. 3.4 Term. Unless earlier terminated in accordance with the provisions in Article 8.0 of this Agreement, the term of this agreement shall commence on November 14, 2023, and terminate on June 30, 2028 ("Initial Term"). -4- 4. COORDINATION OF WORK. 4.1 Representative of Contracting Party. The following principals of Contracting Party ("Principals") are hereby designated as being the principals and representatives of Contracting Party authorized to act in its behalf with respect to the Services specified herein and make all decisions in connection therewith: (a) COMPANY NAME COMPANY ADDRESS COMPANY ADDRESS COMPANY ADDRESS ATTN: DEPARTMENT (b) City of La Quinta 495 Calle Tampico JOET uinta, CA 92253 City Manager's Office It is expressl ndMrst d reputation of the foregoi this Agreement. Therefore, or( of this Agreement for directin I time to personally supervise the the foregoing Principals may not be may be assigned to perform the Se approval of City. that the experience, knowledge, capability, and ►were a substantial inducement for City to enter into Ioi Principals shall be responsible during the term s of Contracting Party and devoting sufficient s h eunder. For purposes of this Agreement, Contracting Party and no other personnel ereunder without the express written 4.2 Contract Officer. The "Contractt rwise known as the Public Safety Manager or assigned designee may benated in writing by the City Manager of the City. It shall be Contracting Part ' esponsibility to assure that the Contract Officer, or assigned designee, is kep orm the progress of the performance of the Services, and Contracting Party sh ecisions, that must be made by City to the Contract Officer or assigned i ee nless otherwise specified herein, any approval of City required hereunder sh m the approval of the Contract Officer or assigned designee. The Contract Offic assigned designee, shall have authority to sign all documents on behalf of City required hereunder to carry out the terms of this Agreement. 4.3 Prohibition Against Subcontracting or Assignment. The experience, knowledge, capability, and reputation of the Contracting Party, its principals, and its employees were a substantial inducement for City to enter into this Agreement. Except as set forth in this Agreement, Contracting Party shall not contract or subcontract with any other entity to perform in whole or in part the Services required hereunder without the express written approval of City. In addition, neither this Agreement nor any interest herein may be transferred, assigned, conveyed, hypothecated, or encumbered, voluntarily or by operation of law, without the prior written approval of City. Transfers restricted hereunder shall include the transfer to any person or group of persons acting in concert of more than twenty five percent (25%) of the present ownership and/or control -5- of Contracting Party, taking all transfers into account on a cumulative basis. Any attempted or purported assignment or contracting or subcontracting by Contracting Party without City's express written approval shall be null, void, and of no effect. No approved transfer shall release Contracting Party of any liability hereunder without the express consent of City. 4.4 Independent Contractor. Neither City nor any of its employees shall have any control over the manner, mode, or means by which Contracting Party, its agents, or its employees, perform the Services required herein, except as otherwise set forth herein. City shall have no voice in the selection, discharge, supervision, or control of Contracting Party's employees, servants, representatives, or agents, or in fixing their number or hours of service. Contracting Party shall perform all Services required herein as an independent contractor of City and shall remain at all times as to City a wholly independent contractor with only such obligati as are consistent with that role. Contracting Party shall not at any time or in any represent that it or any of its agents or employees are agents or employees of II not in any way or for any purpose become or be deemed to be a partner C rty in its business or otherwise or a joint venture or a member of any joint e rp ise th Contracting Party. Contracting Party shall have no power to incur any debt, liability on behalf of City. Contracting Party shall not at any time or in any m n repre nt that it or any of its agents or employees are agents or employees of City. the Contract Sum paid to Contracting Party as provided in this Agreement, City t p salaries, wages, or other compensation to Contracting Party for performing the rv' ereunder for City. City shall not be liable for compensation or indemnification t Party for injury or sickness arising out of performing the Services hereunder. a ' g any other City, state, or federal policy, rule, regulation, law, or ordinance to r Contracting Party and any of its employees, agents, and subcontractors provid' rider this Agreement shall not qualify for or become entitled to any compensation, ben , or any incident of employment by City, including but not limited to eligibility to enro the CJIornia Public Employees Retirement System ("PERS") as an employee of City e nt to any contribution to be paid by City for employer contributions and/ore c ibutions for PERS benefits. Contracting Party agrees to pay all require x s amounts paid to Contracting Party under this Agreement, and to indemnify a City harmless from any and all taxes, assessments, penalties, and interest ass against City by reason of the independent contractor relationship created by this Agre ment. Contracting Party shall fully comply with the workers' compensation laws regarding Contracting Party and Contracting Party's employees. Contracting Party further agrees to indemnify and hold City harmless from any failure of Contracting Party to comply with applicable workers' compensation laws. City shall have the right to offset against the amount of any payment due to Contracting Party under this Agreement any amount due to City from Contracting Party as a result of Contracting Party's failure to promptly pay to City any reimbursement or indemnification arising under this Section. 4.5 Identity of Persons Performing Work. Contracting Party represents that it employs or will employ at its own expense all personnel required for the satisfactory performance of any and all of the Services set forth herein. Contracting Party represents that the Services required herein will be performed by Contracting Party or under its direct I M. supervision, and that all personnel engaged in such work shall be fully qualified and shall be authorized and permitted under applicable State and local law to perform such tasks and services. 4.6 City Cooperation. City shall provide Contracting Party with any plans, publications, reports, statistics, records, or other data or information pertinent to the Services to be performed hereunder which are reasonably available to Contracting Party only from or through action by City. 5. INSURANCE. 5.1 Insurance. Prior to the beginning of any Services under this Agreement and throughout the duration of the term of this Agreement, Contracting Party shall procure and maintain, at its sol cost and expense, and submit concurrently with its execution of this Agreement, po ' of insurance as set forth in "Exhibit E" (the "Insurance Requirements") w is ' orated herein by this reference and expressly made a part hereof. 5.2 Proof of IW, to Agency along with A endorsements must be app performance. 6. INDEMNIFICATION. Wtracting Party shall provide Certificate of Insurance fired endorsements. Certificate of Insurance and s Risk Manager prior to commencement of 6.1 Indemnification. To the fuller a rmitted by law, Contracting Party shall indemnify, protect, defend (with coupage to y City), and hold harmless City and any and all of its officers, employees, s,nteers as set forth in "Exhibit F" ("Indemnification") which is incorporated herein by reference and expressly made a part hereof. 7. RECORDS AND REPORTS. 41 7.1 Reports. Contracting Party shall periodically 7e and submit to the Contract Officer, or assigned designee, such reports con ng Contracting Party's performance of the Services required by this Agreement as the Contract Officer, or assigned designee, shall require. Contracting Party hereby acknowledges that City is greatly concerned about the cost of the Services to be performed pursuant to this Agreement. For this reason, Contracting Party agrees that if Contracting Party becomes aware of any facts, circumstances, techniques, or events that may or will materially increase or decrease the cost of the Services contemplated herein or, if Contracting Party is providing design services, the cost of the project being designed, Contracting Party shall promptly notify the Contract Officer, or assigned designee, of said fact, circumstance, technique, or event and the estimated increased or decreased cost related thereto and, if Contracting Party is providing design services, the estimated increased or decreased cost estimate for the project being designed. -7- 7.2 Records. Contracting Party shall keep, and require any subcontractors to keep, such ledgers, books of accounts, invoices, vouchers, canceled checks, reports (including but not limited to payroll reports), studies, or other documents relating to the disbursements charged to City and the Services performed hereunder (the "Books and Records"), as shall be necessary to perform the Services required by this Agreement and enable the Contract Officer, or assigned designee, to evaluate the performance of such Services. Any and all such Books and Records shall be maintained in accordance with generally accepted accounting principles and shall be complete and detailed. The Contract Officer, or assigned designee, shall have full and free access to such Books and Records at all times during normal business hours of City, including the right to inspect, copy, audit, and make records and transcripts from such Books and Records. Such Books and Records shall be maintained for a period of three (3) years following completion of the Services hereunder, and City shall have access to such Books and Records in the event audit is required. In the event of dissolution of Contracting Party's business, c dy the Books and Records may be given to City, and access shall be provide y cting Party's successor in interest. Under California Government Co 1 7, if the amount of public funds expended under this Agreement exceeds hous d Dollars ($10,000.00), this Agreement shall be subject to the examination and a ate Auditor, at the request of City or as part of any audit of City, for a period o r (3) yds after final payment under this Agreement. 7.3 Ownership of Doc drawings, specifications, maps, designs, photographs, studies, surveys, data, t mputer files, reports, records, documents, and other materials plans, drawing test data, survey results, models, renderings, and other documents or wor ip fixed in any tangible medium of expression, including but not limited to, p i r ings, digital renderings, or data stored digitally, magnetically, or in any other i red or caused to be prepared by Contracting Party, its employees, subcontractors, agents in the performance of this Agreement (the "Documents and Materials") sh the pr erty of City and shall be delivered to City upon request of the Contract Office r a d designee, or upon the expiration or termination of this Agreement, and Con a hall have no claim for further employment or additional compensation as a r t o t ercise by City of its full rights of ownership use, reuse, or assignment of the o ents and Materials hereunder. Any use, reuse or assignment of such complete cuments and Materials for other projects and/or use of uncompleted documents without specific written authorization by Contracting Party will be at City's sole risk and without liability to Contracting Party, and Contracting Party's guarantee and warranties shall not extend to such use, revise, or assignment. Contracting Party may retain copies of such Documents and Materials for its own use. Contracting Party shall have an unrestricted right to use the concepts embodied therein. All subcontractors shall provide for assignment to City of any Documents and Materials prepared by them, and in the event Contracting Party fails to secure such assignment, Contracting Party shall indemnify City for all damages resulting therefrom. 7.4 In the event City or any person, firm, or corporation authorized by City reuses said Documents and Materials without written verification or adaptation by Contracting Party for the specific purpose intended and causes to be made or makes any changes or alterations in said Documents and Materials, City hereby releases, discharges, and exonerates Contracting Party from liability resulting from said change. The provisions of this clause shall survive the termination or expiration of this Agreement and shall thereafter remain in full force and effect. 