TERMS OF SERVICE FOR ENTERPRISE ACTIVE DIRECTORY SERVICES

TERMS OF SERVICE FOR
ENTERPRISE ACTIVE DIRECTORY SERVICES

This Service is subject to and governed by the Customer's separate signed Master Services Agreement (MSA) or Customer Service Agreement (CSA) as applicable, with Consolidated Technology Services (CTS), calling itself Washington Technology Solutions or "WaTech" for short. The reference to WaTech means the same as Consolidated Technology Services. This Agreement is entered into between you and CTS for the provision of CTS' Enterprise Active Directory Services. For the purposes of this agreement "You" and "Customer" are used interchangeably and mean the entity to which CTS is providing service.

A. Service Description

EAD is a consolidated directory service built on Microsoft's Active Directory Services and lightweight directory access protocol database technologies. It is a reference system with attribute information about end user accounts and networked devices and also provides policy enforcement for securing and managing client and server systems across the enterprise.;

WaTech serves as the root administrator for Enterprise Active Directory (EAD) Services. EAD is a resource shared by multiple Customers within the State of Washington and is also known as a forest.

WaTech provides this service with multiple servers located in the WaTech State Data Center. Additional servers are located in Quincy to provide off site redundancy and additional recovery protection.

EAD provides directory services (authentication and authorization) as the foundation to many services provided by WaTech. EAD is the central identity store providing a single security context and access control per Customer. EAD provides the security trust function between Customers allowing access to network resources.

1. Governance

2. Production and Pre-Production Root Domains

  1. Governance for this service is provided through the Enterprise Active Directory Steering Committee (EAD Steering Committee), the Forest Resource Group (FRG), and the Forest Application Developers (FAD).

    The Enterprise Active Directory Steering Committee provides policy and oversight for the Forest. The EAD Steering Committee meets regularly with participation by Forest Customer members.

    The Forest Resource Group (FRG) consists of system administrators from participating Customers. This group provides detail design and engineering recommendations to the Forest Steering Committee for approval.

    The Forest Application Developers (FAD) group is responsible for making strategic recommendations related to the use of the Enterprise Active Directory for application development and recommending them to the Forest Steering Committee for final approval.

    This includes, but is not be limited to decisions regarding:

      1. 5.1. The Active Directory schema.
        5.2. The design of how applications will use the Active Directory.
        5.3. Approval of applications that make changes to the schema of the Active Directory.

    WaTech provides two Multi-Customer Forest Roots: Production and Pre-Production. All changes must be applied to the Pre-Production Root Forest before being applied to the Production Root. Changes to the Production and Pre-Production Roots require approval by the EAD Steering Committee, FRG and/or the FAD as appropriate. This procedure will require Customers to participate in both forests at all times. Each Customer is required to provide a single point of contact and authority over that Customer's connection to the Forest referred to as the Signature/Purchase Authority. Any decision concerning a single Customer connection, configuration, implementation, design, and maintenance of a child domain or domains in the Multi-Customer Forest will be authorized by a single Signature/Purchase Authority within the Customer. Each Customer will provide two personnel responsible for contact with WaTech and the Root Administrators, one primary and one secondary technical contact. At least one of these contacts must be available 7/24/365.

    Response by telephone or in person must be available 1 hour from agreed method of notification.

    B. Availability/Accessibility

    WaTech will maintain a 99.9% service availability for the Production Root excluding scheduled maintenance periods. WaTech will maintain a 99% service availability for the Pre-Production Root, excluding scheduled maintenance periods. WaTech will use generally accepted information technology management practices and tools and every reasonable effort to meet the service level defined above.

      C. Charges

      Fees for Service are listed on the WaTech Service Catalog:
      https://watech.wa.gov/solutions/it-services/active-directory

      Customers are billed monthly beginning after the first full month of connection to the production environment. Customers connected to the pre-production environment only will be billed monthly after 60 days of connection to the pre-production forest environment.

