{"@context":"https://schema.org","@type":"OfferCatalog","name":"DataTel Services Catalog","url":"https://www.datatelco.com/api/public/services","description":"Machine-readable catalog of DataTel's future-state managed IT, security, networking, and voice services. Each package lists scope, fit criteria, prerequisites, deployment model, and industry considerations.","provider":{"@type":"Organization","name":"DataTel","url":"https://www.datatelco.com","areaServed":["Idaho","Oregon","Washington","Utah","Arizona","Nevada"]},"summary":{"total":26,"core_packages":17,"addons":9,"service_lines":[{"key":"fully_managed","label":"Fully Managed IT","packages":3,"addons":8},{"key":"co_managed","label":"Co-Managed IT","packages":12,"addons":1},{"key":"network","label":"Network Services","packages":1,"addons":0},{"key":"voip","label":"VoIP & Communications","packages":1,"addons":0}]},"service_lines":[{"key":"fully_managed","label":"Fully Managed IT","description":"Complete outsourced IT — workstation and server management, helpdesk, security stack, compliance, and strategic planning. We act as your IT department."},{"key":"co_managed","label":"Co-Managed IT","description":"Security, infrastructure, and platform services that augment your existing internal IT team. You keep ownership; we layer in 24/7 SOC, EDR, SASE/ZTNA, managed SIEM, hosted servers, and compliance tooling."},{"key":"network","label":"Network Services","description":"Network design, SD-WAN, structured cabling, and circuit management for multi-site businesses across the Northwest."},{"key":"voip","label":"VoIP & Communications","description":"Cloud VoIP, contact center (UCaaS/CCaaS), Mitel platforms, and POTS-line replacement."}],"packages":[{"id":"90c6f6d1-b842-4dd0-82bf-7217b83f9045","service_line":"co_managed","service_line_label":"Co-Managed IT","package_name":"Security","display_name":"MID - Secure Global Network (SGN)","short_description":"Full endpoint security suite with EDR, SASE, SIEM, SOC, and zero-trust","customer_description":"Comprehensive security package including endpoint detection & response, next-gen antivirus, secure DNS, cloud firewall, VPN replacement with zero-trust network access, managed cloud SIEM, 24/7 SOC, and LAN zero-trust segmentation.","is_addon":false,"deployment_model":"cloud","included_services":[{"name":"SGN EDR & NGAV","description":"Endpoint Detection & Response, Next-Gen Anti-Virus & Malware, Ransomware Protection, Memory Threat Protection, AI-Powered Behavioral Analysis. Windows, Mac, & Linux."},{"name":"SGN SASE & ZTNA","description":"Secure DNS, Next-Gen Cloud Firewall & IPS, VPN Replacement & Zero Trust Network Access, Identity Integration with Entra ID/Google/Duo, Software Defined Perimeter for SaaS/Cloud/On-Prem, Secure Web Gateway with full SSL Inspection."},{"name":"SGN Managed Cloud SIEM","description":"Managed SIEM ideal for Detection & Response. Unlimited ingestion for SASE, Endpoint, System, PowerShell Script Block Logging, and all SIEM integrations including Firewall."},{"name":"MXDR & SOC","description":"24/7 SOC investigates alerts, escalates cases, supports response. Customized detection & threat hunting. Assigned Detection & Response Engineer. Ongoing engagement and configuration review."},{"name":"LAN Zero Trust & Internal Segmentation","description":"Segment internal networks without VLANs. Firewall-inspired interface for simple internal traffic control. Identity integration with MFA policies. Powerful IR support by isolating healthy vs compromised devices."},{"name":"Multi-Engine Download Scanning","description":"Scan downloads with 15+ Anti-Virus and Anti-Malware engines. Requires SASE."},{"name":"GRC (Governance, Risk & Compliance)","description":"NIST CSF Security Framework, Compliance Assistant, Policies/Procedures/Documents Manager, Security Assessments."}],"use_cases":["Uses or is willing to use Microsoft 365","Endpoint security for workstations and servers (EDR, NGAV, ransomware protection)","Cloud-based secure DNS filtering and web gateway","Zero-trust network access as a VPN replacement for remote/hybrid workers","Managed SIEM with 24/7 SOC monitoring and incident response","Internal network segmentation using software-defined micro-segmentation (replaces VLAN complexity)","Organizations wanting to consolidate multiple security point products into one platform","Co-managed IT environments where the client has their own IT team but needs security expertise"],"not_suitable_for":["Organizations unwilling to use Microsoft 365, stuck on Google Workspace, Zoho, or other office bundle solutions","REPLACING PHYSICAL FIREWALL APPLIANCES — SGN SASE is a cloud-based security layer (DNS filtering, cloud firewall, web gateway). It does NOT replace physical firewall hardware (e.g., Fortinet, Palo Alto, SonicWall, Cisco ASA/Firepower). If a prospect needs to replace or upgrade physical firewalls at their locations, this is a network infrastructure project requiring hardware procurement, site surveys, and network engineering.","Multi-site WAN connectivity or SD-WAN — SGN does not provide site-to-site networking, WAN optimization, or circuit management between physical locations","Network infrastructure design or redesign — physical network topology, cabling, switch stacking, VLAN architecture at the hardware level","Perimeter firewall for on-premise data centers with complex ingress/egress rules, NAT, VPN concentrators, or DMZ architectures","Environments requiring hardware-based deep packet inspection at multi-gigabit throughput","OT/ICS network security where physical inline security appliances are required for industrial protocols"],"prerequisites":["Endpoints (Windows, Mac, or Linux) that can run the SGN agent for EDR/SASE","Internet connectivity at each site (SGN SASE routes traffic through the cloud)","For SIEM: log sources configured to forward to SGN (firewalls, servers, M365)"],"industry_considerations":[{"notes":"CRITICAL: Hospitals and clinics typically have physical firewalls protecting clinical networks, medical device VLANs, and patient data systems. SGN SASE/EDR is an excellent LAYER on top of existing physical security (endpoint protection, DNS filtering, SOC monitoring) but does NOT replace the physical firewall infrastructure. HIPAA physical safeguards require network segmentation at the hardware level for medical devices. Always scope SGN as complementary to physical firewalls, never as a replacement. If the prospect mentions replacing physical firewalls, escalate to solutions engineering immediately.","industry":"Healthcare"},{"notes":"OT/ICS environments need physical network segmentation between IT and OT networks. SGN LAN Zero Trust can help with software-defined segmentation for the IT side, but a physical firewall or gateway between IT and OT is still required. Escalate if the prospect has industrial control systems.","industry":"Manufacturing"},{"notes":"Financial institutions often have physical firewalls for PCI-DSS cardholder data environment (CDE) segmentation. SGN SASE complements this but does not replace physical CDE boundary controls.","industry":"Finance"},{"notes":"Schools with CIPA (Children's Internet Protection Act) filtering requirements — SGN SASE DNS filtering can meet this need and is a strong fit.","industry":"Education"},{"notes":"Engineering firms often handle sensitive project data, intellectual property, and proprietary designs for government or private clients. If the firm holds DoD contracts or subcontracts, SGN SIEM logging and the Compliance Bundle may be required for CMMC Level 1 or Level 2 readiness — ask whether they handle Federal Contract Information (FCI) or Controlled Unclassified Information (CUI). SGN ZTNA/SASE is strong fit for firms with field engineers or project-site workers needing secure remote access without a traditional VPN. DNS filtering helps protect engineers who frequently access third-party portals, project management platforms, and client FTP sites.","industry":"Engineering"},{"notes":"Environmental consulting firms have highly mobile workforces — field scientists, site assessors, and project managers regularly work from remote sites with unreliable or public network connections. SGN SASE/ZTNA provides secure access for field workers regardless of network quality, eliminating VPN friction. Firms collecting sensitive site data (contamination samples, regulatory findings) have IP and client confidentiality obligations even without a formal compliance mandate. If the firm holds EPA, DoD, or state agency contracts, CUI handling and CMMC requirements may apply — ask whether they work under federal or state government contracts.","industry":"Environmental Consulting"}],"companion_solutions":["MID-CORE-SUPPORT","MID-WORKSTATION","MID-COMPLIANCE","MID-SERVER-MGMT"],"tags":["security","edr","sase","siem","soc","zero-trust","sgn"]},{"id":"1bc39c71-ce56-485a-a32b-16027e1200c7","service_line":"co_managed","service_line_label":"Co-Managed IT","package_name":"Datacenter","display_name":"Hosted Server - XX-Small","short_description":"Extra-extra-small hosted server (2 vCPU, 2GB RAM) — fully managed, flat-rate pricing","customer_description":"Extra-extra-small hosted server, normally Linux based. Includes management, patching, and support.","is_addon":false,"deployment_model":"cloud","included_services":[{"name":"vCPU 2 | 2GB RAM","description":"Virtual processor and memory allocation"},{"name":"Management, Patching, & Support","description":"Full server management as defined in Server Management package"}],"use_cases":["Uses or is willing to use Microsoft 365","Lightweight Linux workloads (web servers, DNS resolvers, monitoring agents)","Development and staging environments","Small utility or single-purpose servers","Organizations replacing equivalent Azure/AWS VM workloads at lower, predictable cost — no egress fees, no licensing complexity, no per-GB storage billing"],"not_suitable_for":["Organizations unwilling to use Microsoft 365, stuck on Google Workspace, Zoho, or other office bundle solutions","Production Windows Server workloads — insufficient resources for Windows","Database servers requiring significant memory","Applications requiring on-premise hosting for data sovereignty or latency reasons","Any hosted server quoted without MID-SERVER-MGMT — management is required, not optional"],"prerequisites":["Server Management package (MID-SERVER-MGMT) for included management"],"industry_considerations":[{"notes":"Verify that PHI storage in