7.5 Licensing of Intellectual Property. This Agreement creates a non-exclusive and perpetual license for City to copy, use, modify, reuse, or sublicense any and all copyrights, designs, rights of reproduction, and other intellectual property embodied in the Documents and Materials. Contracting Party shall require all subcontractors, if any, to agree in writing that City is granted a non-exclusive and perpetual license for the Documents and Materials the subcontractor prepares under this Agreement. Contracting Party represents and warrants that Contracting Party has the legal right to license any and all of the Documents and Materials. Contracting Party makes no such representation and warranty in regarq&the Documents and Materials which were prepared by design professionals other tients. tiParty or provided to Contracting Party by City. City shall not be limit use of the Documents and Materials at any time, provided that a u the purposes intended by this Agreement shall be at City's sole risk. 7.6 Release of L, The Documents and Materials shall not be released publicly without the or approval of the Contract Officer, or assigned designee, or as required by la cti Party shall not disclose to any other entity or person any information regarding a es of City, except as required by law or as authorized by City. 7.7 Confidential or Personal "formation. Contracting Party covenants that all City data, data lists, trades u ents with personal identifying information, documents that are not public records, of currents, discussion notes, or other information, if any, developed or received b ntracti g Party or provided for performance of this Agreement are deemed confid Ian II not be disclosed by Contracting Party to any person or entity without prio a orization by City or unless required by law. City shall grant authorization fo sc jur f required by any lawful administrative or legal proceeding, court order, or simi diive with the force of law. All City data, data lists, trade secrets, document personal identifying information, documents that are not public records, draft docu tents, discussions, or other information shall be returned to City upon the termination or expiration of this Agreement. Contracting Party's covenant under this section shall survive the termination or expiration of this Agreement. 8. ENFORCEMENT OF AGREEMENT. 8.1 California Law. This Agreement shall be interpreted, construed, and governed both as to validity and to performance of the parties in accordance with the laws of the State of California. Legal actions concerning any dispute, claim, or matter arising out of or in relation to this Agreement shall be instituted in the Superior Court of the County of Riverside, State of California, or any other appropriate court in such county, and In Contracting Party covenants and agrees to submit to the personal jurisdiction of such court in the event of such action. 8.2 Disputes. In the event of any dispute arising under this Agreement, the injured party shall notify the injuring party in writing of its contentions by submitting a claim therefore. The injured party shall continue performing its obligations hereunder so long as the injuring party commences to cure such default within ten (10) days of service of such notice and completes the cure of such default within forty-five (45) days after service of the notice, or such longer period as may be permitted by the Contract Officer, or assigned designee; provided that if the default is an immediate danger to the health, safety, or general welfare, City may take such immediate action as City deems warranted. Compliance with the provisions of this Section shall be a condition precedent to termination of this Agreement for cause and to any legal action, and such compliance shall not be a waiver o ny party's right to take legal action in the event that the dispute is not cured, proviiOFFU t nothing herein shall limit City's right to terminate this Agreement witho a suant to this Article 8.0. During the period of time that ContractingPa s ' ity shall hold all invoices and shall, when the default is cured, proceed with t the invoices. In the alternative, City may, in its sole discretion, elect to pays a outstanding invoices during any period of default. 8.3 Retention of FuMs may withhold from any monies payable to Contracting Party sufficient fun pe ate City for any losses, costs, liabilities, or damages it reasonably believes wer of by City due to the default of Contracting Party in the performance of the Servi jay this Agreement. 8.4 Waiver. No delay or omissibr�t vise of any right or remedy of a non -defaulting party on any default shall imps h or remedy or be construed as a waiver. City's consent or approval of any act by racting Party requiring City's consent or approval shall not be deemed to waive or der un ecessary City's consent to or approval of any subsequent act of Contracting y. iver by either party of any default must be in writing and shall not be a waive fj o r default concerning the same or any other provision of this Agreement. 8.5 Rights and Remedies are Cumulative. Exceprespect to rights and remedies expressly declared to be exclusive in this Agreeme ,the rights and remedies of the parties are cumulative and the exercise by either party of one or more of such rights or remedies shall not preclude the exercise by it, at the same or different times, of any other rights or remedies for the same default or any other default by the other party. 8.6 Legal Action. In addition to any other rights or remedies, either party may take legal action, at law or at equity, to cure, correct, or remedy any default, to recover damages for any default, to compel specific performance of this Agreement, to obtain declaratory or injunctive relief, or to obtain any other remedy consistent with the purposes of this Agreement. 8.7 Termination Prior To Expiration of Term. This Section shall govern any termination of this Agreement, except as specifically provided in the following Section for -10- termination for cause. City reserves the right to terminate this Agreement at any time, with or without cause, upon thirty (30) days' written notice to Contracting Party. Upon receipt of any notice of termination, Contracting Party shall immediately cease all Services hereunder except such as may be specifically approved by the Contract Officer, or assigned designee. Contracting Party shall be entitled to compensation for all Services rendered prior to receipt of the notice of termination and for any Services authorized by the Contract Officer, or assigned designee, thereafter in accordance with the Schedule of Compensation or such as may be approved by the Contract Officer, or assigned designee, except amounts held as a retention pursuant to this Agreement. 8.8 Termination for Default of Contracting Party. If termination is due to the failure of Contracting Party to fulfill its obligations under this Agreement, Contracting Party shall vacate any City-owned property which Contracting Party is permitted to occupy hereunder and City mALafter compliance with the provisions of Section 8.2, take over the Services ande e the same to completion by contract or otherwise, and Contracting Part all le to the extent that the total cost for completion of the Services requirelge eeds the compensation herein stipulated (provided that City shall use reason e ort o mitigate such damages), and City may withhold any payments to Contracting purpose of setoff or partial payment of the amounts owed City. 8.9 Attorneys' Fees. art to this Agreement is required to initiate or defend or made a party to any acti seeding in any way connected with this Agreement, the prevailing party in sus seeding, in addition to any other relief which may be granted, whether lega a shall be entitled to reasonable attorneys' fees; provided, however, that t ' fees awarded pursuant to this Section shall not exceed the hourly rate paid gal services multiplied by the reasonable number of hours spent by the prevailing p n the conduct of the litigation. Attorneys' fees shall include attorneys' fees on any a al, and ' addition a party entitled to attorneys' fees shall be entitled to all other reas ble or investigating such action, taking depositions and discovery, and all other is the court allows which are incurred in such litigation. All such fees shall b ee a have accrued on commencement of such action and shall be enforceable w h r not such action is prosecuted to judgment. The court may set such fees in the action or in a separate action brought for that purpose. 9. CITY OFFICERS AND EMPLOYEES: NONDISCRIMINATION. 9.1 Non -liability of City Officers and Employees. No officer, official, employee, agent, representative, or volunteer of City shall be personally liable to Contracting Party, or any successor in interest, in the event or any default or breach by City or for any amount which may become due to Contracting Party or to its successor, or for breach of any obligation of the terms of this Agreement. 9.2 Conflict of Interest. Contracting Party covenants that neither it, nor any officer or principal of it, has or shall acquire any interest, directly or indirectly, which would conflict in any manner with the interests of City or which would in any way hinder -11- Contracting Party's performance of the Services under this Agreement. Contracting Party further covenants that in the performance of this Agreement, no person having any such interest shall be employed by it as an officer, employee, agent, or subcontractor without the express written consent of the Contract Officer, or assigned designee. Contracting Party agrees to at all times avoid conflicts of interest or the appearance of any conflicts of interest with the interests of City in the performance of this Agreement. No officer or employee of City shall have any financial interest, direct or indirect, in this Agreement nor shall any such officer or employee participate in any decision relating to this Agreement which effects his financial interest or the financial interest of any corporation, partnership or association in which he is, directly or indirectly, interested, in violation of any State statute or regulation. Contracting Party warrants that it has not paid or given and will not pay or give any third party any money or other consideration for obtaigiRg this Agreement. 9.3 Cov for itself, its hei e; that there shall b n Discrimination. Contracting Party covenants that, by and signs, and all persons claiming under or through them, on against or segregation of, any person or group of ble classification including, but not limited to, race, status sexual orientation, national origin, or ancestry in e tracting Party shall take affirmative action to th employees are treated during employment cr on, sex, marital status, sexual orientation, persons on account of alb i color, creed, religion, sex, i the performance of this Agre ensure that applicants are empl without regard to their race, color national origin, or ancestry. 10. MISCELLANEOUS PROVISIONS. 10.1 Notice. Any notice, demand, req est, , approval, or communication either party desires or is required to give the other p or any other person shall be in writing and either served personally or sent by prepa first -c ail to the address set forth below. Either party may change its address by nota ' o r party of the change of address in writing. Notice shall be deemed communic y- t (48) hours from the time of mailing if mailed as provided in this Section. To City: To Contracting rty: CITY OF LA QUINTA Attention: City Manager's Office 78495 Calle Tampico La Quinta, California 92253 10.2 Interpretation. The terms of this Agreement shall be construed in accordance with the meaning of the language used and shall not be construed for or against either party by reason of the authorship of this Agreement or any other rule of construction which might otherwise apply. -12- 10.3 Section Headings and Subheadings. The section headings and subheadings contained in this Agreement are included for convenience only and shall not limit or otherwise affect the terms of this Agreement. 10.4 Counterparts. This Agreement may be executed in counterparts, each of which shall be deemed to be an original, and such counterparts shall constitute one and the same instrument. 10.5 Integrated Agreement. This Agreement including the exhibits hereto is the entire, complete, and exclusive expression of the understanding of the parties. It is understood that there are no oral agreements between the parties hereto affecting this Agreement and this Agreement supersedes and cancels any and all previous negotiations, arrangements, agreements, and understandings, if any, between the parties, and none shalljlje used to interpret this Agreement. 10.6 Ame valid unless ma of City. The pantie, and that any attem amendment to or modification of this Agreement shall be d approved by Contracting Party and by the City Council requirement for written modifications cannot be waived e void. 10.7 Severability. In e e sentences, clauses, paragrap declared invalid or unenforceable, s of the remaining articles, phrases, Agreement which are hereby declared the intent of the parties hereunder unl invalidity deprives either party of the Agreement meaningless. at any one or more of the articles, phrases, os contained in this Agreement shall be Fity or unenforceability shall not affect any ,uses, paragraphs, or sections of this &VWWnd shall be interpreted to carry out provision is so material that its AJ1040f their bargain or renders this 10.8 Unfair Business Practices Claims. ente ' into this Agreement, Contracting Party offers and agrees to assign to City a t nd interest in and to all causes of action it may have under Section 4 of the to c 5 U.S.C. § 15) or under the Cartwright Act (Chapter 2, (commencing with do 700) of Part 2 of Division 7 of the Business and Professions Code), arising r purchases of goods, services, or materials related to this Agreement. This assi ent shall be made and become effective at the time City renders final payment to Contracting Party without further acknowledgment of the parties. 10.9 No Third -Party Beneficiaries. With the exception of the specific provisions set forth in this Agreement, there are no intended third -party beneficiaries under this Agreement and no such other third parties shall have any rights or obligations hereunder. 