Service Level Agreement (SLA) for Hosted Services
1. Purpose
This page sets out the level of availability clients using our hosted services can expect from Callout Computers and the support that they can expect to receive for any issues that arise.
Please note that Callout Computers do offer multiple hosted services and the services and support provided for each one differ considerably. For example our web hosting packages do not generally include website alterations, code updates, security updates or maintenance of any kind, other than to ensure that our service remains available and stable. Any services required outside of the service offered would be chargeable at our standard rate. Please confirm with us, before commencing your service, what is included and not included with the service you are looking to use.
This agreement serves the following purposes:
– Provide clear reference to service ownership, accountability, roles and/or responsibilities.
– Present a clear, concise and measurable description of our services to the client.
– Match perceptions of expected service provision with actual service support and delivery for our hosted services.
2. Service Agreement
The following services are the responsibility of Callout Computers during the agreement period.
2.1. The following services are covered by this agreement:
– Telephone support.
– Email support.
– Software & security updates appropriate to the hosted service you are using.
– Regular backups of client data.
– Facilitating with client requirements such as security testing, auditing, software delivery & day-to-day client configuration and use of the system.
2.2. What is required by the client
The client is responsible for the following under this agreement:
– Payment for all support costs within the agreed time frame.
– Reasonable availability of the client (or representatives) when resolving a service related incident or request.
– Provision of client contact details who can be informed of any actions resulting from this agreement (including maintenance window notifications).
– Providing Callout Computers with a minimum of 1 weeks notice for any modification, testing or action that could result in our service being impacted.
2.3. What is required by Callout Computers
We are responsible for the following under this agreement:
– Ensuring an uptime of 99.95% for our network and power infrastructure at our key datacentre(s).
– Meeting the response times associated with any service related incidents as described below.
– Appropriate notification to the client for scheduled maintenance and scheduled downtime through our status portal.
– Ensuring that our hosting facility, core network and data is secured.
– That security updates and bug fixes are applied with a reasonable time as determined by us and third parties.
2.4. Service Assumptions
– An on-site nightly backup of all client data (excluding cloud backup service) will be carried out and verified.
– A weekly off-site backup of all client data (excluding cloud backup service) will be carried out.
– Any changes to your service will be communicated via this document a minimum of 30 days before they are to take effect.
We do not cover service related incidents caused by the following in our hosted services agreement:
– Client’s local network or internet connection. We are happy to assist with resolving these issues however they will not count towards unscheduled downtime of our service.
– Any client or third party configured settings that could affect the performance of our hosted services. This includes but is not limited to firewall configuration, bandwidth shaping or PC configuration settings.
– Client’s domain names which are managed by the client or a third party, excluding domains managed by ourselves.
– Any service requests that require major changes will be classed as change requests and charged at our standard hourly rate. This can include (but are not limited to) software installation/uninstallation, hardware alterations or relocation of equipment.
3. Service Provision
At all times we will host all client data in a datacentre and maintain a core network that meets or exceeds the following requirements for capacity, security and resiliency:
| Category | Requirements |
|---|---|
| Physical Security | 24/7/365 Manned security gate with ID and pass check to gain entry to the facility Personal Access Card (PAC) to gain access to the datacentre building Locked data cabinets with restricted access to directors of Callout Computers 100% interior CCTV coverage, monitored |
| Digital Security | Network segmentation of customer machines & data Maintenance of firewalls at network entry points with business requirement check on all changes SSL/TLS security used for all external communications and internal communications where required Extensive organisation policies to control data access, account security & third party access |
| Protection of Data | Nightly on-site backup and verification of all customer data Weekly off-site backup of all customer data VESDA (Very Early Smoke Detection Apparatus) and gas based fire suppression to be maintained |
| Resiliency | To use an N+N rated datacentre and network design to protect against individual failures, to include: – Dual diverse network feeds from London Telehouse (East and West) delivered right through to each server – Dual power feeds from the national grid delivered right through to cabinet level and into each server – Separate battery backup & diesel generators attached to each power feed – Fully redundant air cooling system in N+N designTo provide a redundant network including dual redundant router and switch design to protect against core network component failure To provide redundancy at a hardware level with enterprise grade components, to include: – Redundant hard drives & SSD storage for all client data – Redundant components built into all servers, including power supply, network connections and cooling fans – Redundant server hosts to protect against complete server failure |
4. Service Management
Effective support of in-scope services is a result of maintaining consistent service levels. The following sections provide relevant details on service availability, monitoring of in-scope services and related components.
4.1. Service Availability
At all times we shall ensure that our core network and power is available for 99.95% of your contract length. Our core services, including website hosting, email hosting, cloud sync and network/security monitoring will be available for 99.95% of your contract length. The uptime of other services will be determined by multiple factors, including the type of service, client configuration and client service level requirements. Please discuss this with us before beginning your service.
Any planned maintenance work that we are required to carry out that will involve service downtime will be advised at least 2 days (48 hours) in advance in nearly all instances. Exceptions to this include security updates, released by third parties or ourselves, that require immediate application in order to keep our core network secure, provide a secure service for our client and keep client data secure. All maintenance work will be carried out outside of working hours (usually post 9PM on a Friday or Saturday evening) to ensure the minimum amount of downtime, unless otherwise agreed with the client(s) involved.
4.1. Support Availability
– We guarantee to offer telephone support between 9AM and 5PM, Monday to Friday. Phone support outside of this time maybe available but is not guaranteed.
– We guarantee to offer email support between 9AM and 5PM, Monday to Friday. Emails received outside of this time will be answered on the next working day.
4.2. Service Requests
To support the agreements made in this SLA Callout Computers will respond to service related incidents within the following timeframes:
Critical – Within 30 minutes during the hours of 8AM to 10PM and within 2 hours outside of these times
High – Within 2 hours during business hours (9AM to 5PM, Monday to Friday) and 4 hours outside of these times
Medium – Within 48 working hours
Low – Within 5 working days
The following definitions will be used to determine the priority of service related incidents unless otherwise agreed with the client:
| Severity | Example conditions | Users Impacted |
|---|---|---|
| Critical | Core network or critical power failure Unavailability of core services (web, email etc.) Major security vulnerability requiring immediate attention |
> 90% of Callout Computers Clients |
| High | Client server unavailable Core client software or client service not available Critical security patch affecting client software |
> 90% of client’s users |
| Medium | Client or core service unavailable for some users Client software/service requiring updates to continue operation Third party access to client server required |
< 90% of client’s users |
| Low | Non critical updates (eg. software upgrades) Setup of client’s custom software / working with third parties to facilitate General security patching schedule |
< 90% of client’s users |
The priority of any service related incident or request not defined above will be agreed at the time between the client and Callout Computers.
* All times stated are in GMT/BST and do not include UK bank holidays.