hosted datacenter meets HIPAA requirements. BAA coverage for hosting infrastructure needed.","industry":"Healthcare"},{"notes":"Hosted servers are a strong alternative to on-premise infrastructure in manufacturing offices and administrative environments. OT/ICS/SCADA systems must remain on-premise with physical segmentation — do not propose hosted servers as a replacement for operational technology infrastructure. Hosted servers are appropriate for ERP (e.g., Epicor, SYSPRO, JobBoss), document management, file sharing, and administrative workloads.","industry":"Manufacturing"},{"notes":"Engineering firms frequently run compute-intensive applications (CAD, simulation, modeling). Confirm workload requirements before sizing — Large or X-Large tiers may be needed for rendering or simulation servers. Hosted servers reduce the burden of maintaining on-premise infrastructure across multiple project office locations.","industry":"Engineering"}],"companion_solutions":["MID-SERVER-MGMT","MID-DRAAS-COLD"],"tags":["datacenter","server","hosting","linux"]},{"id":"588d72fb-0d61-48f1-95a5-168f06104d9d","service_line":"co_managed","service_line_label":"Co-Managed IT","package_name":"Datacenter","display_name":"Hosted Server - X-Small","short_description":"Extra-small hosted server (2 vCPU, 4GB RAM) — fully managed, flat-rate pricing","customer_description":"Extra-small hosted server, normally Linux or Windows based. Includes management, patching, and support.","is_addon":false,"deployment_model":"cloud","included_services":[{"name":"vCPU 2 | 4GB RAM","description":"Virtual processor and memory allocation"},{"name":"Management, Patching, & Support","description":"Full server management as defined in Server Management package"}],"use_cases":["Uses or is willing to use Microsoft 365","Small Linux or Windows server workloads","Secondary domain controllers","Small application or utility servers","Organizations moving traditional server workloads off hyperscaler VMs to reduce unpredictable billing — flat-rate managed hosting ~30% less than equivalent Azure/AWS configurations"],"not_suitable_for":["Organizations unwilling to use Microsoft 365, stuck on Google Workspace, Zoho, or other office bundle solutions","High-memory applications or databases — step up to Small or Medium","On-premise hosting requirements","Any hosted server quoted without MID-SERVER-MGMT — management is required, not optional"],"prerequisites":["Server Management package (MID-SERVER-MGMT)"],"industry_considerations":[{"notes":"Hosted servers are appropriate for administrative and ERP workloads. OT/ICS systems must stay on-premise with physical segmentation.","industry":"Manufacturing"},{"notes":"Confirm whether the workload involves compute-intensive applications (CAD, simulation) before settling on this tier. Step up to Medium or Large for engineering application servers.","industry":"Engineering"}],"companion_solutions":["MID-SERVER-MGMT","MID-DRAAS-COLD"],"tags":["datacenter","server","hosting"]},{"id":"eb548820-d8f3-4c85-9603-21079240899e","service_line":"co_managed","service_line_label":"Co-Managed IT","package_name":"Datacenter","display_name":"Hosted Server - Small","short_description":"Small hosted server (4 vCPU, 8GB RAM) — fully managed, flat-rate pricing","customer_description":"Small server normally used for things like a domain controller. Includes management, patching, and support.","is_addon":false,"deployment_model":"cloud","included_services":[{"name":"vCPU 4 | 8GB RAM","description":"Virtual processor and memory allocation"},{"name":"Management, Patching, & Support","description":"Full server management as defined in Server Management package"}],"use_cases":["Uses or is willing to use Microsoft 365","Domain controllers (primary or secondary)","Small file servers","Application servers with moderate workloads","Common replacement for Azure D2s/D4s VM equivalents — traditional Windows/Linux server workloads hosted at flat-rate, fully managed pricing without egress or licensing add-ons"],"not_suitable_for":["Organizations unwilling to use Microsoft 365, stuck on Google Workspace, Zoho, or other office bundle solutions","File servers for more than ~25 users — use Medium","SQL Server or database workloads — use Medium or larger","GPU-intensive applications","On-premise hosting requirements","Any hosted server quoted without MID-SERVER-MGMT — management is required, not optional"],"prerequisites":["Server Management package (MID-SERVER-MGMT)"],"industry_considerations":[{"notes":"Good fit for lightweight ERP application servers and shared file servers in manufacturing offices. OT/ICS must remain on-premise.","industry":"Manufacturing"},{"notes":"May be undersized for engineering application servers running CAD or simulation workloads — verify requirements before recommending. Suitable for project file sharing or document management.","industry":"Engineering"}],"companion_solutions":["MID-SERVER-MGMT","MID-DRAAS-STANDARD"],"tags":["datacenter","server","hosting"]},{"id":"543db961-2113-436c-9051-c38fee53fdfd","service_line":"co_managed","service_line_label":"Co-Managed IT","package_name":"Datacenter","display_name":"Hosted Server - Medium","short_description":"Medium hosted server (8 vCPU, 16GB RAM) — fully managed, flat-rate pricing","customer_description":"Medium servers are normally used for file servers, SQL servers, etc. The most common size for most servers. Includes management, patching, and support.","is_addon":false,"deployment_model":"cloud","included_services":[{"name":"vCPU 8 | 16GB RAM","description":"Virtual processor and memory allocation"},{"name":"Management, Patching, & Support","description":"Full server management as defined in Server Management package"}],"use_cases":["Uses or is willing to use Microsoft 365","File servers for 25-200 users","SQL Server databases for line-of-business applications","General-purpose Windows or Linux servers","Application servers (ERP, CRM, custom apps)","Most common server size for SMB and mid-market workloads — replaces on-premise hardware or Azure/AWS VMs at flat-rate managed pricing with no variable cost surprises"],"not_suitable_for":["Organizations unwilling to use Microsoft 365, stuck on Google Workspace, Zoho, or other office bundle solutions","Enterprise-scale database clusters or workloads requiring more than 16GB RAM — use Large or X-Large","GPU workloads","On-premise hosting requirements","Any hosted server quoted without MID-SERVER-MGMT — management is required, not optional"],"prerequisites":["Server Management package (MID-SERVER-MGMT)"],"industry_considerations":[{"notes":"Common size for EMR/EHR application servers. Verify application vendor hosting requirements.","industry":"Healthcare"},{"notes":"Common fit for mid-market ERP servers (Epicor, SYSPRO, JobBoss) and shared file/document servers in manufacturing environments.","industry":"Manufacturing"},{"notes":"Good general-purpose tier for project file servers and document management. For CAD application servers or compute-intensive simulation, evaluate Large instead.","industry":"Engineering"},{"notes":"Suitable for GIS application servers (ArcGIS Enterprise), project data repositories, and document management. Environmental firms often manage large geospatial datasets — confirm storage requirements separately.","industry":"Environmental Consulting"}],"companion_solutions":["MID-SERVER-MGMT","MID-DRAAS-STANDARD"],"tags":["datacenter","server","hosting"]},{"id":"ba9fd578-e6cf-4eb6-887e-790e32aa767d","service_line":"co_managed","service_line_label":"Co-Managed IT","package_name":"Datacenter","display_name":"Hosted Server - Large","short_description":"Large hosted server (16 vCPU, 32GB RAM) — fully managed, flat-rate pricing","customer_description":"Large hosted server for high-demand workloads requiring both significant compute and memory. Well-suited for large databases, busy application servers, and multi-role servers. Includes management, patching, and support.","is_addon":false,"deployment_model":"cloud","included_services":[{"name":"vCPU 16 | 32GB RAM","description":"Virtual processor and memory allocation"},{"name":"Management, Patching, & Support","description":"Full server management as defined in Server Management package"}],"use_cases":["Uses or is willing to use Microsoft 365","High-CPU processing workloads (batch jobs, data processing, compute-intensive applications)","Application servers that are CPU-bound rather than memory-bound","Multi-purpose servers handling multiple concurrent application roles","Cost-effective alternative to compute-optimized Azure Fsv2 or AWS C-series instances — flat-rate managed pricing, no per-hour billing, no egress fees"],"not_suitable_for":["Organizations unwilling to use Microsoft 365, stuck on Google Workspace, Zoho, or other office bundle solutions","Workloads requiring more than 32GB RAM — see X-Large tier","GPU-intensive workloads","On-premise hosting requirements"],"prerequisites":["Server Management package (MID-SERVER-MGMT)"],"industry_considerations":[{"notes":"Consider for heavier ERP workloads or multi-role servers running ERP and file serving simultaneously. If memory-bound (e.g., large SQL database), use X-Large instead.","industry":"Manufacturing"},{"notes":"Strong fit for CAD application servers, simulation/rendering workloads, or engineering platforms (e.g., Autodesk Vault, SolidWorks PDM). CPU-intensive tasks benefit from the 16 vCPU configuration.","industry":"Engineering"}],"companion_solutions":["MID-SERVER-MGMT","MID-DRAAS-PREMIUM"],"tags":["datacenter","server","hosting","database"]},{"id":"cab7b516-9e4d-4287-b580-7b0f2ca1a857","service_line":"co_managed","service_line_label":"Co-Managed IT","package_name":"Datacenter","display_name":"Hosted Server - X-Large","short_description":"Extra-large hosted server (16 vCPU, 64GB RAM) — high-memory, fully managed, flat-rate pricing","customer_description":"Extra-large hosted server for very high-memory workloads. Suited for large-scale SQL Server databases, memory-intensive ERP instances, and workloads that exceed the Large tier. Includes management, patching, and support.","is_addon":false,"deployment_model":"cloud","included_services":[{"name":"vCPU 16 | 64GB RAM","description":"Virtual processor and memory allocation"},{"name":"Management, Patching, & Support","description":"Full server management as defined in Server Management package"}],"use_cases":["Uses or is willing to use Microsoft 365","Very large database