Updated June 4, 2019
|Customer Support Channels||Phone, Chat, and Email|
|Days||Monday - Friday Excluding Holidays|
|Hours||7:00 a.m. - 8:00 p.m. (Eastern)|
|Holidays||Legal Holidays: New Year’s Day, President’s Day, Memorial Day, Independence Day, Labor Day, Veteran’s Day, Thanksgiving Day, Day after Thanksgiving, Christmas Eve, Christmas Day.|
|Exceptions||Circumstances beyond Info Tech’s reasonable control, including, without limitation, acts of any governmental body, war, insurrection, sabotage, embargo, fire, flood, storm, strike or other labor disturbance, interruption of or delay in transportation, unavailability of or interruption or delay in telecommunications or third party services, failure of third party software or inability to obtain raw materials, supplies, or power used in or equipment needed for provision of the Service Level Agreement|
|Calculating Uptime||AWS Route53 Health Checks polls all of our sites every minute. Every night after midnight we count all of the minutes we were up and divide by 1440 to get our percentage of uptime for the day. Our total uptime is a rolling 365-day average.|
|Disaster Recovery Plan||Info Tech maintains a disaster recovery plan that will be executed in the event catastrophic damages resulting from circumstances outside of Info Tech’s control. Info Tech updates its disaster recovery plan on an annual basis.|
|Planned Outages||Planned outages will be done outside of the peak service hours of 7:00 a.m. - 8:00 p.m. EST. We will notify our users 7 days prior to the planned outage.|
|Recovery Time Objective||In the event of a data center failure the recovery time is up to 1 hour.|
|Recovery Point Objective||The real time replication across multiple data centers and separate geographical regions allow for no data loss in the event of a catastrophic incident.|
|Unscheduled Interruption||Unscheduled interruptions will be reported within 30 days of Info Tech’s receipt of a request for explanation.|
|Exceptions||Circumstances beyond Info Tech’s reasonable control, including, without limitation, acts of any governmental body, war, insurrection, sabotage, embargo, fire, flood, storm, strike or other labor disturbance, interruption of or delay in transportation, unavailability of or interruption or delay in telecommunications or third party services, failure of third party software or inability to obtain raw materials, supplies, or power used in or equipment needed for provision of the Service Level Agreement.|
|Response Time||We respond to all customer email inquiries within one hour. We are committed to maintaining an average wait time of less than one minute for inbound phone support.|
|Defect Classifications||Issues are classified in the Critical, High, Medium, and Low categories.|
|Resolution of Critical Defects||We aim to resolve critical issues within 24 hours.
Critical issues are production issues that severely impact customer use of the service.
Critical issues may require customer to have dedicated resources available to work on the issue on an ongoing basis with Info Tech. If customer does not provide such dedicated resource, then Info Tech shall not be liable for related delays.
|Notification of Major Updates||Updates will be communicated prior to full release.|
|Notification of Minor Updates||Users will be notified about minor updates, typically related to non-critical bugs and maintenance, once released.|
|Multi-tenant Data||All uploaded tenant data is flagged with the appropriate owner/tenant and only tenant identified users with appropriate access are able to modify and view the data. Any requirement to gather data for a specific agency would be segregated per the appropriate tenant flag identifier.
Data is classified and access is controlled via each application. Tenants are able to specify various user levels to control access. Info Tech, Inc. has administrator and support account classifications in order restrict tool and data access to all tenant data. All of our services communicate via HTTPS, a secure, encrypted method of data transfer.
|User Access||User access to the applications will be tightly restricted and available over the Internet only, using Secure Sockets Layer/Transport Layer Security (SSL/TLS) encryption.|
|Certifications||SOC 2 Type 1 and PCI Compliant|
|Security Standards||NIST Moderate Impact Controls|
|Encryption||All data in our services uses AES 256 encryption. All data stored at rest in the underlying storage, or in transit between the application servers and databases and between the end users and applications, is encrypted. Automated backups and snapshots are also encrypted at rest.|
|Compliance Programs||Tenant environment is hosted through AWS which is compliant with several federal standards. AWS Compliance Programs|
|Penetration Testing||We undergo an annual third party assessment of our security architecture and a gap analysis to see how we match up against industry standards.|
|Notification of Breach||We take reasonable, industry-standard measures to protect and secure electronic data containing personally identifiable information and sensitive information. We encrypt your information when it is stored and transmitted. Should we experience a breach in security, we will investigate and take all required and appropriate actions based on the results of our investigation, consultation with local and state government officials, and pursuant to Florida and federal law.|
|Password Requirements||Our password requirements meet industry standards as defined and verified through a third-party vendor conducting annual security and penetration testing.|