10.10 Authority. The persons executing this Agreement on behalf of each of the parties hereto represent and warrant that (i) such party is duly organized and existing, (ii) they are duly authorized to execute and deliver this Agreement on behalf of said party, (iii) by so executing this Agreement, such party is formally bound to the provisions of this Agreement, and (iv) that entering into this Agreement does not violate any provision of -13- any other Agreement to which said party is bound. This Agreement shall be binding upon the heirs, executors, administrators, successors, and assigns of the parties. ►IA [SIGNATURES ON FOLLOWING PAGE] -14- IN WITNESS WHEREOF, the parties have executed this Agreement as of the dates stated below. CITY OF LA QUINTA, CONTRACTING PARTY: a California Municipal Corporation JON McMILLEN, City Manager City of La Quinta, California Dated: ATTEST: MONIKA RADEVA, City Clerk City of La Quinta, California APPROVED AS TO FORM: Bv: Name: Title: By: Name: Title: WILLIAM H. IHRKE, City Attorney City of La Quinta, California -15- I ' Exhibit A Scope of Services Services to be Provided: [TO BE PROVIDED BY STAFF (include location of work)] 2. Performance Standards: [TO BE PROVIDED BY STAFF] [See Attached] Exhibit A Page 1 of 1 Last revised summer 2017 Exhibit B Schedule of Compensation With the exception of compensation for Additional Services, provided for in Section 2.3 of this Agreement, the maximum total compensation to be paid to Contracting Party under this Agreement is not to exceed ($ ) ("Contract Sum"). The Contract Sum shall be paid to Contracting Party in installment payments made on a monthly basis and in an amount identified in Contracting Party's schedule of compensation attached hereto for the work tasks performed and properly invoiced by Contracti rty in conformance with Section 2.2 of this Agreement. Exhibit B Page 1 of 1 Exhibit C Schedule of Performance Contracting Party shall complete all services identified in the Scope of Services, Exhibit A of this Agreement, in accordance with the Project Schedule, attached hereto and incorporated herein by this reference. Exhibit C Page 1 of 1 Exhibit D Special Requirements [insert Special Requirements or indicate "None" if there are none] Exhibit D Page 1 of 1 Exhibit E Insurance Requirements E.1 Insurance. Prior to the beginning of and throughout the duration of this Agreement, the following policies shall be maintained and kept in full force and effect providing insurance with minimum limits as indicated below and issued by insurers with A.M. Best ratings of no less than A -VI: Commercial General Liability (at least as broad as ISO CG 0001) $1,000,000 (per occurrence) $2,000,000 (general aggregate) Must include the following endorsements: General Lia ' ity Additional Insured General L JVRty,,Primary and Non-contributory Commerci4Ful $1,000,000 of Auto Liabil Personal Auto C at least as broad as ISO CA 0001) t) ditio ured age if applicable Errors and Omissions Lia? $1,000,000 (per claim and agg Workers' Compensation (per statutory requirements) Must include the following endors lu. Workers Compensation with Wa r ation Workers Compensation Declaration of Proprietor if applicable Cyber Liability $1,000,000 (per occurrence) $2,000,000 (general aggregate) Contracting Party shall procure and maintain, at its cost, and submit concurrently with its execution of this Agreement, Commercial General Liability insurance against all claims for injuries against persons or damages to property resulting from Contracting Party's acts or omissions rising out of or related to Contracting Party's performance under this Agreement. The insurance policy shall contain a severability of interest clause providing that the coverage shall be primary for losses arising out of Contracting Party's performance hereunder and neither City nor its insurers shall be required to contribute to any such loss. An endorsement evidencing the foregoing and naming the City and its officers and employees as additional insured (on the Commercial General Liability policy only) must be submitted concurrently with the execution of this Agreement and approved by City prior to commencement of the services hereunder. Exhibit E Page 1 of 6 Contracting Party shall carry automobile liability insurance of $1,000,000 per accident against all claims for injuries against persons or damages to property arising out of the use of any automobile by Contracting Party, its officers, any person directly or indirectly employed by Contracting Party, any subcontractor or agent, or anyone for whose acts any of them may be liable, arising directly or indirectly out of or related to Contracting Party's performance under this Agreement. If Contracting Party or Contracting Party's employees will use personal autos in any way on this project, Contracting Party shall provide evidence of personal auto liability coverage for each such person. The term "automobile" includes, but is not limited to, a land motor vehicle, trailer or semi -trailer designed for travel on public roads. The automobile insurance policy shall contain a severability of interest clause providing that coverage shall be primary for losses arising out of Contracting Party's performance hereunder and neither City nor its insurers shall be required to contribute to such loss. ProfessiL•i ility or Errors and Omissions Insurance as appropriate shall be written on a ;C4 f -rage specifically designed to protect against acts, errors or omissions of n rty and "Covered Professional Services" as designated in the policy must spea i de work performed under this agreement. The policy limit shall be no less tha per claim and in the aggregate. The policy must "pay on behalf of the insur must ' clude a provision establishing the insurer's duty to defend. The policy retroa hall be on or before the effective date of this agreement. Contracting Party shal ers' Compensation Insurance in accordance with State Worker's Co en it employer's liability limits no less than $1,000,000 per accident or disease. Contracting Party shall procure and ma limits of $1,000,000 per occurrence/loss which shall 1Cyber Liability insurance with de the �following coverage: a. Liability arising from the theft, disseminatl6'V7 f confidential or personally identifiable information; includinring and regulatory fines arising from such theft, disseuse of the confidential information. b. Network security liability arising from the unauthorized use of, access to, or tampering with computer systems. c. Liability arising from the failure of technology products (software) required under the contract for Consultant to properly perform the services intended. d. Electronic Media Liability arising from personal injury, plagiarism or misappropriation of ideas, domain name infringement or improper deep - linking or framing, and infringement or violation of intellectual property rights. Exhibit E Page 2 of 6 e. Liability arising from the failure to render professional services. If coverage is maintained on a claims -made basis, Contracting Party shall maintain such coverage for an additional period of three (3) years following termination of the contract. Contracting Party shall provide written notice to City within ten (10) working days if: (1) any of the required insurance policies is terminated; (2) the limits of any of the required polices are reduced; or (3) the deductible or self-insured retention is increased. In the event any of said policies of insurance are cancelled, Contracting Party shall, prior to the cancellation date, submit new evidence of insurance in conformance with this Exhibit to the Contract Officer. The procuring of such insurance or the delivery of policies or certificates evidencing the same shall not be construed as a limitation of Contracting Party's obligation to indemnify City, its officers, employees, contractors, subcontractors, or agents. E.2 Reme ition to any other remedies City may have if Contracting Party fails to pr de *fm insurance policies or policy endorsements to the extent and within a ired, City may, at its sole option: a. Obtain sce and deduct and retain the amount of the premiums for such insurams due under this Agreement. b. Order Contracting withhold any payment(s) which bdW Contracting Party demonstrates comp) C. Terminate this Agreement. Exercise any of the above remedies City may have. The abo� Contracting Party's failure to maintain work under this Agreement and/or Contracting Party hereunder until 3reauirements hereof. 1W remedies, how , ,e remedies not or secure Nothing herein contained shall be construed as app limiting N Contracting Party may be held responsible for paymen property resulting from Contracting Party's or its subcon under this Agreement. is an alternative to any other th&exclusive remedies for or endorsements. ie extent to which es to persons or formance of work E.3 General Conditions Pertaining to Provisions of Insurance Coverage by Contracting Party. Contracting Party and City agree to the following with respect to insurance provided by Contracting Party: 1. Contracting Party agrees to have its insurer endorse the third party general liability coverage required herein to include as additional insureds City, its officials, employees, and agents, using standard ISO endorsement No. CG 2010 with an edition prior to 1992. Contracting Party also agrees to require all contractors, and subcontractors to do likewise. 2. No liability insurance coverage provided to comply with this Agreement shall prohibit Contracting Party, or Contracting Party's employees, or agents, from waiving the Exhibit E Page 3of6 right of subrogation prior to a loss. Contracting Party agrees to waive subrogation rights against City regardless of the applicability of any insurance proceeds, and to require all contractors and subcontractors to do likewise. 3. All insurance coverage and limits provided by Contracting Party and available or applicable to this Agreement are intended to apply to the full extent of the policies. Nothing contained in this Agreement or any other agreement relating to City or its operations limits the application of such insurance coverage. 4. None of the coverages required herein will be in compliance with these requirements if they include any limiting endorsement of any kind that has not been first submitted to City and approved of in writing. 5. No liabilit olicy shall contain any provision or definition that would serve to eliminate so-calle arty action over" claims, including any exclusion for bodily injury to an emplolroL^ksured or of any contractor or subcontractor. 6. All My 7% nd limits required are subject to approval, modification and additional requirem s b ity, as the need arises. Contracting Party shall not make any reductions incoverage (e.g. elimination of contractual liability or reduction of discovery period) at ect City's protection without City's prior written consent. 7. Proof of compliance V e ' surance requirements, consisting of certificates of insurance evidencing all71n a required and an additional insured endorsement to Contracting Party's gene cy, shall be delivered to City at or prior to the execution of this Agreement.t ch proof of any insurance is not delivered as required, or in the event sKCo anceled at any time and no replacement coverage is provided, City has the rinot the duty, to obtain any insurance it deems necessary to protect its interest t r any other agreement and to pay the premium. Any premium so paid by Cc ged to and promptly paid by Contracting Party or deducted from sums duc Py, at City option. 8. It is acknowledged by the parties of this agreegFht that all insurance coverage required to be provided by Contracting Party or an contractor, is intended to apply first and on a primary, non-contributing basis in relation to any other insurance or self-insurance available to City. 9. Contracting Party agrees to ensure that subcontractors, and any other party involved with the project that is brought onto or involved in the project by Contracting Party, provide the same minimum insurance coverage required of Contracting Party. Contracting Party agrees to monitor and review all such coverage and assumes all responsibility for ensuring that such coverage is provided in conformity with the requirements of this section. Contracting Party agrees that upon request, all agreements with subcontractors and others engaged in the project will be submitted to City for review. 10. Contracting Party agrees not to self -insure or to use any self-insured retentions or deductibles on any portion of the insurance required herein (with the Exhibit E Page 4 of 6 exception of professional liability coverage, if required) and further agrees that it will not allow any contractor, subcontractor, Architect, Engineer or other entity or person in any way involved in the performance of work on the project contemplated by this agreement to self -insure its obligations to City. If Contracting Party's existing coverage includes a deductible or self-insured retention, the deductible or self-insured retention must be declared to the City. At that time the City shall review options with the Contracting Party, which may include reduction or elimination of the deductible or self-insured retention, substitution of other coverage, or other solutions. 11. The City reserves the right at any time during the term of this Agreement to change the amounts and types of insurance required by giving the Contracting Party ninety (90) days advance written notice of such change. If such change results in substantial additional cost to the Contracting Party, the City will negotiate additional compensation proportic� gal to the increased benefit to City. 12. Foetobe Oper pplying insurance coverage only, this Agreement will be deemed to havemmediately upon any party hereto taking any steps that can be deemed e of or towards performance of this Agreement. 13. Contracting acknowledges and agrees that any actual or alleged failure on the part of City t ofqntracting Party of non-compliance with any insurance requirement in no wa additional obligations on City nor does it waive any rights hereunder in this oregard. 14. Contracting Party will renMrad coverage annually as long as City, or its employees or agents face an expos eOecl* tions of any type pursuant to this agreement. This obligation applies whetherent is canceled or terminated for any reason. Termination of this obligation is ountil City executes a written statement to that effect. 15. Contracting Party shall provide proof tffl�p 9V insurance required herein expiring during the term of this Agreement have V117W% or replaced with other policies providing at least the same coverage. Proofverage has been ordered shall be submitted prior to expiration. A coveer or letter from Contracting Party's insurance agent to this effect is acceptablcate of insurance and an additional insured endorsement is required in these specifications applicable to the renewing or new coverage must be provided to City within five (5) days of the expiration of coverages. 