workloads requiring high memory (SQL Server, PostgreSQL at scale)","High-memory application servers (large ERP instances, in-memory processing)","Workloads that exceed the Large tier (16 vCPU, 32GB RAM)","Organizations replacing equivalent Azure E-series or AWS R-series memory-optimized VMs — traditional server workloads at flat-rate managed pricing, ~30% less than hyperscaler equivalents when all charges are accounted for"],"not_suitable_for":["Organizations unwilling to use Microsoft 365, stuck on Google Workspace, Zoho, or other office bundle solutions","Workloads requiring more than 64GB RAM — requires custom infrastructure scoping with solutions engineering","GPU-intensive workloads","On-premise hosting requirements"],"prerequisites":["Server Management package (MID-SERVER-MGMT)"],"industry_considerations":[{"notes":"Reserve for large ERP database servers or multi-application environments in larger manufacturing organizations. Overkill for most SMB manufacturing environments — verify actual workload before quoting.","industry":"Manufacturing"},{"notes":"Appropriate for large-scale simulation or modeling environments, or firms running multiple engineering applications on a single server. Verify actual memory consumption before recommending this tier.","industry":"Engineering"}],"companion_solutions":["MID-SERVER-MGMT","MID-DRAAS-PREMIUM"],"tags":["datacenter","server","hosting"]},{"id":"016af821-3838-4442-b15c-fa99e34d9de0","service_line":"co_managed","service_line_label":"Co-Managed IT","package_name":"Server Management","display_name":"MID - Server Management","short_description":"Comprehensive server monitoring, security, maintenance, and reporting","customer_description":"Complete server management including 24/7 uptime monitoring, real-time alerting, SIEM log monitoring, firewall configuration, intrusion detection/prevention, security patching, OS updates, quarterly health reports, and asset documentation.","is_addon":false,"deployment_model":"hybrid","included_services":[{"name":"24/7 Server Uptime Monitoring","description":"Round-the-clock monitoring and response"},{"name":"Real-time Alerting & Incident Response","description":"Immediate response to server issues"},{"name":"SIEM Log Monitoring (SGN)","description":"Security event and incident management"},{"name":"Firewall Configuration & Monitoring","description":"Network security management"},{"name":"IDS/IPS","description":"Intrusion detection and prevention systems"},{"name":"Security Patching & Vulnerability Management","description":"Regular security updates"},{"name":"OS Software Patching","description":"Operating system maintenance"},{"name":"Quarterly Health Reports","description":"Regular health assessments"},{"name":"Asset Inventory & Documentation","description":"Configuration documentation"}],"use_cases":["Uses or is willing to use Microsoft 365","Comprehensive management of servers hosted in the DataTel datacenter","24/7 monitoring, patching, and incident response for hosted server infrastructure","SIEM log monitoring and firewall configuration for hosted servers","Quarterly health reporting and asset documentation","Organizations that want traditional Windows/Linux server workloads fully managed at flat-rate pricing — without the complexity and variable billing of self-managed Azure VM, AWS EC2, or GCP Compute Engine equivalents"],"not_suitable_for":["Organizations unwilling to use Microsoft 365, stuck on Google Workspace, Zoho, or other office bundle solutions","Managing client-owned on-premise servers that DataTel does not host — this is for DataTel datacenter servers. On-premise server management is a separate scoping conversation.","Managing third-party cloud infrastructure (AWS EC2, Azure VMs, GCP) — separate cloud management service needed"],"prerequisites":["Server hosted in DataTel datacenter (any tier from XX-Small to X-Large)"],"industry_considerations":[{"notes":"Server management includes security patching which is critical for HIPAA compliance. Ensure BAA covers hosted server infrastructure.","industry":"Healthcare"},{"notes":"Patching discipline is especially important in manufacturing where ERP downtime has direct production impact. Change windows should be coordinated with operations schedules to avoid disruption during production runs.","industry":"Manufacturing"},{"notes":"Engineering application servers (Autodesk, SolidWorks, simulation platforms) may have specific patching constraints from application vendors. Coordinate change windows with the engineering team before deploying OS patches to application servers.","industry":"Engineering"},{"notes":"Firms running ArcGIS Enterprise or other GIS platforms should coordinate patching with GIS administrators, as Esri products have defined patch compatibility requirements.","industry":"Environmental Consulting"}],"companion_solutions":["MID-DATACENTER-MEDIUM","MID-SECURITY-COMPLETE","MID-DRAAS-STANDARD"],"tags":["server","monitoring","security","patching"]},{"id":"c29892c3-abe2-47de-aa19-412a2295de83","service_line":"co_managed","service_line_label":"Co-Managed IT","package_name":"Infrastructure","display_name":"MID - Certificate Management","short_description":"SSL/TLS certificate lifecycle management and automation","customer_description":"Managed certificate lifecycle including inventory management, expiry monitoring with automated alerts, renewal management, installation and configuration, revocation and replacement, integration with Active Directory/Azure/AWS, and compliance reporting.","is_addon":true,"deployment_model":"hybrid","included_services":[{"name":"Inventory Management","description":"Centralized inventory of all active certificates with expiration dates, usage, and assigned systems"},{"name":"Expiry Monitoring & Alerts","description":"Automated alerts before expiration (30, 15, 7 days) to client and DataTel"},{"name":"Renewal Management","description":"Automatic or manual renewal with domain validation and CA coordination"},{"name":"Installation & Configuration","description":"Deploy certificates to servers, firewalls, load balancers, and applications"},{"name":"Revocation & Replacement","description":"Revoke compromised or unused certificates and replace during migrations or security events"},{"name":"Integration & Automation","description":"Integrate with AD, Azure, AWS using APIs or ACME for automated deployment and renewal"},{"name":"Reporting & Compliance","description":"Audit logs and reports for PCI-DSS, HIPAA compliance. Track usage and renewal history."}],"use_cases":["Uses or is willing to use Microsoft 365","Organizations managing 5 or more SSL/TLS certificates across servers, firewalls, load balancers, or applications","Any organization that has experienced a service outage caused by an expired certificate","Compliance requirements for certificate lifecycle tracking (PCI-DSS, HIPAA encryption-in-transit)","Automated certificate renewal and deployment across complex environments","Organizations with certificates distributed across multiple systems who lack a centralized inventory"],"not_suitable_for":["Organizations unwilling to use Microsoft 365, stuck on Google Workspace, Zoho, or other office bundle solutions","Organizations with fewer than 3-5 certificates concentrated on simple public-facing websites — manual management is sufficient at that scale","Organizations whose certificates are fully managed by their hosting provider or CDN with no action required on their part"],"prerequisites":["Servers, firewalls, or load balancers where certificates need to be managed"],"industry_considerations":[{"notes":"Certificate management supports HIPAA encryption-in-transit requirements.","industry":"Healthcare"},{"notes":"PCI-DSS requires TLS 1.2+ with proper certificate management. Strong fit.","industry":"Finance"},{"notes":"Manufacturers with customer-facing portals, supplier EDI integrations, or ERP web interfaces may have multiple certificates to manage. CMMC compliance requires encryption in transit — certificate management supports auditability of that control.","industry":"Manufacturing"},{"notes":"Engineering firms running internal project portals, Autodesk/SolidWorks PDM servers, or collaboration platforms may benefit from centralized certificate management, particularly if certificates span multiple hosted or on-premise servers.","industry":"Engineering"}],"companion_solutions":["MID-SERVER-MGMT"],"tags":["certificates","ssl","tls","compliance","automation"]},{"id":"e3f29b79-45b7-4d47-b916-abe77d92088e","service_line":"co_managed","service_line_label":"Co-Managed IT","package_name":"Infrastructure","display_name":"MID - Domain, Hosting & Email Security","short_description":"Full domain & web presence security bundle — registration, DNS, WAF-protected hosting, backups, lookalike domain monitoring, and complete email authentication enforcement","customer_description":"Protect every layer of your domain and web presence. DataTel manages your domain registration and DNS, hosts your website behind a full security stack (WAF, malware scanning, DDoS protection) with automated backups, monitors for newly registered lookalike domains that could be used to impersonate you in phishing attacks, and enforces the complete email authentication stack (SPF, DKIM, DMARC, DNSSEC, MTA-STS) to prevent your domain from being spoofed. Included for Fully Managed clients. Available as an add-on for Co-Managed environments.","is_addon":false,"deployment_model":"cloud","included_services":[{"name":"Domain Registration & DNS Management","description":"Domain transfer into DataTel secure infrastructure. Full DNS management, renewal oversight, and DNSSEC enforcement to prevent DNS spoofing and cache poisoning."},{"name":"Web Hosting with Security Stack","description":"Managed business website hosting with Web Application Firewall (WAF), malware scanning, and DDoS protection. WordPress and standard hosting supported. Fully managed by DataTel."},{"name":"Web Hosting Backups","description":"Automated backups of hosted websites with point-in-time restore capability. Protects against data loss, ransomware, and accidental changes."},{"name":"Domain Monitoring (Lookalike & Newly Registered)","description":"Continuous monitoring for newly registered domains designed to impersonate the client — typosquats, homographs, and brand variations. Alerts on active threats and phishing infrastructure. Powered by DataTel Pulse threat intelligence."