Download the complete service offering .
1. Description of Service
ITD's Security and Threat Analysis Service, using McAfee Endpoint Protection services, provides the following support to customers:
- Protection of the endpoint against unauthorized access using McAfee Endpoint Protection.
- EPO Centralization including centralized licensed tracking.
- ITD will provide the deployment of, or the consulting support on the deployment of, endpoints.
- Monitoring, detecting, and alerting of the network for evidence of abnormal activity that may be a result of a network intrusion.
- Standard Reporting for your Secretariat/Agency with daily, weekly, monthly reports.
- Ongoing support for troubleshooting or will refer to McAfee Support if needed.
- Remediation and consulting for any customer issues.
- Cyber Security Portal.
- ITD Twitter Account.
Education services include:
- Instructor-led Awareness Sessions that include mobile training and a breach demonstration lab.
- Computer-based Cyber Security Awareness Training module accessible to all MAGNet users.
- The CBT, accessible at http://cybersecuritycbt.itd.state.ma.us:8080/cybersecurity/, can be completed in 3-4 hours and can be started, interrupted, and resumed at the user's leisure.
- On-line training (at no cost) that includes 10 on-line course offerings that address several important topics in information security and are divided into three general tracks: non-technical, technical for IT professionals, and management/business professionals. Each course consists of approximately 5 hours of training that can be completed in one or more sittings, at the student's leisure.
- All training session can be scheduled by contacting ITD's Enterprise Security Office*.
Mass.gov cyber security portal:
ITD also manages a Cyber Security portal that includes cyber security-related alerts, advisories, and news reports at: http://www.mass.gov/anf/research-and-tech/cyber-security/.
ITD Twitter Account:
As an alternative method for rapid dissemination of cyber security-related content, ITD now publishes via its Twitter account at www.twitter.com/ITDcyberAlerts
Support services include:
- A Service Account Manager to answer any questions or concerns regarding ITD Services.
- Services offered through our Operations Office including Change Management and customer access to incident management via email, phone (CommonHelp)
- The online COMiT service management portal
- ITD's Chargeback Billing System.
- For additional Security support services please see Security Information Services
2. Service Targets/Hours of Availability
|Infrastructure Components||EPO Server|
|Service is available 24x7.|
|Staff will respond to service requests during the hours of 9:00 am - 5:00 pm Monday through Friday excluding holidays. Customers can make requests through COMiT.|
|Incident Management*||ITD Service Management Office has standard processes to manage incidents, requests and changes. Outages or urgent issues should be reported by phone to receive the quickest response 1-866-888-2808.|
*Incidents, requests, or changes that are outside the scope of the defined service description or normal service hours will be direct charged to the customer.
3. Service Reporting
|Scanning Report||Information submitted within application||Weekly/Monthly|
|Information submitted within application||Weekly/Monthly|
|EndPoint Report||Inventory and scanning reports that provide detailed information regarding endpoint services and access.||Weekly/Monthly|
4. Service Requests
|COMiT Service Requests*|
|Lead Time-Business Days|
|Request Security and Threat Analysis Support||This request is for support from the Security and Threat Analysis team.||1-2 Days|
|Report Security Abuse|
This request is to report security abuse.
Request Forensic Investigation
This request is for a forensic investigation to be performed.
5. Customer Responsibilities
For your convenience, you may also view a detailed list of customer responsibilities .
6. Chargeback Rate Information
For more information on Chargeback, including an overview of the program as well as previous fiscal year rates, please visit our Chargeback Services webpage.
Cost framework: Security and Threat
1. Direct Charges to Customers
|Total 1A. Customer Specific - Costs Directly Charged to Customers||$0|
|Total 1. Direct Charges to Customers||$0|
2. Direct Dedicated Resources
|Direct Costs - Salaries (AA) and Fringe (DD), Contract (U05, HH)||4.60||$423,374|
|Total 2A. Direct Costs - Salaries (AA) and Fringe (DD), Contract (U05, HH)||4.60||$423,374|
|- SHI-McAfee Antivirus (Replaces Norton Antivirus BI385) (Will Roll throughout 3-yr term)-||$175,305|
|- IntraSystems, Inc.-Qradar/ICX (In FY08, transferred to Unit 2224) (Eff. FY13, includes BI706 and BI851)-||$116,830|
|-Other costs, Reclassifications, Adjustments-||$42|
|- Dell Software-Lyris Listmanager 6.0 #52-1881658 (In FY07, funded under Unit 2420) (Beginning in FY12, moved from Unit 2653) (Eff. FY13, per security, should be in Unit 7750)||$2,913|
|- Akibia (Aquila Technologies)-NetWitness-||$93,043|
|Total 2B. Hardware / Software / Contracts (UU, LL , etc)||$388,133|
|Total 2. Direct Dedicated Resources||$811,507|
3. Indirect Costs
|Total 3A. Allocated Shared Resources||$0|
|Total 3. Indirect Costs||$0|
4. Indirect Costs
|Total 4A. Shared ITD Data Center Services||$0|
|Total 4. Indirect Costs||$0|
5. Allocated Costs
|Allocated Costs Not Specific to Service||$396,526|
|Total 5A. Allocated Costs Not Specific to Service||$396,526|
|Total 5. Allocated Costs||$396,526|
6. Management Adjustments
|Total 6A. Management Adjustments||$0|
|Total 6. Management Adjustments||$0|
Grand Total: Security Products and Services - Security and Threat
7. Rates Pertaining to this Service
|SERVICE OFFERING / TITLE / BILLABLE UNIT||RATECODE||RATE||PLANNED UNITS||COST|
|Security - Security and Threat||SU110||$2||651600||$1,208,033|
|Total 7A. Rates Pertaining to this Service||$1,208,033|
The cost pertaining to this service is based on $2 per license/user.
Download a complete listing of all chargeback rates
Updated July 09, 2014
Reviewed April 24, 2014
Published August 14, 2009
Created September 13, 2013: Information provided by the Security Office