PrimeSea Help Desk Knowledgebase Internal
Annual Maintenance Contract
Suggested knowledgebase articles:

Annual Maintenance Contract

1) Type of AMC Services – List

a. Preventive Maintenance (PM)

  • Scheduled health checks (monthly/quarterly)
  • Cleaning, firmware/driver updates, patching
  • Performance optimization and capacity review
  • Backup verification and DR runbook validation

b. Corrective Maintenance (Break-Fix)

  • Diagnosis and resolution of hardware/software failures
  • Replacement of faulty parts (as per contract—OEM/third-party)
  • Escalation to OEM vendors for in-warranty items

c. Remote Support

  • Helpdesk L1/L2 via phone, email, portal
  • Secure remote assistance (with user approval)
  • Incident triage and resolution tracking

d. Onsite Support

  • Engineer visits for complex faults, deployments, or rollouts
  • Scheduled onsite days (as per SLA)

e. Software & Systems Maintenance

  • OS patching, antivirus/EDR management, DLP policy updates
  • Application updates (agreed scope), license compliance checks
  • Monitoring setup and alert tuning (SIEM/NMS, if applicable)

f. Network & Security Maintenance

  • Switch/router/firewall configuration backups
  • Firewall rule reviews; VPN posture checks
  • Wi-Fi health audits; NAC policy validation

g. Asset & Documentation Management

  • Inventory updates (hardware/software)
  • Configuration baseline and change logs
  • Warranty/AMC dashboard and reports

h. Optional Add-ons (if contracted)

  • Cloud support (M365, Azure, AWS)
  • Backup/DR drills and failover testing
  • Endpoint hardening and CIS benchmark alignment
  • Security awareness training

2) Agreements & Limitations (Before Offering Service to Customer)

Scope Confirmation

  • Detailed asset list with make/model/serial numbers
  • Locations covered, business hours, and access protocols
  • Supported software versions and configurations

Prerequisites

  • Stable power, cooling, and physical access provided by customer
  • Valid licenses/subscriptions for all supported software
  • Network connectivity for remote support tools (where applicable)

Exclusions / Limitations

  • Data recovery beyond standard backup restore (unless included)
  • Physical damage, accidents, misuse, liquids, fire, or acts of God
  • Unsupported/End-of-Life hardware/software not covered by OEM
  • Third‑party costs (OEM parts, shipping) unless explicitly included
  • Custom development, new deployments, and major upgrades (unless scoped)

Customer Responsibilities

  • Provide timely access and approvals
  • Maintain backups and share restore procedures
  • Inform us of any changes or third‑party activities that affect scope
  • Ensure compliance with safety/security policies for onsite work

Vendor Responsibilities

  • Deliver services per SLA; maintain documentation and logs
  • Assign qualified engineers; ensure confidentiality and compliance
  • Communicate risks, delays, and dependencies proactively

3) Terms and Conditions

Contract Term & Renewal

  • AMC term: 12 months (start/end dates defined in Order Form)
  • Renewal: 30 days prior to expiry, subject to revised commercials

Service Level Agreements (SLA)

  • Response:
    • Critical (P1): 1–2 hours
    • High (P2): 4 hours
    • Medium (P3): 8 business hours
    • Low (P4): Next business day
  • Resolution: Best‑effort based on complexity, vendor/OEM support, and parts availability
  • Onsite Dispatch: Within 24–48 business hours (as per plan)

Working Hours

  • Standard: 9:00–18:00, Monday–Friday (excluding public holidays)
  • After‑hours/weekend support available if contracted

Commercials & Payment

  • Payment milestones: 50% advance, 50% within 30 days of start; or as agreed
  • Taxes extra as applicable; pricing may adjust for market volatility (e.g., RAM costs) with written notice

Change Management

  • Changes to scope via approved Change Requests (CR) with impact on time/cost

Confidentiality & Compliance

  • Mutual NDA applies; adherence to applicable data protection laws
  • No sharing of credentials; access via approved methods only

Termination

  • Either party may terminate for breach with 30 days’ notice
  • Pro‑rata refunds/charges based on services delivered (as agreed)

4) Do’s

  • Do follow documented SOPs, change control, and approval workflows
  • Do take configuration backups before changes and verify after
  • Do apply security patches and updates per maintenance windows
  • Do log all incidents, actions, and resolutions in the ticketing system
  • Do use strong authentication (MFA) and least‑privilege accounts
  • Do encrypt data at rest and in transit where applicable
  • Do validate backups and conduct periodic restore tests
  • Do notify stakeholders before/after maintenance with clear impact notes
  • Do label and update asset inventory after any change
  • Do escalate vendor/OEM cases promptly and track to closure

5) Do Not’s

  • Do not perform changes without approvals or outside maintenance windows
  • Do not bypass security controls (firewalls, EDR, DLP, NAC)
  • Do not use shared or personal accounts for administrative tasks
  • Do not store customer data locally or on unauthorized devices
  • Do not disclose credentials or sensitive configurations via email/chat
  • Do not leave systems unpatched beyond agreed grace periods
  • Do not connect unknown USB devices or install unvetted software
  • Do not remove or relocate equipment without asset and cable mapping updates
  • Do not retain logs, data, or configs post‑contract beyond agreed archival policy

6) Security Points (Mandatory)

Access & Identity

  • Enforce MFA for admin and remote access; rotate credentials regularly
  • Implement least‑privilege and role‑based access control (RBAC)
  • Maintain Privileged Access Management (PAM) for break‑glass accounts

Endpoint & Network Security

  • EDR/AV with real‑time protection and weekly signature updates
  • Firewall rules reviewed quarterly; change requests documented
  • Network segmentation for critical systems; NAC for device compliance
  • Secure remote tools (TLS), session recording where required, time‑bound access

Data Protection

  • Backups: 3‑2‑1 strategy (3 copies, 2 media, 1 offsite/immutable)
  • Encryption (AES‑256 at rest; TLS 1.2+ in transit); key management policy
  • DLP policies for email, endpoints, and cloud storage

Monitoring & Incident Response

  • Centralized logging (SIEM/NMS); alert thresholds tuned
  • Defined IR playbooks: detection → containment → eradication → recovery → post‑mortem
  • 24/7 alerting optional; escalation matrix with contacts and SLAs

Compliance & Audits

  • Periodic security audits (quarterly/annual) and remediation tracking
  • Patch compliance reports and vulnerability scan summaries
  • Adherence to customer policies and applicable regulations

Physical Security

  • Controlled access to server/network rooms; visitor logs maintained
  • Secure cable management, UPS/power conditioning, and environmental monitoring
  • Asset tagging and tamper seals where required

7) Service Deliverables & Reporting

  • PM checklist reports (monthly/quarterly)
  • Incident & resolution summaries (weekly/monthly)
  • Asset inventory and warranty status updates (quarterly)
  • Security posture report (patch/vuln/backup status)
  • Annual review with recommendations and roadmap

8) Acceptance & Contact

  • The customer acknowledges the scope, SLAs, and limitations stated herein.
  • For escalations: Prashanth R, Email: admin@primesea.in, Ph: 9160884086
  • For scheduling: Kranthi R, Email: info@primesea.in, Ph: 9160884086

 

Was this article helpful? Yes | No

Article Details

Article ID:
4
Category:
Internal
Rating :

Related articles