},{"name":"Email Authentication Enforcement","description":"Full email authentication stack configured, enforced, and continuously monitored: SPF (authorized sender control), DKIM (cryptographic message signing), DMARC (policy enforcement to reject), DNSSEC (DNS integrity), and MTA-STS (enforced encrypted transport). Monitored via Mailhardener with alerting on failures and policy drift."}],"use_cases":["Co-managed clients without DMARC enforcement — domain is actively spoofable","Organizations that have received reports of phishing emails impersonating their domain","Businesses with self-managed or consumer-hosted websites lacking WAF protection","Clients with domain registered through a consumer registrar (GoDaddy, Namecheap) without active management","Cyber insurance renewals flagging missing email authentication, domain monitoring, or web security controls","Healthcare organizations needing to protect patient-facing communications from domain spoofing","Any organization that wants proactive alerting if someone registers a lookalike domain targeting their brand or clients"],"not_suitable_for":[],"prerequisites":["Co-managed IT environment with DataTel providing security and infrastructure services","Client domain must be transferable to or manageable by DataTel DNS infrastructure"],"industry_considerations":[],"companion_solutions":["MID-SGN","MID-COMPLIANCE-BUNDLE"],"tags":["domain","hosting","web-security","waf","email-security","dmarc","dkim","spf","dnssec","mta-sts","domain-monitoring","phishing","mailhardener","dns","backup"]},{"id":"16aa08d2-a6a5-459d-8a4f-3c1a870b1bb6","service_line":"co_managed","service_line_label":"Co-Managed IT","package_name":"Disaster Recovery","display_name":"MID - DRaaS (Cold)","short_description":"Basic disaster recovery with 24-72hr RTO, daily backups","customer_description":"Cold disaster recovery tier with daily/overnight backups. Recovery Time Objective: 24-72 hours. Recovery Point Objective: 12-24+ hours. Cold storage failover with fully managed failback.","is_addon":false,"deployment_model":"cloud","included_services":[{"name":"Cold Storage Failover","description":"Basic failover infrastructure"},{"name":"Daily/Overnight Backups","description":"Standard backup frequency"},{"name":"Fully Managed Failback","description":"Managed recovery process"},{"name":"DR Runbook","description":"Detailed disaster recovery documentation"},{"name":"Semi-Annual DR Testing","description":"Manual DR test cadence"},{"name":"End-to-End Encryption","description":"Data encryption in transit and at rest"},{"name":"Immutable Backups + Rollback","description":"Ransomware protection"},{"name":"24/7 Monitoring + Alerting","description":"Replication job monitoring"}],"use_cases":["Uses or is willing to use Microsoft 365","Budget-conscious DR for non-critical systems","Compliance checkbox for basic disaster recovery capability","Systems where 24-72 hour recovery time is acceptable"],"not_suitable_for":["Organizations unwilling to use Microsoft 365, stuck on Google Workspace, Zoho, or other office bundle solutions","Any system handling PHI or supporting patient care — use Standard or Premium","Mission-critical systems where downtime has significant business or revenue impact","Environments requiring near-zero data loss","Organizations with cyber insurance or compliance mandates specifying RTO/RPO — verify before recommending"],"prerequisites":["Servers hosted in DataTel datacenter or compatible infrastructure"],"industry_considerations":[{"notes":"Do NOT recommend Cold tier for any system handling PHI or supporting clinical operations. HIPAA contingency planning requires a reasonable, documented RTO. 24-72 hours is unlikely to meet that bar for most clinical systems. Default to Standard for healthcare; recommend Premium for EMR/EHR and mission-critical clinical systems.","industry":"Healthcare"},{"notes":"Do NOT recommend Cold tier for ERP servers — production scheduling, inventory, and order management cannot sustain 24-72 hour recovery. Cold may be acceptable for archival document servers or non-operational systems only.","industry":"Manufacturing"},{"notes":"Do NOT recommend Cold tier for active project servers containing client deliverables or regulatory submissions. Cold may be acceptable for archived completed project data only.","industry":"Engineering"}],"companion_solutions":["MID-SERVER-MGMT"],"tags":["disaster-recovery","backup","cold"]},{"id":"842bdbd9-7f8a-477e-b38f-915c423ddaad","service_line":"co_managed","service_line_label":"Co-Managed IT","package_name":"Disaster Recovery","display_name":"MID - DRaaS (Standard)","short_description":"Standard disaster recovery with 4-12hr RTO, hourly backups","customer_description":"Standard disaster recovery with hourly or near-real-time backups. Recovery Time Objective: 4-12 hours. Recovery Point Objective: 1-4 hours. Pre-staged VMs with fully managed failback.","is_addon":false,"deployment_model":"cloud","included_services":[{"name":"Pre-staged VMs / Dormant","description":"Ready-to-activate virtual machines"},{"name":"Hourly/Near-Real-Time Backups","description":"Frequent backup schedule"},{"name":"Fully Managed Failback","description":"Managed recovery process"},{"name":"DR Runbook","description":"Detailed disaster recovery documentation"},{"name":"Semi-Annual DR Testing","description":"Manual DR test cadence"},{"name":"End-to-End Encryption","description":"Data encryption in transit and at rest"},{"name":"Immutable Backups + Rollback","description":"Ransomware protection"},{"name":"Moderate Bandwidth Optimization","description":"Compression for data transfer"}],"use_cases":["Uses or is willing to use Microsoft 365","Business-critical systems needing same-day recovery","Most compliance frameworks (HIPAA, PCI baseline)","Organizations where 1-4 hours of data loss is acceptable","General business continuity for servers and applications"],"not_suitable_for":["Organizations unwilling to use Microsoft 365, stuck on Google Workspace, Zoho, or other office bundle solutions","Real-time systems requiring instant failover (trading platforms, real-time patient monitoring)","Organizations with near-zero RPO requirements"],"prerequisites":["Servers hosted in DataTel datacenter or compatible infrastructure"],"industry_considerations":[{"notes":"Meets most HIPAA contingency planning requirements for clinical systems. Good balance of cost and recovery capability.","industry":"Healthcare"},{"notes":"Standard tier is the minimum recommended for ERP servers in manufacturing environments. Production downtime has direct revenue impact — verify the prospect understands a 4-12 hour RTO means a partial or full production day lost.","industry":"Manufacturing"},{"notes":"Adequate for most engineering firm workloads including project file servers and document management. If the firm has active regulatory submissions with hard deadlines, discuss Premium to ensure delivery commitments can be met.","industry":"Engineering"},{"notes":"Appropriate for GIS and project data servers where same-day recovery is acceptable. If the firm has active regulatory reporting obligations with non-negotiable deadlines, discuss Premium.","industry":"Environmental Consulting"}],"companion_solutions":["MID-SERVER-MGMT"],"tags":["disaster-recovery","backup","standard"]},{"id":"df0fcb29-00cc-48d9-a42e-9d7bef055b24","service_line":"co_managed","service_line_label":"Co-Managed IT","package_name":"Disaster Recovery","display_name":"MID - DRaaS (Premium)","short_description":"Premium disaster recovery with <1hr RTO, continuous replication","customer_description":"Premium disaster recovery with continuous replication. Recovery Time Objective: Under 1 hour. Recovery Point Objective: Near-zero to 15 minutes. Standby system with live failover and application-aware sequencing.","is_addon":false,"deployment_model":"cloud","included_services":[{"name":"Standby System","description":"Always-ready failover infrastructure"},{"name":"Continuous Replication","description":"Near-zero data loss"},{"name":"Fully Managed Failback","description":"Managed recovery process"},{"name":"DR Runbook","description":"Detailed disaster recovery documentation"},{"name":"Semi-Annual DR Testing","description":"Manual DR test cadence"},{"name":"End-to-End Encryption","description":"Data encryption in transit and at rest"},{"name":"Immutable Backups + Rollback","description":"Ransomware protection"},{"name":"Fully Optimized + Deduplication","description":"Full bandwidth optimization"},{"name":"Application-Aware Sequencing","description":"Fully sequenced failover with dependency awareness"}],"use_cases":["Uses or is willing to use Microsoft 365","Mission-critical systems requiring near-zero downtime","Real-time applications where data loss is unacceptable","Environments with strict compliance RTO/RPO requirements","Organizations where hourly downtime costs exceed the premium DR investment"],"not_suitable_for":["Organizations unwilling to use Microsoft 365, stuck on Google Workspace, Zoho, or other office bundle solutions","Non-critical systems where cost savings outweigh recovery speed — Cold or Standard tier better fit"],"prerequisites":["Servers hosted in DataTel datacenter or compatible infrastructure","Application architecture compatible with sequenced failover"],"industry_considerations":[{"notes":"Strongest HIPAA compliance posture for disaster recovery. Recommended for EMR/EHR systems and clinical data.","industry":"Healthcare"},{"notes":"Meets stringent financial services DR requirements. Near-zero RPO protects transaction data.","industry":"Finance"},{"notes":"Recommend Premium for ERP servers in manufacturing environments where production halts translate directly to revenue loss. Ask: what does one hour of production downtime cost? Premium pays for itself quickly in most manufacturing operations.","industry":"Manufacturing"},{"notes":"Consider Premium for firms managing active regulatory submission deadlines or time-sensitive project deliverables where server downtime could result in contract penalties.","industry":"Engineering"}],"companion_solutions":["MID-SERVER-MGMT"],"tags":["disaster-recovery","backup","premium","continuous-replication"]},{"id":"ef75df4f-9d9a-4a1a-834e-fd4d3bf3e236","service_line":"fully_managed","service_line_label":"Fully Managed IT","package_name":"Core Bundles","display_name":"MID - Core Support","short_description":"Required foundation for admin access, hosting, and network health","customer_description":"We offer a complete IT solution that makes managing your business technology simple and efficient. With Microsoft 365 Business Premium, you get access to essential security tools and cloud access. Your business identity is protected and streamlined with Microsoft Entra ID and Intune, while your domain and hosting services ensure your website and email are always up and running. Our network monitoring includes a firewall, switch, and wireless access point to keep your systems secure and connected.","is_addon":false,"deployment_model":"hybrid","included_services":[{"name":"M365 Business Premium","description":"Administrative access and controls over the M365 tenant (email, OneDrive, SharePoint)"},{"name":"Entra ID P2","description":"Security controls such as identifying risky sign-ins, privileged access management, and access reviews"},{"name":"Domain Registration & DNS Management","description":"Domain transfer into DataTel secure infrastructure. Full DNS management, renewal oversight, and protection against domain takeovers. DNSSEC enabled to prevent DNS spoofing and cache poisoning."