Specifications include, but are not limited to: ● include hourly pricing for remote and onsite Incident response ● include an SLA to be onsite within 4 hours for incident response for ESC Region 12 Members ● include an SLA to be onsite within 2 hours for ESC Region 12 ● include an initial and on-going Section 11.175 School Cybersecurity Assessments with at least one onsite visit per calendar year ● include on going, face-to-face, cybersecurity training offered at least three times per year for at least two techs from each member that signs up for IT Security Services through this RFP ● include complete policy development, implementation, revisions, and annual review of those policies to meet the requirements of Education Code, Chapter 11, Subchapter D, Section 11.175 School Cybersecurity - Texas Cybersecurity Framework ● include external quarterly vulnerability scanning as well as a detailed yearly report ● include internal network assessment ● include the creation and development of an incident response handbook with ongoing support for revisions ● include at least one table top exercise per year ● include on-site training as requested ● include a Managed Detection and Response (MDR) that monitored the local network as well as security information and event management (SIEM) capabilities ● include active monitoring of active director events such as a user being added to the domain admin group with alerts to designated individuals ● include a Managed Endpoint Detection and Response solution / MEDR ● include options for server/workstation updates ● include options for email security such as Mimecast or similar solution ● Include options for MFA such as Duo or similar solution
