BP 11122023 129pm - Flipbook - Page 92
2.3 Have a written contract in place that clearly defines your terms with the MSP. Consider the
following:
2.3.1 Clarify who handles your requests for assistance: local personnel; outsourced help
desk; designated support tech; etc…
2.3.2 Contact Safe Environment to have a background check on each individual that
provides IT support.
2.3.3 Define exactly what the MSP covers, such as hardware; software; infrastructure
(i.e. cabling; firewall; routers; switches; etc.), security. It’s a good idea to meet
with the MSP at least once each year to re-establish the guidelines in place and
have them perform a site survey to be assured all technology is up-to-date and
working properly.
Software updates should all be included in the parish’s software license
agreements, provided they are kept up to date. Assuming this, yes, it should be
the responsibility of the MSP to make sure these updates are being applied, and
this duty should be clearly detailed in the service agreement between the two
parties. In order to save money, sometimes the MSP will pinpoint a parish
employee to actually perform the work, but the MSP should manage the process
as a mishap caused from outdated software/firmware/etc. should be the
responsibility of the MSP.
2.3.4 Establish where the coverage exists: parish/school offices; rectory; remote user
locations etc…
2.3.5 Agree on when you can call MSP for support: 24x7x365; M-F 9-5; etc.…
2.3.6 Establish how users are able to submit a request for assistance (i.e. online help
desk; e-mail; phone; fax; etc.)
2.4 If your Parish does not have a third-party support, we highly recommend that you retain a
managed service provider (MSP) for IT support immediately. In the meantime, you need to
understand how information technology is administered.
2.4.1 Determine how local servers and computers maintained.
2.4.2 Take an inventory of hardware and monitor it annually; this can be maintained in an
Excel spreadsheet or Smartsheet and should include the location, description (& serial
number if applicable), purchase price, date acquired of each item.
2.4.3 Designate an employee in charge of IT.
2.4.4 Determine if there are servers on site, and if so, how they are secured.
3. SECURITY TIPS
3.1 There should be a firewall in place at the office and it should be managed and updated;
Consider configuring the firewall to limit access to sites that may utilize significant bandwidth or
malicious activity as well as the possibility of using GEO blocks from locations with known high
threat levels (China, some middle eastern or South American countries); Consider including this
as a responsibility of your MSP and ensure that it is included in the contractual services.
3.2 All of the workstations, servers, etc. should be protected by an updated antivirus
92