},{"name":"Web Hosting with Security Stack","description":"Managed business website hosting with full security stack including Web Application Firewall (WAF), malware scanning, and DDoS protection. WordPress and standard hosting supported."},{"name":"Web Hosting Backups","description":"Automated backups of hosted websites with point-in-time restore capability. Protects against data loss, ransomware, and accidental changes."},{"name":"Domain Monitoring (Lookalike & Newly Registered)","description":"Continuous monitoring for newly registered domains that could be used to impersonate the client in phishing attacks. Alerts on lookalike domains, typosquats, and homograph variations. Powered by DataTel Pulse threat intelligence."},{"name":"Email Authentication Enforcement (DKIM/DMARC/SPF/DNSSEC/MTA-STS)","description":"Full email authentication stack configured and enforced: SPF (authorized senders), DKIM (message signing), DMARC (policy enforcement up to reject), DNSSEC (DNS integrity), and MTA-STS (encrypted transport enforcement). Ongoing monitoring via Mailhardener with alerting on failures and policy drift."},{"name":"Network Monitoring","description":"First firewall, access point, and switch included. SNMP monitoring for up/down time, configuration changes, access logs, and device config backup."}],"use_cases":["SMB needing full IT management and M365 administration","Businesses migrating to or already on Microsoft 365","Organizations needing basic network monitoring (single firewall, switch, AP)","Companies wanting domain security and hosting management","Cloud-first or cloud-transitioning environments"],"not_suitable_for":["Organizations unwilling to use Microsoft 365, stuck on Google Workspace, Zoho, or other office bundle solutions","Organizations with complex multi-site network architectures requiring multiple firewalls — Core Support includes only 1 firewall; additional sites need separate network quoting","Enterprises needing on-premise Active Directory server management — this is M365/cloud identity focused","Environments requiring advanced network engineering (SD-WAN, BGP routing, MPLS)","Organizations with non-Microsoft ecosystems (Google Workspace, on-prem Exchange only) unwilling to migrate","Organizations with no firewall at all running consumer-grade equipment — a proper business firewall must be scoped and deployed as part of or before onboarding"],"prerequisites":["Willingness to use Microsoft 365 Business Premium as the identity and productivity platform","At least one firewall, switch, or access point for network monitoring inclusion"],"industry_considerations":[{"notes":"Core Support meets baseline security for HIPAA cloud controls via M365 Business Premium + Entra ID P2, but HIPAA compliance requires the Compliance Bundle add-on for extended retention and GRC. Physical safeguards (facility access, workstation security) are outside scope.","industry":"Healthcare"},{"notes":"Good foundation for GLBA/SOX compliance with Entra ID P2 for access reviews. May need Compliance Bundle for extended audit logging.","industry":"Finance"},{"notes":"Email archiving and retention requirements common — recommend Email Archiving add-on.","industry":"Legal"},{"notes":"Check if prospect needs EDU licensing vs Business Premium. Different M365 SKUs apply.","industry":"Education"},{"notes":"Strong fit for the IT/administrative side of manufacturing operations. Core Support does NOT extend to OT/ICS/SCADA networks — those require physical network segmentation and specialized industrial security tooling. Clarify scope with the prospect: are they asking about office IT, factory floor systems, or both? Escalate if they have OT/ICS environments that need managed services. If the manufacturer holds DoD contracts and handles FCI or CUI, the Compliance Bundle is likely required for CMMC readiness.","industry":"Manufacturing"},{"notes":"Strong fit for engineering firm IT environments. Engineering firms handling government contracts — particularly DoD — should be asked whether they hold or are pursuing CMMC certification, as NIST 800-171 controls and audit logging requirements will determine whether the Compliance Bundle is needed. M365 Business Premium provides a solid foundation but may require the Compliance Bundle for CMMC Level 1 or 2 readiness.","industry":"Engineering"},{"notes":"Good fit for environmental consulting firms. Mobile workforce and remote field work are the primary IT complexity drivers — M365 and Entra ID P2 provide solid identity and access management for distributed teams. If the firm holds federal or state government contracts involving sensitive environmental data or CUI, ask about CMMC and compliance requirements. Firms working with EPA, DoD, or DOE under contracts involving CUI may need the Compliance Bundle.","industry":"Environmental Consulting"}],"companion_solutions":["MID-WORKSTATION","MID-USER","MID-COMPLIANCE"],"tags":["required","foundation","m365","security","network"]},{"id":"473e6f24-8304-42d9-b0e4-f9623d1e9880","service_line":"fully_managed","service_line_label":"Fully Managed IT","package_name":"Core Bundles","display_name":"MID - Workstation Bundle","short_description":"Endpoint management, security, print management, and helpdesk tools","customer_description":"Managed IT tools allow clients to easily access their software, use helpdesk buttons for quick support that will automatically open a ticket we can resolve 90% of the time before calling the client. With print management, you gain control over printing costs and document security. Our all-in-one security covers both endpoints and servers with real-time threat detection and antivirus tools. Our Client Portal lets you submit support tickets, view knowledge base articles, invoices and more.","is_addon":false,"deployment_model":"cloud","included_services":[{"name":"Application Management & Patching","description":"Third-party software deployment and patch management delivers faster results, reduces technician labor, and ensures endpoints are consistently up to date."},{"name":"SGN EDR","description":"All-in-one endpoint security solution with real-time threat detection, behavioral analysis, and ransomware protection."},{"name":"Cloud Print Management","description":"Cloud-managed print solution for cost control, document security, and simplified printer administration."},{"name":"Helpdesk Buttons","description":"Easy submission of ticket issues/requests. Logs recent actions when submitted to streamline troubleshooting."},{"name":"Vulnerability Scanning","description":"Monitors each endpoint for security vulnerabilities and misconfigurations."},{"name":"Seamless Ticket Submission & Logging","description":"Captures last 20 actions taken, log files, then automatically opens a ticket."}],"use_cases":["Uses or is willing to use Microsoft 365","Endpoint management for Windows and Mac workstations","Organizations needing automated software deployment and patching","Businesses wanting integrated helpdesk with automatic ticket creation","Environments requiring endpoint security (EDR + vulnerability scanning)","Print management and cost control needs"],"not_suitable_for":["Organizations unwilling to use Microsoft 365, stuck on Google Workspace, Zoho, or other office bundle solutions","Server-only environments without end-user workstations","Linux-only desktop environments — the endpoint management agent and EDR component have limited Linux desktop support; verify before committing","Thin client / VDI environments where agents cannot be installed on endpoints","BYOD-only organizations where no company-owned workstations exist — see MDM add-on instead"],"prerequisites":["Windows 10/11 or macOS endpoints that can run management agents","Core Support (MID-CORE-SUPPORT) must be in place as the foundation package"],"industry_considerations":[{"notes":"Medical devices (imaging stations, lab equipment) often run embedded Windows and cannot accept standard endpoint agents. Flag these for separate scoping. HIPAA requires endpoint encryption — SGN EDR covers threat detection but BitLocker/FileVault configuration is a separate conversation.","industry":"Healthcare"},{"notes":"Industrial control systems (ICS/SCADA) and shop floor PCs often run legacy OS versions. Verify agent compatibility before promising coverage.","industry":"Manufacturing"},{"notes":"Engineering workstations often run resource-intensive applications (AutoCAD, SolidWorks, Revit, MATLAB). Verify that standard endpoint agents do not conflict with engineering software licensing or performance requirements before deployment. GPU workstations may require configuration review.","industry":"Engineering"},{"notes":"Field staff tablets and laptops frequently connect from remote or uncontrolled network environments (field sites, client offices, public hotspots). Full endpoint protection including EDR and DNS filtering is especially important for this workforce profile. Confirm device inventory — environmental firms often have a mix of office workstations and ruggedized field devices that may require agent compatibility verification.","industry":"Environmental Consulting"}],"companion_solutions":["MID-CORE-SUPPORT","MID-USER","MID-SECURITY-TRAINING"],"tags":["endpoint","security","printing","helpdesk","workstation"]},{"id":"6b7cba4a-1cbf-49c3-b1e3-89961551b9ce","service_line":"fully_managed","service_line_label":"Fully Managed