CYBER SECURITY | 7 MIN READ
If you're currently in the market for a managed services provider, you might have seen or will come across a contract spelling out your services agreement. Managed IT services contracts can come with terms that might confuse you, whether it's legal jargon that you are unfamiliar with or technical phrases that are outside of your expertise. Keep reading for a break-down of some integral sections of a MITS contract as well as to learn definitions for some common MITS contract terminology.
Not enough time? Jump to:
Contract Sections Defined
When reading over a MITS contract, there are a few sections that are must-haves. If you don't see the below sections in your MITS contact, a red flag should be raised. If these sections are included, read them closely to confirm a few details.
The services section of your contract should clearly spell out the services and level of service that will be provided by your MSP. For instance, if your MSP offers 9-5 and 24/7 support, which one is listed in the contract?
If your MSP operates on a per user or per device model, have they correctly listed the price per user/device? If you are on one of these models, make sure to ask how much extra it is to add additional users or devices once your contract period starts.
If your contract provides for the installation of additional hardware or software, the prices for these products as well as any initial setup fees should be clearly listed in this section of the contract too.
Double check that your monthly rates match the type of MITS package that you signed onto. For instance, if you are looking for an all-inclusive package, make sure that you're mainly paying a flat monthly rate and that there aren't a bunch of extra hidden fees snuck into the contract.
Hidden fees could include extra charges for after hours onsite support, after hours remote support, trip expenses for onsite support, and extra maintenance work.
By contrast, if you're signing a package that's tiered or a la carte, while you may have a monthly recurring amount, extra fees that aren't included in your package can quickly add up.
For a la carte contracts, a host of extra fees could be snuck into your contract such as advanced device monitoring. Even if you're paying for a feature like access to a help desk, fees can be added based on factors like the number of calls made to the help desk.
In the event that your network goes down, you could be charged a fee for high priority/rapid response or simply to recover your data. Additionally, if you don't own certain equipment like a firewall, the cost to rent/lease hardware/software from your MSP could be an added cost in a tiered or a la carte contract.
If you're going the tiered or a la carte route for your package, read over all the extra fees to make sure that there aren't so many that your package isn't worth the money anymore.
Many MSP's offer 24/7 support because they know that businesses cannot afford downtime even outside of the normal 9-5 hours.
If you pay for 24/7 support, make sure that your contract has a section that spells out the difference in services and related pricing for 9-5 support and any additional support that falls outside of those hours.
For instance, do you get phone and remote support from a full-service help desk from 9-5, and then only emergency phone support outside of those hours? What's the difference in pricing if you call outside of normal business hours?
Even if you only have 9-5 Monday through Friday support, you should still check your contract to make sure that it spells out the services and pricing that you're paying for.
On a basic level, you can tell that your cyber security works when your business doesn't experience significant downtime or cyber attacks − basically, when your business operates normally with no hiccups.
This mindset can make cyber security fade into the background, making some think that their business is running smoothly and they don't need to pay extra for a MITS provider.
Over time, good managed services providers can help improve productivity and efficiency in your company. Since there might not be as much obvious short-term, instant gratification to your business like there is with purchasing a new copier, some clients may wish to break their contract early.
Because of this persisting mindset, managed services providers (MSP's) usually aim for agreements to last around 1-3 years so their clients can see the difference that long-term MITS services make to one's business. Check to see what length your contract lasts for and ask why your MSP sets contract terms at that length.
End of Agreement Terms
When you reach the end of your agreement term, you should clearly understand the process and timeline for renewing or cancelling your contract.
For instance, does your term auto-renew unless otherwise noted, and for how long does it auto-renew? Additionally, at the end of your contract term, do you have to give 30, 60, or 90 days notice to renew or cancel? If you don't see this information listed in your contract, ask for it to be added so you aren't surprised later on.
Contract Terms Defined
If you see this term in your contact, it is probably listed under the services required to initially set up your network. While this is a term that isn't an integral part of your contract and may or may not be included, it is a technical term that could confuse you if you don't have much technical expertise.
A desktop defrag is a way of editing a computer's hard disk so it runs faster. If you upload a large file to your desktop, your computer might break that file down into smaller bits to make the file easier to load. However, over time, all these little fragments can end up slowing down your computer. Desktop defrags rearrange files that have previously been fragmented.
This is another term that may fall under the "initial setup" section of your MITS contract. Drive mapping helps users quickly and easily navigate a network. When mapping a drive, you associate a local drive letter with a shared storage area to another computer on a network.
For instance, on your computer, a "common drive" that all employees have access to might look like"(L:)".
This drive can be locally accessed on your computer in multiple places, allowing employees to easily store and share files in a universally accessible area. Drive mapping helps you easily store large files or large collections of files somewhere else that has more hard drive space. You should see if your MSP can set this up for you if your network doesn't already have it.
Application mapping identifies and outlines the relationships between devices in your network. It gives users a sense of how the network analyzes its performance and where data bottlenecks happen. Application mapping also helps your IT provider easily identify potential issues in your network.
Additional Work/ Rates
Additional work may include recommended updates or changes to your network, for instance the addition of a new security software. Make sure that any costly changes must be approved by you first before implementation.
Additional work can also include time taken to address major network issues that will require substantial work to fix. If you see a section in your contract addressing this, read over it to make sure you understand what work you will be charged for and how much it will cost.
In your MITS contract, there should be a term stating that you should be allowed to break your contract if you aren't happy with your MSP's services.
Usually, there's a stipulation that you must give the company around 30-60 days to attempt to alleviate any problems before letting you out of your contract.
An additional stipulation might be that if you break your contract early, you must pay off any remaining debt on any hardware or software that you leased from your MSP.
If you don't see any clause like this in your contract, that should be a red flag to you. You shouldn't be forced to stay in a contract if your managed services provider isn't working and, even with multiple chances, cannot alleviate the concerns you raise.
If you're shopping around for a new managed services provider, you're taking a good step to better protect your network.
However, you shouldn't wait to improve your cyber security − if you wait until you experience significant network downtime or a cyber attack to upgrade, you've waited too long.
RELATED: Questions to Ask an IT Provider
Posted by Erica Kastner
Erica Kastner is a lead Content Specialist at Standard Office Systems as well as a University of Georgia graduate. She aims to use her passion for problem-solving to help businesses understand how to better leverage their cyber security infrastructure.