Download the complete service offering docx format of security-and-threat-analysis-services-definition

 

 


1. Description of Service

MassIT's Security and Threat Analysis Service, using McAfee Endpoint Protection services, provides the following support to customers:

  • Protection of the endpoint against unauthorized access using McAfee Endpoint Protection.
  • EPO Centralization including centralized licensed tracking.
  • ITD will provide the deployment of, or the consulting support on the deployment of, endpoints.
  •  Monitoring, detecting, and alerting of the network for evidence of abnormal activity that may be a result of a network intrusion.
  • Standard Reporting for your Secretariat/Agency with daily, weekly, monthly reports.
  • Ongoing support for troubleshooting or will refer to McAfee Support if needed.
  • Remediation and consulting for any customer issues.
  • Education.
  • Cyber Security Portal.
  • MassIT Twitter Account.

 

Education services include:

  • Instructor-led Awareness Sessions that include mobile training and a breach demonstration lab.
  • Computer-based Cyber Security Awareness Training module accessible to all MAGNet users.
  • The CBT, accessible at http://cybersecuritycbt.itd.state.ma.us:8080/cybersecurity/, can be completed in 3-4 hours and can be started, interrupted, and resumed at the user's leisure.
  • On-line training (at no cost) that includes 10 on-line course offerings that address several important topics in information security and are divided into three general tracks: non-technical, technical for IT professionals, and management/business professionals.  Each course consists of approximately 5 hours of training that can be completed in one or more sittings, at the student's leisure.
  • All training session can be scheduled by contacting MassIT's Enterprise Security Office*.

 

Mass.gov cyber security portal:

MassIT also manages a Cyber Security portal that includes cyber security-related alerts, advisories, and news reports at: http://www.mass.gov/anf/research-and-tech/cyber-security/.

 

MassIT Twitter Account:

As an alternative method for rapid dissemination of cyber security-related content, MassIT now publishes via its Twitter account at www.twitter.com/MassITcyberAlerts

 

Support services include:

 

 


2. Service Targets and Metrics

Targets

Service Requirement

Description

Infrastructure ComponentsEPO Server

Service Availability

 

Service is available 24x7.

Request Fulfillment*

 

Staff will respond to service requests during the hours of 9:00 am - 5:00 pm Monday through Friday excluding holidays.  Customers can make requests through COMiT.
Incident Management*MassIT Service Management Office has standard processes to manage incidents, requests and changes.  Outages or urgent issues should be reported by phone to receive the quickest response 1-866-888-2808.

 

Metrics

Performance

Description

Measurements

Malware removed by EPO or subnetProvide customer customized reports to show how much malware was remediated.Number of infections found

Availability

Description

Measurements

N/A  

*Incidents, requests, or changes that are outside the scope of the defined service description or normal service hours will be direct charged to the customer.




 

3. Service Reporting

Report

Description

Reporting Interval

Scanning ReportInformation submitted within applicationWeekly/Monthly

Inventory

Information submitted within applicationWeekly/Monthly
EndPoint ReportInventory and scanning reports that provide detailed information regarding endpoint services and access.Weekly/Monthly

 


 


4. Service Requests

COMiT Service Requests*

Description

Lead Time-Business Days
Request Security and Threat Analysis SupportThis request is for support from the Security and Threat Analysis team.1-2 Days
Report Security Abuse This request is to report security abuse. 1-2 Days
Request Forensic InvestigationThis request is for a forensic investigation to be performed. 1-2 Days
For new service requests only. To manage existing requests, please log into COMiT.



5. Customer Responsibilities

For your convenience, you may also view a detailed list of customer responsibilities docx format of security-and-threat-analysis-services-definition
.

 

 


6. Chargeback Rate Information

For more information on Chargeback, including an overview of the program as well as previous fiscal year rates, please visit our Chargeback Services webpage.

Cost framework: Security and Threat

1.Direct Charges to Customers

1A. Customer Specific - Costs Directly Charged to Customers
DESCRIPTIONCOST
 $0
Total 1A. Customer Specific - Costs Directly Charged to Customers$0
Total 1. Direct Charges to Customers$0

2. Direct Dedicated Resources

2A. Direct Costs - Salaries (AA) and Fringe (DD), Contract (U05, HH)
DESCRIPTIONFTECOST
Direct Costs - Salaries (AA) and Fringe (DD), Contract (U05, HH)6.95$535,694
Total 2A. Direct Costs - Salaries (AA) and Fringe (DD), Contract (U05, HH)6.95$535,694

 
2B. Hardware / Software / Contracts (UU, LL , etc)
DESCRIPTIONCOST
- Other Costs, Reclassifications, Adjustments-$118,015
- SHI-McAfee Antivirus-$175,305
- IBM-IBM ESSO Maint-$362,291
- First World d/b/a Terminal Exchange-(4) Sentrion MP361 Servers for Email Security Appliances RFQ 11-31-$7,333
- First World d/b/a Terminal Exchange-Sendmail for SecureEmail (Subscription piece)-$125,000
- Zensar Technologies (formerly Akibia)-NetWitness-$84,546
- First World d/b/a Terminal Exchange-McAfee Antivirus, Enterprise Antispam, IP Reputation, Trustphere subscriptions for Email Security Appliances RFQ 11-31-$11,177
- First World d/b/a Terminal Exchange-Sendmail for SecureEmail Maintenance and support piece)-$18,000
Other Costs, Re-classifications, Adjustments-$118,001
Total 2B. Hardware / Software / Contracts (UU, LL , etc)$783,666
Total 2. Direct Dedicated Resources$1,319,360

3. Indirect Costs

3A. Allocated Shared Resources
DESCRIPTIONCOST
 $0
Total 3A. Allocated Shared Resources$0
Total 3. Indirect Costs$0

4. Indirect Costs

4A. Shared ITD Data Center Services
DESCRIPTIONRATECODERATEUNITSCOST
  $ $0
Total 4A. Shared ITD Data Center Services   $0
Total 4. Indirect Costs$0

5. Allocated Costs

5A. Allocated Costs Not Specific to Service
DESCRIPTIONCOST
Allocated Costs Not Specific to Service$464,553
Total 5A. Allocated Costs Not Specific to Service$464,553
Total 5. Allocated Costs$464,553

6. Management Adjustments

6A. Management Adjustments
DESCRIPTIONCOST
 $0
Total 6A. Management Adjustments$0

 
Total 6. Management Adjustments$0

 
GrandTotal: Security Products and Services - Security and Threat$1,783,913

7. Rates Pertaining to this Service

7A. Rates Pertaining to this Service
SERVICE OFFERING / TITLE / BILLABLE UNITRATECODERATEPLANNED UNITSCOST
Security - Security and Threat-Per License / UserSU110$3652140$1,783,913
Total 7A. Rates Pertaining to this Service   $1,783,913

The cost pertaining to this service is based on $3 per license/user.
 

Download a complete listing of all chargeback rates


Updated October 21, 2014
Reviewed August 14, 2014
Published August 14, 2009
Created September 13, 2013: Information provided by the Security Office