16. The provisions of any workers' compensation or similar act will not limit the obligations of Contracting Party under this agreement. Contracting Party expressly agrees not to use any statutory immunity defenses under such laws with respect to City, its employees, officials, and agents. 17. Requirements of specific coverage features, or limits contained in this section are not intended as limitations on coverage, limits or other requirements nor as a waiver of any coverage normally provided by any given policy. Specific reference to a Exhibit E Page 5 of 6 given coverage feature is for purposes of clarification only as it pertains to a given issue and is not intended by any party or insured to be limiting or all-inclusive. 18. These insurance requirements are intended to be separate and distinct from any other provision in this Agreement and are intended by the parties here to be interpreted as such. 19. The requirements in this Exhibit supersede all other sections and provisions of this Agreement to the extent that any other section or provision conflicts with or impairs the provisions of this Exhibit. 20. Contracting Party agrees to be responsible for ensuring that no contract used by any party involved in any way with the project reserves the right to charge City or Contracting Party f the cost of additional insurance coverage required by this agreement. Any su isions are to be deleted with reference to City. It is not the intent of City to any third party for the cost of complying with these requirements. T e e recourse against City for payment of premiums or other amounts with res ec4l r 21. Contracting rees to provide immediate notice to City of any claim or loss against Contracting PaWad't of the work performed under this agreement. City assumes no obligation oruc notice, but has the right (but not the duty) to monitor the handling of anyims if they are likely to involve City. z4s Exhibit E Page 6of6 Exhibit F Indemnification F.1 Indemnitv for the Benefit of Ci a. Indemnification for Professional Liability. When the law establishes a professional standard of care for Contracting Party's Services, to the fullest extent permitted by law, Contracting Party shall indemnify, protect, defend (with counsel selected by City), and hold harmless City and any and all of its officials, employees, and agents ("Indemnified Parties") from and against any and all claims, losses, liabilities of every kind, nature, and description, damages, injury (including, without limitation, injury to or death of an employee of Contracting Party or of any subcontractor), costs and expenses of any kind, vIkether actual, alleged or threatened, including, without limitation, incidental and cons-e,al damages, court costs, attorneys' fees, litigation expenses, and fees of expe es, or expert witnesses incurred in connection therewith and costs of investig n kntme are caused in whole or in part by any negligent or wrongful act, a or sontracting Party, its officers, agents, employees or subcontractors (or any titvidual that Contracting Party shall bear the legal liability thereof) in the pe professional services under this agreement. With respect to the design of public nts, the Contracting Party shall not be liable for any injuries or property damage fro the reuse of the design at a location other than that specified in Exhibit A witho qJ en consent of the Contracting Party. b. Indemnification for OthTrA&1MWbkssionaI Liability. Other than in the performance of professional services an ont permitted by law, Contracting Party shall indemnify, defend (with counsr'Meing y City), and hold harmless the Indemnified Parties from and against any Iia liability for claims, suits, actions, arbitration proceedings, administrative pro gs, regulatory proceedings, losses, expenses or costs of any kind, whether act alleg threatened, including, without limitation, incidental and consequential dama sts, attorneys' fees, litigation expenses, and fees of expert consultants or a ses) incurred in connection therewith and costs of investigation, where th �wit rise out of, are a consequence of, or are in any way attributable to, in whole or ' rt, the performance of this Agreement by Contracting Party or by any individual or e ty for which Contracting Party is legally liable, including but not limited to officers, agents, employees, or subcontractors of Contracting Party. C. Indemnitv Provisions for Contracts Related to Construction (Limitation on Indemnity). Without affecting the rights of City under any provision of this agreement, Contracting Party shall not be required to indemnify and hold harmless City for liability attributable to the active negligence of City, provided such active negligence is determined by agreement between the parties or by the findings of a court of competent jurisdiction. In instances where City is shown to have been actively negligent and where City's active negligence accounts for only a percentage of the liability involved, the obligation of Contracting Party will be for that entire portion or percentage of liability not attributable to the active negligence of City. Exhibit F Page 1 of 2 d. Indemnification Provision for Design Professionals. 1. Applicability of this Section F.1(d). Notwithstanding Section F.1(a) hereinabove, the following indemnification provision shall apply to a Contracting Party who constitutes a "design professional" as the term is defined in paragraph 3 below. 2. Scope of Indemnification. When the law establishes a professional standard of care for Contracting Party's Services, to the fullest extent permitted by law, Contracting Party shall indemnify and hold harmless City and any and all of its officials, employees, and agents ("Indemnified Parties") from and against any and all losses, liabilities of every kind, nature, and description, damages, injury (including, without limitation, injury to or death of an employee of Contracting Party or of any subcontractor), costs and expenses, including, without limitation, incidental and consequential damages, court costs, reimburse ent of attorneys' fees, litigation expenses, and fees of expert consultants or exp nesses incurred in connection therewith and costs of investigation, to t x me are caused by any negligent or wrongful act, error or omission of Co cf officers, agents, employees or subcontractors (or any entity or individu I t C tr ng Party shall bear the legal liability thereof) in the performance of professi a under this agreement. With respect to the design of public improvements, ntracti Party shall not be liable for any injuries or property damage resulting fr a of the design at a location other than that specified in Exhibit A without th con ,Wnt of the Contracting Party. 3. Design ProfesWbaffJRJW. As used in this Section F.1(d), the term "design professional" shall be limi s architects, registered professional engineers, licensed professional land sure dscape architects, all as defined under current law, and as may be amended r t' e by Civil Code § 2782.8. F.2 Obligation to Secure Indemnification Pr ions. Contracting Party agrees to obtain executed indemnity agreements with pr io41nVeContracting cal to those set forth herein this Exhibit F, as applicable to the Contractim each and every subcontractor or any other person or entity involvedor on behalf of Contracting Party in the performance of this Agreement. Party fails to obtain such indemnity obligations from others as rrein, Contracting Party agrees to be fully responsible according to the terms oit. Failure of City to monitor compliance with these requirements imposes no additional obligations on City and will in no way act as a waiver of any rights hereunder. This obligation to indemnify and defend City as set forth in this Agreement are binding on the successors, assigns or heirs of Contracting Party and shall survive the termination of this Agreement. Exhibit F Page 2 of 2 I Q r u m INFOM1TECH So hi do Other important things for the City of La Quinta to know We would like to address the seven areas that the Opportunity Overview indicates are the specific focuses of the bid: 1. Cybersecurity City of La Quinta concerns: • Network and email system security (including anti-virus, security updates and patch management) monitoring and remediation. This should include 24/7 monitoring of the City's network, email services, and critical systems with proactive communication and escalation protocols based on the severity of any unscheduled outages • Policies, precautions and practices adopted to avoid unauthorized access and manipulation of a data center's resources Administer and manage on-going training programs and regular phish and related tests for full user population Forum Info -Tech Solutions: • FIT provides a holistic approach to Cyber -Security through the FIT Overwatch system which is monitored 24/7/365. • By connecting all devices to Microsoft Entra, FIT can layer on Microsoft Security Essentials which is a great first step in email protection, system hardening and deploying zero -trust baseline settings for all devices. From there we add SOC -supported email security, SOC - supported endpoint protection, SOC -supported SaaS monitoring and remediation, and SOC - supported Managed Extended Detection and Responses. • The next step is live Vulnerability Scanning, and when vulnerabilities are found, Vulnerability Management identifies and provides remediation. • At the Network Level, FIT Overwatch provides multiple SOC supported security products that are combined into a single platform to better corelate, detect, and respond to threats. • Firewall and Network Sensors analyze network traffic and send network logs to a central platform. All telemetry from various sources is analyzed and automated, rule books are applied increasing the speed and response to resolution of security issues. • This is deployed across the network, cloud, and endpoint infrastructure. • FIT will help provide policies and practices to avoid unauthorized access and manipulation of data center resources. • The FIT Overwatch products all "talk" to each other rather than acting as standalone sentries. This ensures the greatest level of security for the City. The FIT Overwatch System can be pictured like this: Vulnerability M—na ent Managed Secure Edge OT/rO7 security Patch ryyas Management Monitoring Threat Prevention Security Awareness Training Email Security �urrtY Operations Cpm rerwatcFl SOAR= Extended Detection and Response (MXDP) Detection and Response Endpoint Detection and Pesponse (MOWEOP) THE FIT WORKSPACE SECURITY PAGE (see screen shot) Network E,etection and Response (NDRJ NOC Based Events In the FIT Workspace, under Security Services, click on Security Alerts to see the most recent alerts P U 0•s.p Ncrrga. ,l Foran mrPTwh ufo'P.vogs xan hRttoldt Seclrtity Aletts nle OrAm palWtlme i .—WLw pr[ O. ( N9h M4-CQa 1334A wenaw gnn. unremner-.inn uea — i -w —1- -k-- f_j Peeolmd Wprelemr. - -dl— 20o1-0rd0 Na9:m �e aw,w rf.elreoorme bd sei ea 1 C=law x[aa.aane :�ts.ex �Nwv Fmolrmoreldbl uuronnrTJlrk C=Lew ]0llffio6 x19@ox 1 veen.r, Bne.. �,mlr vaketrr :arreandiw� C=I -e,. m—imm Mme n¢w .�Mnl &rbn:ae�ol�Pewhn paietl Orf—k*O N24-02-0579.45:03 nerrcn� - 4 �eeri- e=_Iaw 8 OBa Cx! gu.w FmYnoormehr•eei send Jerk (-Lox RW,4r'mM tattoo („ awse:w� Y xe.. creenonm Id..n�a•r.era-Ina, � Irtamexnnrr 2memao ti ao:oo (1 tPmoB—p6 imwnyr.pup del .f°&nukes qp ,aiM �Irr. ® 4xun 9. .$ FlrFeidinln ® rrow mn 2. Network Reliability City of La Quinta concerns: • Network management and infrastructure support, including installation, configuration, administration, and maintenance of all network equipment including switches, firewalls, routers, cabling, wireless access points, and other devices. • Ensuring consistent internet connectivity for all City facilities • 24/7/365 system monitoring and email monitoring • Nightly backup plan for the critical servers, including a regularly -tested recovery process • Proactive communication and escalation protocols based on the severity of any unscheduled outages • Remote / Cellular communications support (Squad Cars, Terminal Services, PCs, laptops, tablets and Smartphones) • Vo1P/Analog telephone management and support Forum Info -Tech Solutions: • FIT has 20 years experience in the Inland Empire supporting, administrating, and maintaining full networks including Azure and AWS cloud networks, servers, switches, firewalls, routers, cabling, wireless access points and other devices. • Our centralized department is tasked with regularly applying firmware updates, blocking unnecessary ports, and configuring management ports only accessible from certain IP addresses to reduce the risk posture. • All equipment configurations are backed up for quick recovery. • FIT has strong experience in working with ISPs to ensure consistent internet connectivity for users. We can recommend multiple solutions such as Satellite Internet, SD -WAN, Line of Sight and other solutions for redundant Internet connections. • FIT provides 24/7/365 system and email monitoring, as well as 24/7/365 live technical support using our Secure Care Email Threat Protection server which quarantines email that is not caught by Microsoft systems. • Back-ups can be performed at the client's desired schedule, and back-ups are regularly tested (sometimes automatically) but complete failover testing must be done. There are various ways to configure Hot -Hot, Hot -Cold and Hot -Warm sites which all come at different costs. • FIT provides multiple methods of communication including with the technical team including the FIT Workspace, email and telephone. • Policies and procedures for the City of La Quinta will be defined, documented, and implemented by Department or City-wide as deemed necessary. • FIT has vast experience working with other Cities to provide remote/cellular support for all