Infosec Chicago

Statement of Work - Managed WordPress Hosting


This Statement of Work (“SOW”) is entered into and made effective on July 2, 2020 (“Effective Date”) and is made pursuant to that certain Infosec Chicago Master Services Agreement entered into as of (“Agreement”) by and between Brian Semrau d/b/a Infosec Chicago (“Infosec”), and (“Client”).

 

Capitalized terms used herein but not otherwise defined herein have the meanings ascribed to such terms in the Agreement.  If the terms and/or conditions of this SOW conflict with the terms and/or conditions of the Agreement and/or with any other SOW, the terms and/or conditions of this SOW will control (unless otherwise expressly provided herein or in the Agreement) solely with respect to the Services performed under this SOW. 

  1. Services.
    a.  Description of Services. Infosec shall provide the following services (“Services”) as further described herein.

    i.  Managed Security Services.
    Infosec shall assist Client with managing its system which shall include without limitation hosting their WordPress site on virtual servers provided by Digital Ocean or another comparable hosting service paid for by Infosec.  Transition to the new servers shall be included with this service.  Infosec shall provide the following services in addition to hosting, which may be added to or modified at any time at the discretion of Infosec:
       >  Brute Force Protection
       >  Directory/File Fuzzing Protection
       >  Restrict Passwords In HaveIBeenPwned
       >  Multifactor Authentication
       >  Daily Malware Scan
       >  Web Application Firewall
       >  Block known-bad IP addresses
       >  Live backups
       >  Daily database snapshot backups (14 copies will be kept before being written over)
       >  Weekly full site snapshot backups (5 copies will be kept before being written over)
       >  Managed WordPress core, themes, and plugin updates
       >  reCaptcha on sensitive pages (optional – Client shall alert Infosec if this is not desired)
       >  WP Rocket caching plugin (optional – Client shall alert Infosec if this is desired)
       >  Cloudflare configuration
       >  SSL/TLS certificate and configuration

       Further description of these services can be found at https://infosecchicago.com/managed-wordpress-security/; however, specifics of these services are subject to change at any time in order to protect Client against the current threats being seen against WordPress sites.

  2. Term.

    The initial term of this SOW shall commence on the Effective Date and shall continue for a period of 1 months thereafter, unless terminated earlier in accordance with the terms and conditions of the Agreement.  The SOW term shall renew automatically upon expiration of the previous term unless either party gives notice that they wish to terminate the agreement at least 10 days prior to the automatic renewal (unless otherwise agreed upon within the Agreement).

  3. Fees and Payment Terms.

    In consideration of Infosec’s performance of the Services in accordance with this SOW and the Agreement, Client will pay Infosec a fixed fee in the amount of $40/month.  Such fee shall be due and payable as follows: 100 percent (100%) upon execution of this SOW and on the first of each month thereafter. 
  4. Additional Terms:

    a.  Client will provide Infosec with full administrative access to their current WordPress site for the entire term of this Agreement and subsequent renewals of this Agreement.  If Client does not currently have a WordPress site, Infosec shall install a new instance of WordPress for Client; however, Infosec shall not have any hand in the design of the new instance of WordPress.  Client agrees to allow Infosec to maintain full administrative access to the new instance of WordPress for the entire term of this Agreement and subsequent renewals of this Agreement.

    b.  Client will be required to allow Infosec to transition their DNS records and Name Servers to Cloudflare.  Client will either give Infosec all necessary access to their DNS records and domain registration to perform this transition, or Client shall perform the transition themselves with the instructions from Infosec.

    c.  Under no circumstances should any service represented in this contract be interpreted to indicate that Infosec shall assist with any design of the WordPress site.

    d.  Email service is not included in this Agreement.  Email services such as Office 365 or Google Apps for Business can be added on; however, another Agreement will need to be signed for these services.  Please reach out to [email protected] to sign up for email services.

    e.  Client understands that while Infosec shall take reasonable steps to harden Client’s site per the work described in this Agreement, there is no such thing as 100% security or a guarantee that their site will never be compromised.  In the event that Client’s site is compromised, Infosec shall make a reasonable effort to help Client recover access to their site (such as restoring from backups if alerted within a reasonable amount of time before the backups have been written over).

IN WITNESS WHEREOF, the parties have caused this SOW to be signed by their duly authorized representatives as of the date set forth below.

For: Client

Its:  

Date: July 2, 2020

 

For: Infosec Chicago

Brian Semrau

Date: July 2, 2020

 

(Signatures below)

Leave this empty:

Signature arrow

Signed by Brian Semrau
Signed On: December 1, 2019

Infosec Chicago https://infosecchicago.com
Signature Certificate
Document name: Statement of Work - Managed WordPress Hosting
lock iconUnique Document ID: d97ad40e9a1916f5618bac8d4cda1b386110aae0
Timestamp Audit
November 29, 2019 12:25 pm CDTStatement of Work - Managed WordPress Hosting Uploaded by Brian Semrau - [email protected] IP 107.199.25.78, 107.199.25.78