IT","package_name":"Core Bundles","display_name":"MID - User Bundle","short_description":"Email security, M365 backups, and client portal access per user","customer_description":"We provide a powerful set of IT services designed to protect your business and simplify day-to-day operations. Our email security solution keeps your inbox safe from spam, phishing, and malware. We ensure your data is protected with automated Office 365 backups, so your emails, files, and Teams data are always recoverable. Together, these services offer a streamlined, secure, and efficient IT environment for your business.","is_addon":false,"deployment_model":"cloud","included_services":[{"name":"Mesh Email Filtering","description":"Monitors email for spam, viruses, and other malicious email activities"},{"name":"AFI O365 Backups","description":"Backs up the M365 tenant per user (email, OneDrive, SharePoint) and acts as a time machine for that data"},{"name":"CloudRadial Portal Access","description":"Client Portal for tickets, KBs, viewing invoices, endpoints and more"}],"use_cases":["Uses or is willing to use Microsoft 365","Per-user email security and spam/phishing filtering","M365 data backup per user (email, OneDrive, SharePoint, Teams)","Client portal access for ticket management and self-service","Any organization with email users needing protection and backup"],"not_suitable_for":["Organizations unwilling to use Microsoft 365, stuck on Google Workspace, Zoho, or other office bundle solutions","Users who only need Teams access — see Teams Only User add-on instead","Users who only need email without portal access — see Email Only User add-on","Shared/service accounts that do not receive email — no per-user bundle needed"],"prerequisites":["Microsoft 365 mailbox per user","Core Support (MID-CORE-SUPPORT) must be in place"],"industry_considerations":[{"notes":"HIPAA requires email encryption for PHI. M365 Business Premium includes basic message encryption, but verify if prospect needs advanced encryption or DLP policies.","industry":"Healthcare"},{"notes":"Legal holds and eDiscovery requirements may exceed standard backup capabilities. Discuss Email Archiving add-on.","industry":"Legal"},{"notes":"Office and administrative staff = MID-USER. Production floor workers who only need Teams for shift communication = MID-TEAMS-ONLY. Shared production floor accounts or kiosk logins = confirm with solutions team whether shared accounts qualify for per-user licensing.","industry":"Manufacturing"},{"notes":"Engineers and PMs who collaborate externally with clients, subs, and agencies = MID-USER. Confirm that project collaboration is occurring via Teams and M365 rather than third-party platforms (e.g., Procore, Newforma) to ensure the licensing model fits their workflow.","industry":"Engineering"},{"notes":"Most environmental consulting staff qualify for MID-USER given external client communication and field reporting via M365. Field technicians who only use mobile devices for data collection and internal communication may qualify for MID-TEAMS-ONLY — verify their actual M365 usage before assigning tier.","industry":"Environmental Consulting"}],"companion_solutions":["MID-CORE-SUPPORT","MID-WORKSTATION","MID-EMAIL-ARCHIVING"],"tags":["email","backup","portal","per-user"]},{"id":"20e3af50-f8fe-445b-809d-a7cc5c9b815a","service_line":"fully_managed","service_line_label":"Fully Managed IT","package_name":"Add-ons","display_name":"MID - MDM (Mobile Device Management)","short_description":"Mobile device management with remote wipe, BYOD, and centralized control","customer_description":"Mobile Device Management protects company data with remote wipe capabilities, centralized management, allows for BYOD (Bring Your Own Device), and reduces IT burden.","is_addon":true,"deployment_model":"cloud","included_services":[{"name":"Enterprise MDM Suite","description":"Remote wipe, centralized device management, and BYOD support. Supports iOS, Android, Windows, and macOS."}],"use_cases":["Uses or is willing to use Microsoft 365","Organizations with company-owned mobile devices (phones, tablets)","BYOD policies where personal devices access corporate data","Field workers or remote staff using mobile devices for work","Healthcare staff with tablets for patient care"],"not_suitable_for":["Organizations unwilling to use Microsoft 365, stuck on Google Workspace, Zoho, or other office bundle solutions","Desktop/laptop-only environments — use Workstation Bundle instead","Organizations that have already fully deployed Intune through their own IT team"],"prerequisites":["Microsoft 365 licensing that includes Intune (Business Premium or E3/E5)","Core Support (MID-CORE-SUPPORT) in place"],"industry_considerations":[{"notes":"HIPAA requires remote wipe capability for devices accessing PHI. MDM is often a compliance requirement, not optional.","industry":"Healthcare"},{"notes":"POS tablets and kiosk devices may need specialized MDM profiles.","industry":"Retail"},{"notes":"Relevant for manufacturers with mobile device deployments (tablets for production floor, field service technicians). Shared device profiles may require a different MDM configuration than standard personal-use profiles — confirm device ownership model.","industry":"Manufacturing"},{"notes":"Strong fit for engineering firms where project managers and field engineers use tablets or phones to access project data and client communication from job sites.","industry":"Engineering"},{"notes":"High-value for environmental firms with field scientists and site assessors using mobile devices to collect and submit data from remote locations. Remote wipe capability is important for devices that may be lost or damaged in field conditions. Ruggedized device profiles may need MDM configuration review.","industry":"Environmental Consulting"}],"companion_solutions":["MID-CORE-SUPPORT","MID-WORKSTATION"],"tags":["mobile","mdm","byod","addon"]},{"id":"921b8451-bc5b-4a35-bfef-409f1e38751e","service_line":"fully_managed","service_line_label":"Fully Managed IT","package_name":"Add-ons","display_name":"MID - SMTP Email Relay","short_description":"SMTP relay service for scan-to-email and device/application email delivery","customer_description":"A managed SMTP relay service that enables printers, copiers, security systems, and line-of-business applications to send email through a reliable, authenticated relay — without routing through your primary M365 mailboxes.","is_addon":true,"deployment_model":"cloud","included_services":[{"name":"Managed SMTP Relay","description":"Authenticated SMTP relay for device and application email delivery. Supports scan-to-email, automated notifications, and application-generated messages. Isolated from primary M365 mail flow."}],"use_cases":["Uses or is willing to use Microsoft 365","Multifunction printers/copiers that need scan-to-email","Line-of-business applications that send automated emails","Devices that need SMTP relay (security cameras, monitoring systems)"],"not_suitable_for":["Organizations unwilling to use Microsoft 365, stuck on Google Workspace, Zoho, or other office bundle solutions","Bulk marketing email campaigns — this is for device/application email relay only","Replacing a full email service — this supplements M365, not replaces it"],"prerequisites":["Devices or applications that need to send email via SMTP relay"],"industry_considerations":[],"companion_solutions":["MID-CORE-SUPPORT"],"tags":["email","smtp","devices","relay","addon"]},{"id":"ea59e86d-5416-4237-b4ea-a68d8e6e2feb","service_line":"fully_managed","service_line_label":"Fully Managed IT","package_name":"Add-ons","display_name":"MID - Teams Only User","short_description":"Lightweight user with M365 backup only","customer_description":"For users who only need Teams access with M365 tenant backup.","is_addon":true,"deployment_model":"cloud","included_services":[{"name":"AFI.AI Backup","description":"Backs up the M365 tenant per user (email, OneDrive, SharePoint)"}],"use_cases":["Uses or is willing to use Microsoft 365","Part-time employees who only use Teams for communication","Frontline workers without dedicated email needs","Warehouse or shop floor staff who collaborate via Teams only"],"not_suitable_for":["Organizations unwilling to use Microsoft 365, stuck on Google Workspace, Zoho, or other office bundle solutions","Users who send/receive external email — they need the full User Bundle","Users who need OneDrive file storage or SharePoint access beyond Teams"],"prerequisites":["M365 license that includes Teams","Core Support in place"],"industry_considerations":[],"companion_solutions":["MID-CORE-SUPPORT"],"tags":["teams","lightweight","per-user","addon"]},{"id":"8fc068c0-4413-4a5e-8591-19daa5a29658","service_line":"fully_managed","service_line_label":"Fully Managed IT","package_name":"Add-ons","display_name":"MID - Email Only User","short_description":"Email-only user with security filtering and backup","customer_description":"For users who only need email with security filtering and backup protection.","is_addon":true,"deployment_model":"cloud","included_services":[{"name":"Mesh Email Filtering","description":"Monitors email for fake messages, viruses, and other malicious activities"},{"name":"AFI.AI Backup","description":"Backs up the M365 tenant per user"}],"use_cases":["Uses or is willing to use Microsoft 365","Users who only need email without endpoint management or helpdesk","Part-time staff or contractors with email-only access"],"not_suitable_for":["Organizations unwilling to use Microsoft 365, stuck on Google Workspace, Zoho, or other office bundle solutions","Users who need Teams, OneDrive, or full productivity suite","Users with company-managed workstations — they need the Workstation Bundle"],"prerequisites":["M365 mailbox","Core Support in place"],"industry_considerations":[],"companion_solutions":["MID-CORE-SUPPORT"],"tags":["email","lightweight","per-user","addon"]},{"id":"7fb3aae0-8cbe-46a6-a1a3-23532f30dce6","service_line":"fully_managed","service_line_label":"Fully Managed IT","package_name":"Add-ons","display_name":"MID - Standardized Email Signatures","short_description":"Centralized email signature management and banner campaigns","customer_description":"Centralized signature management, brand consistency, banner campaigns, and compliance assistance.","is_addon":true,"deployment_model":"cloud","included_services":[{"name":"Email Signature Management","description":"Centralized signature management, brand consistency, banner campaigns, and compliance and regulatory assistance."