departments including the Police (squad cars, body cam, etc). We also have several RDS or Terminal Services deployments. • FIT currently supports a large multi -site Mitel Hybrid Deployment (Cloud and On Premise) for another client. FIT worked with and authorized Mitel Service Provider to help architect and deploy the Mitel phone system, and supports it with onsite technical resources. Device/Hardware Management City of La Quinta concerns: • All maintenance, monitoring, and support for hardware (server, desktop, laptop, mobile), and inventory control and management (hardware and software) • Selection of commercially rated equipment, order placement, order tracking, shipping, equipment returns, and sourcing and ordering of replacement parts • Changes to the location or configuration of existing equipment or software, and installation of additional equipment or software • Process for end -of -life notification, replacement, and asset decommissioning/disposal • Delivery and setup of machines onsite Forum Info -Tech Solutions: • FIT will provide two onsite technical resources that will handle maintenance and support for all hardware. • Monitoring is done with our global technical team. • Security monitoring is provided by our US based Security Operations Center (SOC). • FIT currently maintains "End of life" and disposal of hardware for other comparably sized cities. • FIT has a Project Management team that orders hardware for clients. • FIT will have two onsite technical resources that can set up machines on site as well as other technical resources in the Inland Empire should a more complicated installation be needed. • Hardware inventory is available for view directly through the proprietary FIT Workspace. • In addition, FIT ties hardware as found in the FIT Workspace directly to billing. o If the City removes units (we noted that the number of Workstations/Laptops has a planned reduction), invoicing will be reduced with the next billing cycle. Conversely, if the City adds users/servers/workstations, that too is adjusted automatically the next billing cycle. THE FIT WORKSPACE INVENTORY PAGE (see screen shot) • Under WORKSTATION CARE, click on "Assets" to see your live inventory of workstations o View the "name" of the asset o Warranty (if entered) o Site where the asset is located o Contact for the asset o Last log in by the user o Model of the workstation o Operating System Workstations/Assets -- - Workstations .411 A. dM1 r� a 1•IdfRged YVOrk StdllOrl Ceenv amr fa ... �Im Eu— F1T- �n ImActive Ima11.-7 v.elvl.enner Dell 17 Im .Iwn �. �v.lrle1prrvn ul t=� Ea1c 9�cuxRx rrr.r.�r.we� � m Unk Mnown cPu 2, 1 Wd(R) CMUM] 15L&40H CPU V 2.50GHi l� .;- App Ms.lpO'neril '�� No. 1lArwkto-*N 911. CMw Leen iac 9til loppcd'n py !1L r....t Nare¢lve ® ❑ee.rd Llnkaswl nobP®lea FrTa981l Gj1E£wd F.I. ibeclem353d Windows ld£nMPr.. U-NAlee w —Y uk— fiTllxsrn]I" him LarclMe rsaao wndowr to wuat. e, user4¢sms ® £ITgIlp rlOpp wkluwn Mde� filr0l9hulb] F1'AaEF�UPFRC1LTBn IBIS. geFracp ProB 'NI1dGVF 11 *k]me oL y Appl--J.. ® £IT#leme kink— Men .—Mk. rmSvfm Felt[ Suis Pm❑ wnd—N£n[eip.. Frrw -01 Unk.- 41N, ft.rd.Pa44. enlsiP3l9re¢OryMt rwl 1.090, 5M YAndcwk1111444 Tim Lie%.— Mm Pinarto Feb de rnnlrrn ger rete. InepimmUR-�6 Wi .11 Man,ew-. AFnB UMMM Men Rleente FBL»)a U TOR3.r^JA3F.FSIAke fele. WMdowe 11 Horre SL El 1] r 4ntnotitn M.n aken Saul ki nE9kTpP PE6aa dlr {kle. lee FAme]BY12r1 Whdcw. IO WorreN 1I `�� Enc [nnr✓as Link— Mm aBsn aukC oEslcTa LOMSO'n— Falw —I.— wtMows la Enea�p. NYecrtcera r- Llekm— OEBT�>iP(*Or . rale. —,—Prp6 --d— 10 �neG 8 Wle Cxe I i1 '.a�• UrL%.— Mss+ rsIWEJ uky nE8P.T'OPA.6Ttq_. — fele. 1-;d .3528 Whdava 10 EnbW Seeueiry - m Je..b Un— Mevi sh-GF.l.1 DESKTOP ATdFi69uxohdaree Nim N—.3910 Wndavell ft—.. acewxe mV.-S.Vwy woowl M.- 91Rnf11ku LAFFOP-6LBLWFPd18er F.I. 21 MEEDD 'nindaYk'11 Fr6bM1. g CdB16 If you click on any asset (for this example I clicked on the top Unit "Richard", you can then see Details, Patches, and installed Applications by clicking on the appropriate tab DETAILS Workstations Richard FEET r'I.`' MA ES INSTALLED APPLICATIONS .411 A. dM1 r� a 1•IdfRged YVOrk StdllOrl Ceenv amr {ticha[G �Im F1T- �n ImActive Ima11.-7 v.elvl.enner Dell 17 Im .Iwn .•___e.r PreClaeDA 3590 ��i t=� Ea1c 9�cuxRx rrr.r.�r.we� � m Unk Mnown cPu Wd(R) CMUM] 15L&40H CPU V 2.50GHi l� LnF9.lag9 FredTolat Im C: 15210 Me 283023 MO Lert k�yee M SKr F17 WK3T 161Rkhard as lavoee r fa15e ki£NI oer 8/22/2021 ue..e4u Laptop • Windows *V- 202,16.0.0 Alert lows plSconrseCted Lcamem a Pmfesslanal w m.re 192.tea-T,dO 6s Ty" Micimoft windows 10 enterprise 64-61L M � 10.0.19043 PATCHES orkstations Richard DETAILS F.AI4HI -. NSTALLED APPLICATIQNS Mtl0ne Narns. L��'l1' fddr Fe.M � rr flrNq n-�adrm �m�n�d mri =•l QHJ - IeolimralW Alram r.n me �il�1r E ..her _:urs Me!1' Set INSTALLED APPLICATIONS X ❑� NelWetlm Richard rcz11R rnlucaon.raET Premewolk a.e.1 :or vnndowalo Version 22H2 fw><se Nw lnatelFeo [xasQllD.sl Rlattex-SeRwareCanppaern= Li[et�ie 11.0 6000 854 Nnl irylalred lmel-sryeem-a Tapapr.ze9za rvo+instaped IrAel Corporavon-4isyraT_ 300101 7315 Nw 1n5'Who fdeeM1ek-safD1'Are0ttnparcm-1.Q.Q.539 14-1kU NVIDIA-Dlspley-31.615.3546 Nellnstalled Intel CuKrallm-Fltemldn- Igu Pavlov 30010] ]3% Noir llec ¢ldcentn C-nns atl Ina - — Not 1 lsllec 120.01118 Ml - Soft—a mponerlL- T d22fYta_ iQ2 Not Instakc! INTEL -5y9--18-1.16.8 Nal lrt8talled 1nIel Corporation-Erlerxdon= P9croaoft Vleeal CH 20191L85 Mini nn MMMe_ 1 d 29 30133 27.201DD.9664 Npl lrvstabed Ova1r-8lueeodF -1808128& Nm mm kd -11 Richard Ae�eer'.Wine DETAILS PATCHES INV:&LLM APPL1CAT]ONG Li[et�ie Halm 4 PIrWMwr Y da1� Y Y 7r-rp 23.07 fp64j Igu Pavlov mF!f F•' QoptfeGhIXne Q9ogle LLC S'221i0244:00. 0�M mrTHr:i P9croaoft Vleeal CH 20191L85 Mini nn MMMe_ 1 d 29 30133 M OftCorpIXw. nFlaF2022 5'0090 PM mTiT-Stir AY—Ft Viaid off 2O1 Mort9 RediehaLA.IbL [ea61_ LNcrosaft Cm p>A1ion m16.29.97133 h rosoft Visual CH 2019 ](86 Add ft ml. Ti�n Mx:o:oft Corpaatlon 6f18."20 22 5 0 0.9 0 PA1 F'4i'so 1629��Y{u2' ® u' De808fteco YTool Daltlnc. 9f161P0235'00:08%1 Open1'PN 2.57-1502 anAM4 op""PN, IM. 0/29=22 5:08100 PM a—P kat Tracer a 1.15 a 8i[ Cruz Systema, Nc 711 'non S oo:00MI mprst«n Plomod Headler N-abi. 6r1cn Mr uwft llpdar9 Health Tppl5 hh=wFtcwKra11w 11i9.!20236009PPM I Paw%Far FA9e 1Q - I is �. -� I.1isk 5 Inelallrtion .t e� Customer Service/Help Desk Support City of La Quinta concerns: • 24/7/365 help desk support (on-call, after-hours on-site and remote support) • Work order/ticketing system to track reported issues, accessible to authorized City staff Forum Info -Tech Solutions: • FIT provides 24//7/365 live helpdesk support remotely. • FIT has onsite technical support at other clients where schedules/hours are adjusted to accommodate non-standard business hours, such as late nights (City Counsel meetings, events at a venue, etc) where an onsite technical support person is desired. FIT employees work 40 hours/week, so those hours are then adjusted during "normal" business hours. • Authorized City Staff can see all the tickets directly through the FIT Workspace (Example below) THE FIT WORKSPACE SERVICE TICKETS (see screen shots) Any user in the City can see their own service tickets that are open or closed. They can also CREATE a ticket directly through the FIT Workspace; A USER VIEW OF CLOSED TICKETS (I don't have any open tickets so there was nothing to show) ;' �NFo-TLGN r7—mr. rS s Se— Tickets ry �gm� I—d 1,f ] GinnYn 1—. .. r••.. rte. � a� 1� rldp ' tl FYIMi W4�WYi IAM7 S -044R IIf�NIMbIM A1dlldpimPi y � .A'riure lmexdlo Filum ln!b Thti, Inch-Irsk uo.M 1:1*V :A='9L16 %A tlm�d PrtuM] iYu �r Y�Awn�fale[FM � ro28avd fY.t_L $�rer. Rpirv�fm..•wep wuiwwo:elxwal�uanr In trxcn _fTlSw oc.ed rnmgs rmam mpmre^w�cr.na L wan - 'l�iL3l nr.w��w'rbvw vv�oza rCaz+lw uoeed rnsb3 rw ear mrplorunnbbm�xt b __. .mw» �+nrwlc9�'•+r>ro�+r�r*.wvsu. a+A v r. ss3 +i Wo rr.. owe nnrt�� rw�Fr 1n�rprnn 'rt Click CREATE TICKET at the upper right corner and a screen pops up to create that ticket. • Tickets can also be created by emailing help@foruminfotech.net • Tickets can be created by calling our help desk 24/7/365 CREATE A TICKET IN THE WORKSPACE x An ADMIN within the CITY can see all open or all closed tickets. • The FIT Workspace is role based, so most people see only their own information. • Administrators have the ability to see a lot of information within the Workspace. AN EXAMPLE OF SEEING "ALL" COMPANY TICKETS, OPEN AND CLOSED (click the check box for open/closed/or both) IYF0.TECM uPodspam seMGf ngkets � wrna�„dr ■ rfoeea ua�, s cevpser uta aavemem .a �mmeweaac�ama„w.kwwcewewwae.n Pmakme rnM rmxI aa.n'91. I . F I nn amrmee ,ramxt ,eM wan�rq �icae. � ✓ry. Y2hR@a5 e)a�eN Wael�gmr•.i.wey & j � ... .... :: . # e.r.e1 e.�aeeae., •s'�q Fwywe 4a9F+a.nurmci nd �renalvkY prenP!"'M'�^Me•n.•ea Cramt7k:km .. . •• All ism —6d—A iM an,�,a,maa,y p d�Rnn±-}• . s»pecerh' c..m.o Jp191[N aaaa111 �a .. .,nn i � Inm tam - �i.iffi 3i.1PP➢ Md'qu` Cwnn' At eda•'r"e nrn Gert x4 I!1 �Pr ktenegerre +3;,ue, Fw —.— oncxeeenenee I a�o1a !le �mrym .nec gly+gi F'x.fr.ccwirthea rup�pe�Fy�bhx dor,docXym,ily xhx. Pnp.W&IPe&'mlk�x>�.lu.� C �eP 9l£rar aYi �,iS, 1N�ae.[•A+iiFnn Pv Weae[stlea[the,rerl�sfallanm�detlie peEkmlehappeNnq,iFeppYcaCk: L '_�' ❑ NM a► cmwR T r,_�wr, :.cps ❑ cern saeo.':m M�,aWr:wbda,.ellF�eann erena,aue .we'i wgl ❑ decoo uc.cear, w.b,,ve �, wema+ e.•e�s�rea D h'er. Minoevft Yhdxae lO Erteprae blM Even Sunda rely ❑ P�,r• Mk+owR Ylnlara lV Fu+'e pxya rb'en 9�e,lr i1 ;s �,. ❑ elk: as -elle M'vamil wrm..a le[,auprcaeeaL mlen�iwW ❑ LaW, tltromhwMmax is l-tr,e 646f Sean 9mlla x An ADMIN within the CITY can see all open or all closed tickets. • The FIT Workspace is role based, so most people see only their own information. • Administrators have the ability to see a lot of information within the Workspace. AN EXAMPLE OF SEEING "ALL" COMPANY TICKETS, OPEN AND CLOSED (click the check box for open/closed/or both) IYF0.TECM uPodspam seMGf ngkets � wrna�„dr ■ rfoeea ua�, s cevpser uta aavemem .a �mmeweaac�ama„w.kwwcewewwae.n Pmakme rnM rmxI aa.n'91. I . F I nn amrmee ,ramxt ,eM wan�rq �icae. � ✓ry. Y2hR@a5 e)a�eN Wael�gmr•.i.wey & j � ... .... :: . # e.r.e1 e.�aeeae., •s'�q Fwywe 4a9F+a.nurmci nd �renalvkY prenP!"'M'�^Me•n.•ea Organizational Governance City of La Quinta concerns: • Support La Quinta rules and regulations and provide best practices and recommendations • User onboarding/offboarding • Active Directory management • System, network, and application documentation • Regular reporting on purchases, assets, current activities and issues, and project status reports • Customized policies related to the use of technology Forum Info -Tech Solutions: • FIT and its staff will support the La Quinta rules and regulations. • FIT provides recommendations for improvement based on best practices, including governance and cyber security, "hardening" of the systems for safety. o Please see examples of FIT written polices for Network Management, Security Awareness, Vendor Management, Acceptable User which are attached with this quote. We can/will create the some types of policies for the City. • FIT regularly onboards and offboards, and can create a "library" of videos on technology training and/or how to use specific software provided by FIT. Those videos can then be used to onboard and offboard at one's leisure. • FIT provides excellent documentation and uses IT Glue, an industry standard, to maintain documentation. • Administrators within the City can have access to the La Quinta IT Glue documentation. • FIT provides monthly reports as needed. Many issues/assets/etc. are available directly through the FIT Workspace so some reports are no longer needed. Additional resources are connected to the FIT Workspace monthly. • FIT will provide guidance on technology policies and will also help draft them. • Active Directory is managed, and the FIT Workspace is tied directly to Active Directory. o FIT employees can add or remove users from Active Directory, create emails, etc. o Administrators within the City can add or remove users in under a minute using the FIT Workspace. THE FIT WORKSPACE: ADD OR REMOVE A USER FROM OUTLOOK (see screen shots) CLICK "ADD A USER" Under User Care Forum-� P i ` user Management � � turd. IOLxtE1 C Ye.x: I_ _ AIXrvce,thna ca. RII eraIXea accourns �excepT r[s xcu,neei / � '• NMn. 4y�My Bytl G LSM iN ftw tqw r.pOr MG �[.nG.N AaouRTryn w.�o - .ek yMen ciiyii rWG orwrMme.li i�Fl Mix.wrn.n�r+wPn.m A P. eapemme �ed8uaa �m9�w. term ui«�s�'✓n.,.oleen iyr ,719111o7a T'P9 caw � ■i ueeenn �•xr,�. ��ra.,re�r�msn �! o-.,��. Nrr,� �gr��Mm.e,[.L TTravrwo roemru ;ei us A Wizard Pops up and walks you through adding a User. -,iren3fo-umir.fr.,:ech..rt Create New Account Account Types Which kinds of accounts will this user need? Ll Levelcloud Microsoft 365 0 CANCEL er i c,n fo r um; n Fite ch. n et You are asked if you want to use an existing template. T. rrtV luu� I y e'i 1 • If you're adding an Admin and they should be set up exactly as another Admin, or a Policeman who should have the same Distribution Lists as another, simply use that other account as a "template". • The user of technology decreases mistakes by having someone "forget" a distribution list and assures that nothing is missed during set up. Once you choose the template (a person), you are prompted to click next. The FIT Workspace will go in to Active Directory and set up the user based on the template chosen. Create New Account User Selection wju:d •;uj lire 7u :nt an Lk l ling user as a template' vrs `q �rian Llama= '_a. e -s .ce va.r i. ar w�l• be ueetl as a 3empkre What will be copied E -Mail Distribution Groups Venue M—gemeni office Support Team RT Genote Desk evenenlnhrx wcorning Bvengpi nil ne_putgoing S.rA- Desk Teem CAtKEL Simply fill in the information requested, click "Next", and the person is added to Outlook in about 1 minute. Create New Account X Microsoft 365 Account First Name Last Name Full Name Username Password Q bax.4951 Doman Select a domain Select the domain suffix for this user account GENERATE PASSWORD Select the licenses: Ne Licenses Selected Li Available Conferencing Available: 2 ❑ Azure Active Directory Premium P2 Available. 