Specifications include, but are not limited to: Cyber Security – Provide a comprehensive and cost effective, core cyber and endpoint security program that addresses the current threat environment. This program should be used as a basis to develop a more comprehensive program as part of a future budget. The program must include as part of the overall solution the following components: a.Managed endpoint security (virus/malware protection) for Desktops and Servers. b.URL and DNS filtering and monitoring for mobile and fixed endpoints c.Ongoing cyber security training for all end users d.Ongoing phishing tests for all users e.E-mail filtering and sandboxing f.E-mail link strip and protect g.E-mail archiving and legal discovery h.100% E-mail uptime i.External penetration testing j.Systems to detect anomalous activity inside network k.Encrypted email solution l.Encryption on endpoints (desktops hard drives) m.Disable any lost or stolen laptops (Remote wipe) n.Inventory management •Comprehensive Backup and Disaster Recovery – Provide a comprehensive and cost effective backup and disaster recovery program to ensure all data is secured on and off-site while providing system level recovery options. What about file level backups and recovery on endpoints? The program must include as part of the overall solution the following components: a.Hardware and Software to protect all production server data and systems. b.Backup data encrypted at rest and in transit c.Off-site data storage in secure facility (Replicated copy of on-site?) d.On-site data storage e.Capability to rapidly restore individual or groups of server using onsite stored data in 24-48 hours f.Daily management and monitoring of backups for consistency on and off-site g.Routine backup restore testing h.Automated monitoring and alerting of backup status i.Automated monitoring and alerting of replication status