}],"use_cases":["Uses or is willing to use Microsoft 365","Organizations wanting uniform branded email signatures company-wide","Companies running marketing banner campaigns in email footers","Compliance-driven environments needing mandatory legal disclaimers"],"not_suitable_for":["Organizations unwilling to use Microsoft 365, stuck on Google Workspace, Zoho, or other office bundle solutions","Organizations with fewer than 10 users — cost may not justify the benefit"],"prerequisites":["Microsoft 365 email"],"industry_considerations":[{"notes":"Legal disclaimers in email signatures are often required. Good fit.","industry":"Legal"},{"notes":"HIPAA disclaimers can be enforced via centralized signatures.","industry":"Healthcare"},{"notes":"Engineering firms often have PE (Professional Engineer) license disclosure or liability disclaimer requirements in external communications. Centralized signatures ensure regulatory language is applied consistently across all staff.","industry":"Engineering"},{"notes":"Environmental consulting firms may include professional certification disclosures (e.g., Licensed Professional Geologist, Certified Environmental Professional) or regulatory disclaimer language. Centralized management ensures consistency and compliance across a distributed field workforce.","industry":"Environmental Consulting"}],"companion_solutions":["MID-USER"],"tags":["email","branding","compliance","addon"]},{"id":"dd35a4b0-2ef7-49c8-8cc7-30c54b3536ab","service_line":"fully_managed","service_line_label":"Fully Managed IT","package_name":"Add-ons","display_name":"MID - End User Security Awareness Training","short_description":"Employee cybersecurity education and phishing awareness","customer_description":"Educates employees on how to recognize and avoid cyber threats like phishing, social engineering, and unsafe browsing. Helps reduce human error—the leading cause of security breaches—by turning users into a proactive line of defense.","is_addon":true,"deployment_model":"cloud","included_services":[{"name":"Security Awareness Training & Phishing Simulation","description":"Managed employee cybersecurity education and phishing simulation. Tracks risk scores by user and delivers targeted training based on behavior."}],"use_cases":["Uses or is willing to use Microsoft 365","Organizations wanting to reduce phishing risk through employee education","Compliance frameworks requiring security awareness training (HIPAA, PCI, SOC2)","Companies that have experienced phishing or social engineering attacks","Cyber insurance requirements for employee training documentation","Prospect says employees keep clicking on phishing emails or suspicious links","Prospect recently had an incident that started with a user action (clicked a link, opened an attachment, gave credentials to a fake site)","Cyber insurance renewal asked whether the organization conducts regular security awareness training","Prospect wants documentation of employee security training for an audit or compliance review"],"not_suitable_for":["Organizations unwilling to use Microsoft 365, stuck on Google Workspace, Zoho, or other office bundle solutions","Organizations that already have a mature training program through another vendor and want to keep it"],"prerequisites":["Active users with email access for phishing simulations"],"industry_considerations":[{"notes":"HIPAA requires workforce security training. This satisfies that requirement and provides documentation for audits.","industry":"Healthcare"},{"notes":"GLBA and PCI-DSS require security awareness training. Strong compliance fit.","industry":"Finance"},{"notes":"Manufacturing employees — particularly production floor workers — are often less security-aware than office staff and may be targeted through phishing campaigns exploiting supplier or shipping communication. CMMC Level 1 requires basic security awareness for all users handling FCI. Security training provides the documentation trail needed for CMMC compliance assessments.","industry":"Manufacturing"},{"notes":"Engineering firms are frequent targets of IP theft via phishing and social engineering, particularly firms working on defense, energy, or infrastructure projects. CMMC-bound firms must conduct regular security awareness training as part of NIST 800-171 control AT.2.056. Training documentation is required for CMMC assessments.","industry":"Engineering"},{"notes":"Field-based workforces present elevated risk — staff regularly use public Wi-Fi, personal hotspots, and unfamiliar networks. Training on phishing, safe browsing, and mobile device hygiene is especially relevant. If the firm holds government contracts with CMMC requirements, security awareness training is a required control.","industry":"Environmental Consulting"}],"companion_solutions":["MID-USER","MID-COMPLIANCE"],"tags":["security","training","phishing","per-user","addon"]},{"id":"640d1232-9cac-4140-94bf-89241a83b2a0","service_line":"fully_managed","service_line_label":"Fully Managed IT","package_name":"Add-ons","display_name":"MID - Email Archiving","short_description":"Long-term cloud email archiving for legal and compliance","customer_description":"Secondary backup for legal and/or compliance reasons. Cloud-based email archiving and analytics platform for small to mid-sized businesses to securely store, search, and analyze all organizational email communications.","is_addon":true,"deployment_model":"cloud","included_services":[{"name":"Email Vault","description":"Cloud-based email archiving and analytics. Securely store, search, and analyze email communications for compliance, insights, and risky behavior detection."}],"use_cases":["Uses or is willing to use Microsoft 365","Legal hold and eDiscovery requirements","Compliance frameworks requiring long-term email retention","Organizations involved in litigation or regulatory oversight","Secondary backup for email data beyond standard M365 backup"],"not_suitable_for":["Organizations unwilling to use Microsoft 365, stuck on Google Workspace, Zoho, or other office bundle solutions","Organizations only needing standard email backup — AFI O365 Backups in the User Bundle covers that","Non-email archival needs (file archiving, database archiving)"],"prerequisites":["M365 email in place"],"industry_considerations":[{"notes":"HIPAA requires retention of communication containing PHI. 7-year retention recommended.","industry":"Healthcare"},{"notes":"SEC Rule 17a-4 and FINRA require specific email retention periods. Verify compliance.","industry":"Finance"},{"notes":"Law firms often need indefinite retention and advanced search for eDiscovery.","industry":"Legal"},{"notes":"Manufacturers with DoD contracts may need documented audit trails of communications involving contract performance. Email archiving supports eDiscovery readiness and CMMC documentation requirements. Also relevant for manufacturers with product liability exposure — retained communications can be critical in litigation.","industry":"Manufacturing"},{"notes":"Engineering firms frequently face eDiscovery requests related to project disputes, construction defect claims, or contract disputes. Long-term searchable email retention is valuable for firms with ongoing project liability. Regulatory submission correspondence should be retained — archiving provides immutable audit trail.","industry":"Engineering"},{"notes":"Environmental consultants may face regulatory scrutiny or litigation years after project completion — particularly for site remediation, contamination assessments, or permit work. Retaining communications indefinitely or for extended periods supports defense in regulatory enforcement actions or civil litigation. Ask whether the firm has an established records retention policy.","industry":"Environmental Consulting"}],"companion_solutions":["MID-USER","MID-COMPLIANCE"],"tags":["email","archiving","compliance","legal","addon"]},{"id":"0d56e385-217b-48aa-a042-4b6ca1c32381","service_line":"fully_managed","service_line_label":"Fully Managed IT","package_name":"Add-ons","display_name":"MID - Compliance Bundle","short_description":"Enhanced logging, backups, and monitoring for compliance frameworks","customer_description":"Enhance logging, backups, and monitoring beyond standards for clients who need to meet compliance requirements or want additional coverage for insurance.","is_addon":true,"deployment_model":"cloud","included_services":[{"name":"90-Day SIEM Retention","description":"Extended SIEM log retention for cyber insurance and compliance requirements."},{"name":"SGN GRC (Governance, Risk & Compliance)","description":"NIST CSF Security Framework, Compliance Assistant, Policies/Procedures/Documents Manager, Security Assessments."},{"name":"7-Year Email Backup","description":"Extended email backup retention for frameworks requiring long-term data retention."},{"name":"SaaS Application Monitoring","description":"Detect rogue IT use and software applications bypassing approved client tools."},{"name":"Email Vault","description":"Legal email archive for compliance and eDiscovery."},{"name":"Compliance Questionnaire Assistance","description":"Guided help completing compliance questionnaires for insurance, audits, and regulatory frameworks."