25 Communication Credits Available: 10000006 Dynamics 355 Sales Professional Li Available: 10000 ❑ Microseft 365 Business Premium Available: 7 Mic-ft Power Aulwnale Free Q CANCEL f PREVIOUS 4 - To REMOVE A USER the process is the same. Click on a User in the FIT Workspace and you can: • Disable a User • Reset a Password for that User • Recover a compromised Account • Click to see their Workstation Information • And more RESET PASS WO RD I o DISABLE ACCOUNT I X CLOSE Service details Workstations FIT PhishNet status MICROSOFT 365 LEVELCLOUD 40 RECOVER COMPROMISED ACCOUNT I C REFRESH I a SAVE Account information Display name' Brian Llamas First name" Brian Last name' Llamas microsca 365 username' CLICK DISABLE ACCOUNT and a Wizard pops up just like adding a User. Aeroun, informati Disable Account: Brian Llamas nai Which accounts should be disabled? Should the Levelcloud account be disabled? c+ Yes No Should the Microsoft 365 Account (the account used to access this website and emalls) be disabled? © Yes ; No 0 CANCEL I C- -�M NFXT You are asked what to do with the emails. • Keep them in the account (probably no)? • If not, where should they be sent (choose a user)? • Do you want an auto reply to be sent when the disabled account gets an email? The Wizard walks through the process and automatically disables the account Disable Account: Brian Llamas What would you like to do with the mailbox? Should this mailbox still receive external emails? (_} Yes © No Who should have access to this mailbox') fi Ahlora Mae Singh J Biren Shukla D Brian Llamas Careers Carlos Bastidas I E PREVIOUS > SUBMIT Click to Reset a Password Reset Password x Reset password for Brian Llamas Account type• Nothing selected For which accDun- s should the password be reset? Password =crier password Confurn password Confirm password 0 Farce password change on next logon Click to Recover an account Recover compromised account x Do you suspect this account has been hacked, and an un -authorized person is currently accessing it? We collected inforrrmatiou about the account and hereare some things that could be suspicious - G%/ No suspicious forwarding rules were found ,I Checking mailbox forwarding... Management of Existing Enterprise Applications City of La Quinta concerns: • Recommend improvements to existing systems • Maintenance and/or troubleshooting of existing systems • All Microsoft 365 software and systems support • Evidence -based familiarity with existing La Quinta technology Forum Info -Tech Solutions: • FIT is a highly innovate company as displayed by the creation of the FIT Workspace, a client facing portal and productivity tool used to solve simple day to day IT issues and support requests. • In the long term, FIT believes that all applications should be transitioned to the cloud or SaaS alternatives should be found to replace the legacy client/server systems. • The current model of maintaining a onsite server infrastructure is too expensive. We recommend a Hybrid Network with some onsite servers while others are migrated to an Azure/AWS cloud based infrastructure built on AWS or Azure GovCloud. • FIT is an authorized AWS GovCloud partner and can easily migrate a lot of these standard applications to cloud based servers or a SaaS alternative. • FIT will effectively support all Microsoft 365 software and systems. • FIT is familiar with much of the software listed by the City because of our work with other similarly sized Cities. We are very skilled with troubleshooting application issues since we host so many different applications in multiple industries using tools like ProcMon. • The Technology stack at La Quinta is familiar to FIT. We have done hundreds of projects over the past 20 years and migrated hundreds of clients/solutions to the cloud. • FIT just wrapped up a successful cloud migration for a medical client whose incumbent MSP (also the City's incumbent MSP) was unable to make that cloud migration over a two-year period. FIT completed the off-boarding/on-boarding, and cloud migration in less than three months. Strategic Adoption of New Technologies City of La Quinta concerns: • Proper implementation of new technology • Technical evaluation of new technology as it relates to the current technology environment • Formal evaluation of new hardware and software • Deployment planning for business applications Forum Info -Tech Solutions: • The FIT virtual CIO will work with the City on long range plans and set quarterly goals. • The priority, and the key to success of most implementations, rests in asking questions up front, planning a sound strategy, and then executing the plan. • FIT will use the MyITProcess system to create a Strategic IT Roadmap for the City, creating quarterly plans for 12-18 months in the future. • Experience shows that with changes in City Managers, Mayors, and Council members, it is very important to have records of work completed, work in progress, work on hold, and planned work, etc. Your Strategic Roadmap and MyITProcess provides that. • FIT can add projects as needed for evaluation of hardware/software and deployment of same. • FIT follows the Prepare/Plan/Design/Validate/Deploy methodology. A statement of work is agreed upon before executing any project with goals, projected timeline, estimated hours and costs. A Project Manager is assigned to work with the client and/or vendor of vendor help is required (often for software deployments). • Deployment typically occurs in non-business/nights/weekends so product can be deployed and tested prior to users working for a minimum of disruption • See the FIT Services Guide for an overview of Project definitions and costs. Acceptable Use Policy Purpose Acceptable Use Policy, version 1.0.0 Status: ❑X Working Draft ❑ Approved ❑ Adopted Document Owner: Forum Info -Tech Management Last Review Date: February 2024 The purpose of the Forum Info -Tech Acceptable Use Policy is to establish acceptable practices regarding the use of Forum Info -Tech Information Resources in order to protect the confidentiality, integrity and availability of information created, collected, and maintained. Audience The Forum Info -Tech Acceptable Use Policy applies to any individual, entity, or process that interacts with any Forum Info -Tech Information Resource. Contents Acceptable Use Access Management Data Security Email and Electronic Communication Hardware and Software n+-,--+ Privacy Removable Media Social Media Incidental Use Forum Info -Tech Internal Page 1 of 7 Forum Info -Tech Acceptable Use Policy Policy AccentnhlP I I - Personnel are responsible for complying with Forum Info -Tech policies when using Forum Info - Tech information resources and/or on Forum Info -Tech time. If requirements or responsibilities are unclear, please seek assistance from the Forum Info -Tech Management team. Personnel must promptly report harmful events or policy violations involving Forum Info -Tech assets or information to their manager or a member of the Incident Handling Team. Events include, but are not limited to, the following: o Technology incident: any potentially harmful event that may cause a failure, interruption, or loss in availability to Forum Info -Tech Information Resources. o Data incident: any potential loss, theft, or compromise of Forum Info -Tech information. o Unauthorized access incident: any potential unauthorized access to a Forum Info -Tech Information Resource. o Facility security incident: any damage or potentially unauthorized access to a Forum Info - Tech owned, leased, or managed facility. o Policy violation: any potential violation to this or other Forum Info -Tech policies, standards, or procedures. Personnel shall not purposely engage in activity that may o degrade the performance of Forum Info -Tech Information Resources; o deprive authorized Forum Info -Tech personnel access to a Forum Info -Tech Information Resource; 0 obtain additional resources beyond those allocated; 0 or circumvent Forum Info -Tech computer security measures. • Personnel shall not download, install, or run security programs or utilities that reveal or exploit weakness in the security of a system. For example, Forum Info -Tech personnel shall not run password cracking programs, packet sniffers, port scanners, or any other non -approved programs on any Forum Info -Tech Information Resource without prior approval. • All inventions, intellectual property, and proprietary information, including reports, drawings, blueprints, software codes, computer programs, data, writings, and technical information, developed on Forum Info -Tech time and/or using Forum Info -Tech Information Resources are the property of Forum Info -Tech. • Forum Info -Tech Information Resources are provided to facilitate company business and shall not be used for personal financial gain. • Personnel are expected to cooperate with incident investigations, including any federal or state investigations. • Personnel are expected to respect and comply with all legal protections provided by patents, copyrights, trademarks, and intellectual property rights for any software and/or materials viewed, used, or obtained using Forum Info -Tech Information Resources. • Personnel shall not intentionally access, create, store or transmit material which Forum Info -Tech may deem to be offensive, indecent, or obscene. Access • Access to information is based on a "business need". • All remote access connections made to internal Forum Info -Tech networks and/or environments must be made through approved, and Forum Info -Tech -provided, virtual private networks (VPNs). Forum Info -Tech Internal Page 2 of 7 Forum Info -Tech Acceptable Use Policy • Personnel shall not divulge any access information to anyone not specifically authorized to receive such information, including IT support personnel. • Personnel must not share their (personal authentication information, including: o Account passwords, o Personal Identification Numbers (PINs), o Security Tokens (i.e. Smartcard), o Multi -factor authentication information o Access cards and/or keys, o Digital certificates, o Similar information or devices used for identification and authentication purposes. • Access cards and/or keys that are no longer required must be returned to physical security personnel. • Lost or stolen access cards, security tokens, and/or keys must be reported to physical security personnel as soon as possible. • A service charge may be assessed for access cards, security tokens, and/or keys that are lost, stolen, or are not returned. Data Security • Personnel should use approved encrypted communication methods whenever sending confidential information over public computer networks (Internet). • Confidential information transmitted via USPS or other mail service must be secured in compliance with the Information Classification and Management Policy. • Only authorized cloud computing applications may be used for sharing, storing, and transferring confidential or internal information. • Information must be appropriately shared, handled, transferred, saved, and destroyed, based on the information sensitivity. • Personnel shall not have confidential conversations in public places or over insecure communication channels, open offices, and meeting places. • Confidential information must be transported either by an Forum Info -Tech employee or a courier approved by IT Management. • All electronic media containing confidential information must be securely disposed. Please contact IT for guidance or assistance. Email and FlPrrrnnir Cnmmi inirnrinn • Auto -forwarding electronic messages outside the Forum Info -Tech internal systems is prohibited. • Electronic communications shall not misrepresent the originator or Forum Info -Tech. • Personnel are responsible for the accounts assigned to them and for the actions taken with their accounts. • Accounts must not be shared without prior authorization from Forum Info -Tech IT, with the exception of calendars and related calendaring functions. • Employees shall not use personal email accounts to send or receive Forum Info -Tech confidential information. • Any personal use of Forum Info -Tech provided email shall not: o Involve solicitation. o Be associated with any political entity, excluding the Forum Info -Tech sponsored PAC. o Have the potential to harm the reputation of Forum Info -Tech. Forum Info -Tech Internal Page 3 of 7 Forum Info -Tech Acceptable Use Policy o Forward chain emails. o Contain or promote anti -social or unethical behavior. o Violate local, state, federal, or international laws or regulations. o Result in unauthorized disclosure of Forum Info -Tech confidential information. o Or otherwise violate any other Forum Info -Tech policies. • Personnel should only send confidential information using approved secure electronic messaging solutions. • Personnel should use caution when responding to, clicking on links within, or opening attachments included in electronic communications. • Personnel should use discretion in disclosing confidential or internal information in Out of Office or other automated responses, such as employment data, internal telephone numbers, location information or other sensitive data. Hardware and Software • All hardware must be formally approved by IT Management before being connected to Forum Info -Tech networks. • Software installed on Forum Info -Tech equipment must be approved by IT Management and installed by Forum Info -Tech IT personnel. • All Forum Info -Tech assets taken off-site should be physically secured at all times. • Personnel traveling to a High -Risk location, as defined by FBI and Office of Foreign Asset control, must contact IT for approval to travel with corporate assets. • Employees shall not allow family members or other non -employees to access Forum Info -Tech Information Resources. Internet • The Internet must not be used to communicate Forum Info -Tech confidential or internal information, unless the confidentiality and integrity of the information is