}],"use_cases":["Uses or is willing to use Microsoft 365","Organizations in regulated industries (healthcare, finance, government)","Companies needing to meet cyber insurance compliance requirements","Businesses pursuing SOC2, HIPAA, PCI-DSS, or NIST compliance","Organizations needing extended SIEM log retention for audit purposes","Companies wanting to detect shadow IT and unauthorized SaaS usage","Prospect says their cyber insurance renewal asked them to improve security posture or document controls","Prospect recently failed an audit or received findings they need to remediate","Prospect is trying to win a contract that requires demonstrating a compliance framework","Prospect mentions they need security policies and procedures but do not know where to start"],"not_suitable_for":["Organizations unwilling to use Microsoft 365, stuck on Google Workspace, Zoho, or other office bundle solutions","Organizations with no compliance requirements and no cyber insurance mandates — the base M365 configuration already meets broad security standards","Prospects who only need one component (e.g., just GRC) — individual items may be available separately"],"prerequisites":["Core Support and Workstation Bundle in place","SGN security stack deployed for SIEM and GRC integration"],"industry_considerations":[{"notes":"HIPAA compliance bundle is a strong fit. 7-year email backup retention, SIEM retention, and GRC cover core HIPAA technical safeguards. BAA must be signed. Physical safeguards (facility access) and administrative safeguards (policies, training) need separate discussion.","industry":"Healthcare"},{"notes":"Covers GLBA, SOX, and PCI-DSS baseline requirements. Extended SIEM retention meets most audit trail requirements.","industry":"Finance"},{"notes":"May need CMMC or FedRAMP compliance which goes beyond this bundle. Escalate to solutions team.","industry":"Government"},{"notes":"CMMC compliance is now a mandatory requirement for DoD contractors and subcontractors. CMMC Level 1 (FCI only) requires 15 basic controls; Level 2 (CUI) requires all 110 NIST SP 800-171 controls. The Compliance Bundle supports CMMC readiness through SIEM logging, GRC documentation, and extended retention — but CMMC Level 2 certification requires a third-party C3PAO assessment and goes beyond what DataTel can deliver alone. Position as a foundational component of CMMC readiness, not a complete CMMC solution. Phased CMMC rollout in DoD contracts began November 2025; prime contractors are already flowing down requirements to subcontractors. Ask: do they hold DoD contracts? Do they handle FCI or CUI? Escalate CMMC-specific engagements to solutions engineering.","industry":"Manufacturing"},{"notes":"Engineering firms with DoD contracts face the same CMMC requirements as manufacturers — NIST SP 800-171 (110 controls) for CUI-handling firms. The Compliance Bundle provides the SIEM retention, GRC documentation, and security policy framework that CMMC requires, but Level 2 certification requires C3PAO assessment. Firms pursuing government contracts should be advised to begin CMMC gap assessments immediately — average preparation time for Level 2 is 6-12 months. Escalate CMMC-specific engagements.","industry":"Engineering"},{"notes":"Environmental consulting firms holding federal contracts (EPA, DoD, DOE, Army Corps of Engineers) may be subject to CMMC if their work involves CUI. State agency contracts may have separate data handling requirements. Even for firms without formal compliance obligations, the Compliance Bundle provides GRC documentation and security posture evidence useful for winning government contracts through competitive procurement. Ask whether the firm works under federal contracts and whether those contracts reference data handling or cybersecurity requirements.","industry":"Environmental Consulting"}],"companion_solutions":["MID-CORE-SUPPORT","MID-WORKSTATION","MID-SECURITY-TRAINING","MID-EMAIL-ARCHIVING"],"tags":["compliance","hipaa","siem","grc","insurance","addon"]},{"id":"2d814b51-2816-4a25-a7da-8fb617b94dce","service_line":"network","service_line_label":"Network Services","package_name":"Internet Services","display_name":"ISP Resell - Internet Services","short_description":"Internet connectivity services resold through DataTel","customer_description":"Business internet connectivity services including various speed tiers and term options. Managed through DataTel for simplified billing and support.","is_addon":false,"deployment_model":"physical","included_services":[{"name":"Business Internet","description":"Various speed tiers and term lengths available"},{"name":"Cloud Hotspot","description":"Managed hotspot connectivity"}],"use_cases":["Business internet connectivity for single or multi-site organizations","Bundling internet with managed IT services for simplified billing","Managed hotspot connectivity for guest or public access"],"not_suitable_for":["Organizations needing complex WAN architecture design — ISP resell covers the circuit, not network engineering","High-performance dedicated fiber with SLA guarantees — may need direct carrier relationship"],"prerequisites":["Physical location(s) where internet service can be delivered"],"industry_considerations":[{"notes":"Clinical environments often need dedicated circuits for EMR/EHR with QoS guarantees. Verify bandwidth and reliability requirements.","industry":"Healthcare"},{"notes":"Manufacturing facilities may require dedicated bandwidth for ERP cloud connectivity, VoIP, and remote monitoring of production systems. Confirm bandwidth requirements separately for office IT vs. any cloud-connected OT systems. Redundant circuits are worth discussing for plants where internet outage halts operations.","industry":"Manufacturing"},{"notes":"Field offices and remote project sites typically rely on cellular or satellite connectivity outside DataTel scope. Primary office internet is a fit for firm headquarters and regional offices. Confirm whether the firm has any fixed office locations that need managed internet services.","industry":"Environmental Consulting"}],"companion_solutions":["MID-CORE-SUPPORT"],"tags":["network","isp","internet","connectivity"]},{"id":"eb0ec4c4-d313-4d8b-a57e-fc16f8eb83a8","service_line":"voip","service_line_label":"VoIP & Communications","package_name":"Voice Services","display_name":"VoIP Services","short_description":"Fully managed business telephony built on carrier-grade UCaaS infrastructure","customer_description":"DataTel Voice delivers enterprise-grade business phone service managed end-to-end — from number porting and hardware provisioning to IVR configuration, training, and ongoing support. Built on the GigTel platform, backed by Endeavor Communications, a nonprofit telecom cooperative with over 70 years of telecommunications heritage and $110M+ in carrier-grade infrastructure. Includes desk phones, conference room solutions, overhead paging, and multi-site auto-attendant. All-inclusive flat-rate pricing with unlimited US-based support at no additional cost.","is_addon":false,"deployment_model":"hybrid","included_services":[{"name":"Managed VoIP Phone System","description":"Cloud-based business phone system with auto-attendant, call queues, ring groups, voicemail-to-email, and mobile app. Managed and supported by DataTel."},{"name":"Desk Phones & Hardware","description":"Yealink and Grandstream desk phones, conference phones, and accessories. Provisioned and configured by DataTel. BYOD (unlocked SIP phones) also supported."},{"name":"Number Porting & DID Management","description":"Full porting of existing business numbers. Local, toll-free, and extension management across locations."},{"name":"Multi-Site Auto-Attendant & IVR","description":"Single auto-attendant routing calls to queues, extensions, or any phone regardless of worker location. Configured and maintained by DataTel."},{"name":"Overhead Paging, Intercom & Alerting","description":"Physical overhead paging systems, door intercoms, and emergency alerting integrated with the phone system."},{"name":"Voicemail-to-Email Transcription","description":"Voicemail messages transcribed and delivered to email inbox."},{"name":"Unlimited US-Based Support","description":"DataTel and GigTel platform support included at no additional cost — no tiered support model, no per-incident fees."}],"use_cases":["Businesses replacing legacy on-premise PBX systems (Mitel, Avaya, NEC, on-prem Cisco)","Organizations moving from POTS lines or aging hardware to cloud-based telephony","Multi-site businesses needing unified phone management across locations","Healthcare organizations needing HIPAA-capable voice with overhead paging and physical telephony infrastructure","Companies evaluating self-service UCaaS platforms (RingCentral, Zoom Phone, Teams Phone) that want a fully managed alternative","Organizations needing conference room phone solutions and overhead paging integrated with their phone system"],"not_suitable_for":["Contact center / call center deployments with 50+ agents and advanced ACD, workforce management, or omnichannel routing — needs specialized contact center scoping","Mission-critical 911 dispatch environments (emergency services, E911-primary systems) — specialized compliance requirements beyond standard E911 support","Prospects committed to self-managing their own UCaaS platform and not interested in a managed service model"],"prerequisites":["Reliable internet connection (for cloud VoIP)","Network infrastructure that can support QoS for voice traffic"],"industry_considerations":[{"notes":"Standard VoIP covers most clinic and medical office needs including overhead paging and multi-site management. Hospitals with nurse call system integration (e.g., Rauland, Cornell) require specialized clinical communication scoping — escalate. HIPAA-capable configuration is supported. Verify E911 requirements for clinical spaces.","industry":"Healthcare"},{"notes":"Call recording may be required for compliance. Confirm recording capability, retention period, and storage requirements with the solutions team.","industry":"Legal"},{"notes":"School emergency notification and lockdown integration with phone systems may be required. Discuss paging and alerting requirements during scoping.","industry":"Education"},{"notes":"Manufacturing facilities often have complex telephony needs beyond standard desk phones — overhead paging for production floor announcements, door intercoms for shipping/receiving, and multi-site call routing. DataTel VoIP on the GigTel platform supports full physical telephony infrastructure. Confirm whether the prospect has existing analog paging, intercom, or legacy PBX infrastructure that needs to be replaced or integrated.","industry":"Manufacturing"},{"notes":"Engineering firms with multiple project offices or field sites benefit from unified VoIP across locations with consistent number routing and internal extension dialing. Mobile integration is important for project managers and field engineers who need to reach office staff from job sites.","industry":"Engineering"},{"notes":"Environmental consulting firms with highly mobile workforces benefit from mobile softphone integration so field staff can make and receive calls on their office number from any location. Multi-site support is relevant for firms with regional offices. Physical telephony needs are typically minimal compared to manufacturing — standard desk phone deployment with mobile apps is the common configuration.","industry":"Environmental Consulting"}],"companion_solutions":["NET-ISP-RESELL","MID-CORE-SUPPORT"],"tags":["voip","voice","phone","telephony"]}]}