ensured and the identity of the recipient(s) is established. • Use of the Internet with Forum Info -Tech networking or computing resources must only be used for business-related activities. Unapproved activities include, but are not limited to: o Recreational games, o Streaming media, o Personal social media, o Accessing or distributing pornographic or sexually oriented materials, o Attempting or making unauthorized entry to any network or computer accessible from the Internet. o Or otherwise violate any other Forum Info -Tech policies. • Access to the Internet from outside the Forum Info -Tech network using a Forum Info -Tech owned computer must adhere to all of the same policies that apply to use from within Forum Info -Tech facilities. Privar-11 • Information created, sent, received, or stored on Forum Info -Tech Information Resources are not private and may be accessed by Forum Info -Tech IT employees at any time, under the direction of Forum Info -Tech executive management and/or Human Resources, without knowledge of the user or resource owner. Forum Info -Tech Internal Page 4 of 7 Forum Info -Tech Acceptable Use Policy • Forum Info -Tech may log, review, and otherwise utilize any information stored on or passing through its Information Resource systems. • Systems Administrators, Forum Info -Tech IT, and other authorized Forum Info -Tech personnel may have privileges that extend beyond those granted to standard business personnel. Personnel with extended privileges shall not access files and/or other information that is not specifically required to carry out an employment related task. Removable Media • The use of removable media for storage of Forum Info -Tech information must be supported by a reasonable business case. • All removable media use must be approved by Forum Info -Tech IT prior to use. • Personally, owned removable media use is not permitted for storage of Forum Info -Tech information. • Personnel are not permitted to connect removable media from an unknown origin without prior approval from the Forum Info -Tech IT. • Confidential and internal Forum Info -Tech information shall not be stored on removable media without the use of encryption. • All removable media must be stored in a safe and secure environment. • The loss or theft of a removable media device that may have contained any Forum Info -Tech information must be reported to the Forum Info -Tech IT. Social Media • Communications made with respect to social media should be made in compliance with all applicable Forum Info -Tech policies. • Personnel are personally responsible for the content they publish online. • Creating any public social media account intended to represent Forum Info -Tech, including accounts that could reasonably be assumed to be an official Forum Info -Tech account, requires the permission of the Forum Info -Tech Communications Departments. • When discussing Forum Info -Tech or Forum Info -Tech -related matters, you should: o Identify yourself by name, o Identify yourself as an Forum Info -Tech representative, and o Make it clear that you are speaking for yourself and not on behalf of Forum Info -Tech, unless you have been explicitly approved to do so. • Personnel shall not misrepresent their role at Forum Info -Tech. • When publishing Forum Info -Tech -relevant content online in a personal capacity, a disclaimer should accompany the content. An example disclaimer could be; "The opinions and content are my own and do not necessarily represent Forum Info-Tech's position or opinion." • Content posted online shall not violate any applicable laws (i.e. copyright, fair use, financial disclosure, or privacy laws). • The use of discrimination (including age, sex, race, color, creed, religion, ethnicity, sexual orientation, gender, gender expression, national origin, citizenship, disability, or marital status or any other legally recognized protected basis under federal, state, or local laws, regulations, or ordinances) in published content that is affiliated with Forum Info -Tech will not be tolerated. • Confidential information, internal communications and non-public financial or operational information may not be published online in any form. • Personal information belonging to customers may not be published online. Forum Info -Tech Internal Page 5 of 7 Forum Info -Tech Acceptable Use Policy • Personnel approved to post, review, or approve content on Forum Info -Tech social media sites must follow the Forum Info -Tech Social Media Management Procedures. VoiceMoil • Personnel should use discretion in disclosing confidential or internal information in voicemail greetings, such as employment data, internal telephone numbers, location information or other sensitive data. • Personnel shall not access another user's voicemail account unless it has been explicitly authorized. • Personnel must not disclose confidential information in voicemail messages. IncicJPnro1 Use • As a convenience to Forum Info -Tech personnel, incidental use of Information Resources is permitted. The following restrictions apply: o Incidental personal use of electronic communications, Internet access, fax machines, printers, copiers, and so on, is restricted to Forum Info -Tech approved personnel; it does not extend to family members or other acquaintances. o Incidental use shall not result in direct costs to Forum Info -Tech. o Incidental use shall not interfere with the normal performance of an employee's work duties. o No files or documents may be sent or received that may cause legal action against, or embarrassment to, Forum Info -Tech or its customers. • Storage of personal email messages, voice messages, files and documents within Forum Info - Tech Information Resources must be nominal • All information located on Forum Info -Tech Information Resources are owned by Forum Info - Tech may be subject to open records requests and may be accessed in accordance with this policy. Definitions See Appendix A: Definitions References JJJFFW02: MIST CSF: PR.AC, PR.AT, PR.DS, DE.CM, DELP, RS.CO • Asset Management Policy • Encryption Management Policy • Encryption Standard • Identity and Access Management Policy • Incident Management Policy • Information Classification and Management Policy • Mobile Device Acknowledgement • Physical Security Policy • Social Media Management Procedure Waivers Waivers from certain policy provisions may be sought following the Forum Info -Tech Waiver Process. Forum Info -Tech Internal Page 6 of 7 Forum Info -Tech Acceptable Use Policy Enforcement Personnel found to have violated this policy may be subject to disciplinary action, up to and including termination of employment, and related civil or criminal penalties. Any vendor, consultant, or contractor found to have violated this policy may be subject to sanctions up to and including removal of access rights, termination of contract(s), and related civil or criminal penalties. Forum Info -Tech Internal Page 7 of 7 Network Management Policy, version 1.0.0 Status: ❑x Working Draft ❑ Approved ❑ Adopted Document Owner: CIO/CISo Last Review Date: February 2024 Network Management Policy Purpose The purpose of the Forum Info -Tech Network Management Policy is to establish the rules for the maintenance, expansion, and use of the network infrastructure. Audience The Forum Info -Tech Network Management Policy applies to individuals who are involved in the configuration, maintenance, or expansion of the Forum Info -Tech network infrastructure. Contents General Wireless Networking Policy Generc ' • Forum Info -Tech IT will maintain its own network infrastructure and will continue to manage further developments and enhancements to the infrastructure. • All systems on the network must be authenticated. Connections to the network must be authorized by the appropriate leadership. • All hardware connected to the Forum Info -Tech network is subject to Forum Info -Tech IT management and monitoring standards. • Documented baseline configurations must be maintained for all network connected resources. • Changes to the configuration of active network management devices must be made according to the applicable change management process(es). • All connections of the network infrastructure to external third -party networks must be approved by the appropriate leadership. • Groups of information services, users and information systems must be segregated on the network. The perimeter of each domain should be well defined and based on the relevant security requirements. • Network devices must be installed and configured following Forum Info -Tech implementation standards. • Personnel are not permitted to access or alter existing network hardware without permission from the appropriate leadership. Forum Info -Tech Internal Page 1 of 2 Forum Info -Tech Network Management Policy Wirele- - Networkino • All wireless network traffic must be encrypted in accordance with the Forum Info -Tech policies and standards, regardless of information sensitivity. • The Forum Info -Tech Wireless Network must not be used inappropriately; in particular, persons must not use the network to: o Intercept or attempt to intercept other wireless transmissions for the purposes of eavesdropping. o Access or run utilities or services which might negatively impact on the overall performance of the network or deny access to the network, e.g. RF jamming, Denial of Service (DoS). • Forum Info -Tech wireless network users must not tamper with network access points or security settings. References 1 ISO 271L: 6, 9, 11, 12, 13, 17 �IICT " --.AC, PR.DS, PR.IP, W.PT, DE.CM Exceptions Policy exception requests may be made to Forum Info -Tech leadership. Enforcement Personnel found to have violated this policy may be subject to disciplinary action, up to and including termination of employment. Any vendor, consultant, or contractor found to have violated this policy may be subject to sanctions up to and including removal of access rights or termination of contract(s). Forum Info -Tech Internal Page 2 of 2 Personnel Security and Awareness Training Policy, version 1.0.0 X❑ Working ❑ Approved ❑ Adopted Status: Draft Document Owner: CIO/CISO Last Review Date: February 2024 Personnel Security and Awareness Training Policy Purpose The purpose of the Forum Info -Tech Personnel Security and Awareness Training Policy is to ensure that all personnel with access to Forum Info -Tech Information Resources are adequately vetted, qualified, and trained according to their role. Audience The Forum Info -Tech Personnel Security and Awareness Training Policy applies to all employees and individuals responsible for hiring, onboarding, offboarding, and training of personnel given access to Forum Info -Tech Information Resources. Contents General Background Checks Training and Awareness Policy General • For all roles within Forum Info -Tech, the hiring process should ensure the candidate has the necessary competence to perform the role and can be trusted to take on the role, especially for roles related to the use, management or protection of information security. • Information security responsibilities must be communicated to employees as part of the on - boarding process. Training is provided by Infosec IQ for all employees and must be completed annually by all Forum Info -Tech employees. • All employees are required to sign a Confidentiality/Non-Disclosure Agreement before being granted access to any information resource. • Upon termination of employment, personnel must be reminded of confidentiality and non- disclosure requirements. • Forum Info -Tech will provide all employees a process for reporting violations of information security policies or procedures. Bacxground Lnecxs • Background checks are required prior to employing Forum Info -Tech employees, regardless of if a competitive recruitment process is used. Forum Info -Tech Internal Page 1 of 2 Forum Info -Tech Personnel Security and Awareness Training Policy • Background checks may be required for employees who change positions in the company, obtaining more sensitive duties, as determined by Human Resources or the hiring manager. • Background checks may be required for employees at any time after the employment start date, at the discretion of Human Resources or Executive Management. • Contractors with access to Forum Info -Tech confidential information must have a process in place for conducting background checks on applicable staff. An agreement must be put in place specifying the responsibilities for conducting background checks if a procedure is not currently being followed or in question. Training and Awareness • All new personnel must complete an approved Security Awareness training prior to, or within 30 days of, being granted access to any Forum Info -Tech Information Resources. All training will be provided by Infosec IQ or another predetermined and approved vendor. • All personnel, including third parties and contractors must be provided with relevant information security policies to allow them to properly protect Forum Info -Tech Information Resources. • All personnel, including third parties and contractors, must acknowledge they have received and agree to adhere to the Forum Info -Tech Information Security Policies before they are granted to access to Forum Info -Tech Information Resources. All personnel must complete the annual security awareness training. Definitions See Appendix A: Definitions References • ISO 27002: 7,13 • NIST CSF: PR.AT, PR.IP, DE.CM • Information Security Policy • Confidentiality/Non-Disclosure Agreement Waivers Waivers from certain policy provisions may be sought following the Forum Info -Tech Waiver Process. Enforcement Personnel found to have violated this policy may be subject to disciplinary action, up to and including termination of employment, and related civil or criminal penalties. Any vendor, consultant, or contractor found to have violated this policy may be subject to sanctions up to and including removal of access rights, termination of contract(s), and related civil or criminal penalties. Forum Info -Tech Internal Page 2 of 2 'rum I FC TECH IT Solutions That FIT Cevoerwatch R Y HIGH WIRE N E T W O R K S For More Information Please Contact: Biren Shukla I biren@foruminfotech.net QD 530-535-8+77 19 overwatchsales@highwirenetworks.com ,,; highwirenetworks.com ow YYh FEATURES & CAPABILITIES POWERED BY STELLAR L�cYSEq' ,117 Aexabeam 1.90M R,I,, c,z7LgRhythm SeCLlfpill;� Loarn More splunk] Loam More Native Multi -lay -or 0 0 0 Multi-tenanenarcy Unified Platform Including NG-SIEM, IVQft, SOAR. UEBA. TI All Capabilities Included in Single 0 0 0 0 0 0 License Services to Help Security Team at No Arlditienal Charge Censors for Remota Data D Collection and Edge Detections � 4 0 � 0 Easy Setup 4 QO Flexible Deployments 41 Correlation Full Attack Surface Coverage Out-of-fhe-Bax Integrations For More Information Please Contact: Biren Shukla I biren@foruminfotech.net QD 530-535-8+77 19 overwatchsales@highwirenetworks.com ,,; highwirenetworks.com Overwatch MXDR delivers powerful open extended detection and response (Open XDR) for end-to-end cybersecurity solutions. Cybercrime is rampant and businesses are demanding more from their security providers. Cloud adoption and work from home or anywhere - on any device - are blurring infrastructure boundaries as never before, creating an ever-expanding surface for cyberattacks. Overwatch XDR condenses the entire surface into an intelligent, manageable stream for more robust security, better threat identification and faster responses. What is Open MXDR? Managed Extended Detection and Response (MXDR) is a vendor -agnostic XDR solution that consolidates multiple security products into a single platform to better correlate, detect, and respond to threats. This centralized platform empowers securityteams to more quickly and easily identify threats and breaches and provides context around incidents that can bolster and speed up response and remediation. Open XDR Infrastructure CThe ability to achieve robust XDR through integration with existing infrastructure @1 "Limitless" potential to adopt and integrate new technologies (as opposed to single -vendor solution limits) Cj✓ Future -proof abilityto adopt new and cutting-edge infrastructure and security solutions Overwatch MXDR Overwatch MXDR from High Wire Networks is a turnkey solution built from best -in -class technologies and a best - practices security framework from the Overwatch Cybersecurity team. It's an integral part of our managed cybersecurity services suite, delivering AI -powered Open XDR solutions from the market -leading team and tools in the Overwatch 24/7 Security Operations Center (SOC). Ready for Overwatch MXDR? Contact us today at: Biren Shukla biren@foruminfotech.net Overwatch XDR Platform Features G Comprehensive, automatic sensor -based data collection G Physical (on -premises) and cloud visibility G Integrated IDS/IPS paired with Al to reduce false positives G 50,000+ detections for known and unknown behaviors, mapped to the cybersecurity kill chain C✓ Simple, easy-to-use GUI dashboards G Advanced analytics and data -lake mining G Built-in integration with other Overwatch solutions G Integration with other systems, for GRC and more G APIs for data export G Built-in event -response and case -management capabilities: Create a trouble ticket Automatically send out PDF reports Trigger email, Slack and restful API alerts Signal firewalls to take appropriate action Benefits of Overwatch MXDR Security Benefits • Protects your entire attack surface Enhances existing infrastructure with superpowered Al Delivers best -in -class intelligence regardless of existing security products and services Deploys across network, cloud and endpoint infrastructure Generates exponential improvements in detection (MTTD) & response (MTTR) times Developed and delivered by High Wire's market -leading SOC team Benef its of Overwatch XDR + SOC 4 PubliC Cloud saas SaaS le Containers Cost Benefits Leverages existing infrastructure Fewer incidents to manage and recover from Faster recovery time Expandable and extensible in vendor -agnostic fashion Streamlined sourcing and ops Rapid Detection + Expertly Trained Reduction in Breach User Management Response Security Analysts Risks We leverage behavior analysis, SOAR automates data correlation, Our analysts are trained Faster detection and action active directory monitoring, reducing false positives and alert experts in their field, which reduces the overall risk of a hostile network attacks, Microsoft fatigue so analysts can respond decreases mean time to breach, allowing containment. 365, and G -suite integration and without delay. recognition and action. more. Network + Infrastructure Compliance Support Alignment with Industry Monitoring + Protection We provide policy templates, incident Frameworks We use encrypted log storage, intelligence response management, compliance Immediate alignment with defense -in - feeds, real-time automated remediation reports and documents, and auditor depth strategies and a balanced response and asset discovery, API attacks and report access and SOAR automation. through industry recognized standards like Zero -day protection. NIST, MITRE, HIPAA, and ISO. Ready for Overwatch MXDR? Contact us today at: Biren Shukla biren@foruminfotech.net Email Compromise Is on the Rise Take it from the FBI: Email compromise is a real and rising risk, increasing 65% and raking in $43 billion in the five years ending in 2021. How can you protect against phishing, ransomware, account takeover and other growing and evolving threats to your data -driven business? Introducing Overwatch Email Security Overwatch Email Security protects against business email compromise (BEC) and then some, extending protection to your company's vital data -sharing hubs, including: VJCEmail & Messaging Protection Outlook, Teams, Gmail and Slack CCollaboration Protection Microsoft 365 and GSuite File Sharing Protection Dropbox, Box, Google Drive, One Drive and ShareFile Prevent Threats From Ever Reaching Your Inbox Our comprehensive email security solution provides proactive data loss protection by combining advanced tools and experienced analysts: T 7p611 T LITS 263 Tn yl! 76Uw IF M G Avanan's Patented AI -driven API -Based Security Platform Avanan'sAl protects cloud email and collaboration suites from threats that evade default and advanced security tools. Its multilayer security detects malicious email -based cyberattacks and prevents them from reaching the inbox. For More Information Please Contact: Biren Shukla biren@foruminfotech.net Overwatch 24/7 SOAR -Powered Security Operations Center Our SOC is built on an AI -driven Security Orchestration Automation and Response (SOAR) platform, which enriches alerts with threat intelligence, so they're quickly reviewed and remediated by expert security analysts. Security Built for Cloud Email & Collaboration Overwatch Email Security is designed and delivered as an affordable managed service for the modern cloud -enabled hybrid workplace. Plus, it can be up and running fast! Features and Benefits of Overwatch Email Security Overwatch Email Security protects against evolving threats with AI -driven solutions that learn and adapt to your changing environment. 0 Anti-Phishing Software To catch advanced attacks, we leverage AI/ML analyzes every aspect of an email, including trusted senders, to identify fraud. 0 Anti-Malware and Ransomware Our multilayer strategy detects zero -day threats and malicious behavior, quarantining harmful files in real-time. 0 Email Archiving Incoming, outgoing and internal emails are easily archived for reference, ensuring business continuity and compliance. 0 Account Takeover Protection We use historical ML analysis to identify past breaches, filter false positives and prevent future account takeovers. 0 Smart Data Loss Prevention Our platform identifies confidential files, prevents accidental sharing, and limits the ability to print, copy, paste, or screen capture. Overwatch also delivers the critical benefits your organization needs: Integrated, Best -of -Scalable & breed Solutions 0 Future -proof Architecture Threat Detection,Continuous Blocking & * Compliance Elimination For More Information Please Contact: Biren Shukla biren@foruminfotech.net C 24/7 Protection & Response On -demand Reports & Dashboards GData Sovereignty �r Predictable Costs & �j No Capital Outlay Security Awareness An engaging 3-4 minute Hollywood style training video educates and reinforces good cyber hygiene and empowers uses to become defenders of cyberth reats. Managed XDR Managed "everything" Detection and Response is a unified approach to detection and response that collects and correlates all security tools to protect the entire enterprise attack surface effectively and efficiently. r j R Email Security Prevent threats from ever reaching your inbox. Our comprehensive email security solution provides proactive data loss protection by combining advanced tools and experienced analysts. Secure Access Service Edge The solution tackles the emerging security challenge for your cloud -enabled business by moving enforcement to the edge where your team, devices, apps and workloads interact. Im Managed Endpoint Detection & Response This solution monitors endpoints, detects suspicious behavior, blocks malicious activity, suggests remediation steps and, most importantly, is managed by security experts. El � Vulnerability Management Combines people power with data mining and machine learning technology to uncover, prioritize and block the holes in your defense continuously — 24/7/365. Patch Management This cloud -native solution remediates patch vulnerabilities, deploys required software and fixes misconfigured systems. El SaaS Monitoring SaaS Monitoring neutralize threats before they can cause significant damage, mitigating downtime and data loss by leveraging best -in -class tools and expert oversight. For More Information Please Contact: Biren Shukla biren@foruminfotech.net Managed Secure Edge Whether you have one office, branch offices, remote or mobile workers, this solution provides network security and redundancy to your hybrid work environment. F & Network Detection and Response Tap into our cybersecurity war room - a CISO-led 24/7 SOC staffed by security analysts leveraging enterprise -class threat detection and hunting tools. Dri OT/IoT Security With one click, we can lock down your network, isolating the threat so it can't move between devices or locations. Cyber Warranty Overwatch Cyber Warranty helps reimburse costs associated with remediating successful cyberattacks with plans that fit every budget. ,S1. rum k+•` I FD TECH i ~�� IT Solutions That FIT The Game Has Changed Enhanced collaboration, increased productivity, improved customer experience and faster innovation. These are just a few of the upsides of connected business. The downside? Security risk. Short of disconnecting, your only option is to play defense - only there's no rulebook and the playing field know no bounds with cloud -based networks and remote work. Plus your opposition has upped their game -- from taking your data to taking down your business. What can you do? Introducing Overwatch Vulnerability Management Overwatch Vulnerability Management combines people power with data mining and machine learning technology to uncover, prioritize and block the holes in your defense continuously -- 24/7/365. Overwatch Vulnerability Management takes your defensive game to the next level -from reactive to adaptive -to stay ahead of evolving threats. Visibility We assess your on -prem, cloud or hybrid environment for high-risk vulnerabilities based on real life exploits. Threat & Vulnerability Management (TVM) Resilience We proactively implement specific changes that will reduce your attack surface and your risk. Cyber Asset Attack Surface Management (CAASM) Rapid Response We adapt to evolving threats, stopping zero -day exploits using ML -based threat intelligence. Contextual Threat Intelligence (CTI) Plus, Overwatch Vulnerability Management is available to businesses of all sizes as an affordable subscription service. For More Information Please Contact: Biren Shukla biren@foruminfotech.net End -to -End Vulnerability Management Overwatch Vulnerability Management helps you close the gaps in your cybersecurity-from detection to compliance. Here's how: DETECT (2) IDENTIFY (2) PROTECT Stay ahead of threats. Don't get hit by blind spots. Eliminate the guesswork. Our automated Al engine provides Our solution identifies known and Our solution leverages Al machine state-of-the-art vulnerability unknown assets present in the network learning to accurately identify, detection and continuous and sends immediate alerts of critical rate and prioritize the most at -risk assessment of your security posture. threats and new vulnerabilities. assets in your environment. RECOVER (.) COMPLY Get back to business. Follow the rules. Our action plans help remediate vulnerabilities quickly by Our solution monitorsyour environment for patching systems and applying configuration hardening cyber -hygiene and compliance with regulatory or easily and efficiently industry data privacy and security mandates. Expert Protection Delivered as a Service You don't have to be a security expert to deploy Overwatch Vulnerability Management. We're making it available to businesses of all sizes as a managed service. Affordable Subscription (2) Easy Deployment (2) Fully Managed Get AI -driven vulnerability Enable our solution with agentless, Rest assured that our experts are management as a cost-effective, agent -based or hybrid deployments. detecting vulnerabilities and expertly managed service. responding to threats 24/7. Overwatch also delivers the critical benefits your organization needs: 0) Integrated, Best -of- �� Scalable & 24/7 Protection breed Solutions 0J Future -proof C01, & Response - Data Sovereignty Architecture Vol" Threat Detection, Continuous V Blocking & Compliance Elimination For More Information Please Contact: Biren Shukla biren@foruminfotech.net --/ On-demand Reports Predictable Costs & & Dashboards Vol" No Capital Outlay