        D. Responsibilities

        1. CTS Responsibilities

        1. WaTech is responsible for managing the forest root domain server environment. The responsibilities listed below pertain to the forest root:
          1. Provide 24 hours, 7-day-a-week service availability.
          2. Provide access for client Customers to the enterprise forest root.
          3. Provide hardware and software for forest root domain.
          4. Maintain pre-production environment for system upgrades.
          5. Security administration.
          6. Change control processes.
          7. Root administration.
          8. Participation on the forest committees.
          9. WaTech will participate as a permanent member of the EAD Steering Committee.
          10. WaTech will chair the forest resource group.

          A. Change Management

          1. All changes to State Data Center computing and network environments are managed to promote or provide stability and minimize the impact of the changes to its customers. All changes to the WaTech computing and network environments are implemented in accordance with industry best practices.

          B. Scheduled Maintenance

          1. 1. A weekly maintenance window for this service is established for Saturday 4:00 AM to Sunday 6:00 PM. This maintenance window will only be used when necessary (hardware and software upgrades, software patches, faulty hardware replacement, application changes, etc.). WaTech will notify the Customer in advance of any scheduled maintenance that will affect Customer in accordance with the WaTech Problem and Change Management policy.

          C. Problem Management

          1. The WaTech Support Center is the single point of contact for Customer problem reporting, escalation and notification.
          2. WaTech provides automated event-driven problem management through use of monitoring tools.
          3. WaTech provides Customer notification of identified events that may have an adverse effect on service delivery to customers.
          4. WaTech provides Customer notification of system failures and outages.
          5. WaTech provides Customer problem resolution satisfaction by tracking, alerting, escalating and solving problems.
          6. WaTech will make all attempts to provide customer information within 72 business hours of a failure or outage on problem cause, corrective action taken, and prevention of reoccurrence.

          D. Security Management

          1. WaTech provides a security system infrastructure that seeks to protect Customers from unauthorized external access to or broadcast on the Internet of a Customer's intellectual property, proprietary and confidential data.
          2. WaTech policy allows physical access to the Data Center by WaTech authorized personnel only.
          3. WaTech will secure the platform against known security risks. Any observed security breaches or suspicious activity will be reported to Customers.
          4. WaTech and Customer will cooperate in efforts to maintain platform and network security.

          E. Physical Environment Management

          1. WaTech provides physical environment management, including:
          2. Physical security guarded and electronically monitored points of entry
          3. Rack mounted computer systems
          4. Environmental controls and monitoring of Data Center physical environment
          5. Fire detection and suppression systems
          6. Conditioned power
          7. Un-interruptible power supply
          8. Raised floor

          F. Restoration Management

          1. WaTech provides restoration services for the Root Domain in the form of system backups for onsite and off-site storage on a scheduled basis. In the event system restoration is needed, WaTech will restore the system from the most recent viable backup.

          G. Disaster/Outage Recovery

          1. Disaster Recovery in this instance is defined as the continuation of services in the event of the loss of the State Data Center due to a catastrophic event. WaTech does not currently offer disaster recovery but continues to investigate the feasibility of disaster recovery for the distributed network environment that includes Enterprise Active Directory Services.

          2. Customer Responsibilities

          The Customer is responsible for managing the Customer domain server environment. The responsibilities listed below pertain to the Customer Domain:
          1. The Customer will provide hardware and software for the Customer child domain.
          2. Customer will purchase and maintain all applicable licenses and warrants to utilize the software licenses pursuant to the software owner's license terms.
          3. The Customer will provide designated primary and secondary technical support staff
          4. The Customer will maintain a development environment for system upgrades. This is at least one domain controller in the Pre-Production Forest
          5. The Customer will maintain one active Terms of Service with WaTech for the Service
          6. Security Administration
            The Customer will follow all Policies as approved by the Enterprise Active Directory Steering Committee.
          7. System Administration
            Customer will provide system administration support of child domains; Customer report topology changes to the FRG and EADSC; and
            Customer is responsible for following all security procedures as approved by the Enterprise Active Directory Steering Committee.
          8. Change control processes
            In addition to the process set forth above, the Customer will follow all change control processes as approved by the Enterprise Active Directory Steering Committee
          9. Root administration
            The Customer will adhere to all requirements as approved by the Enterprise Active Directory Steering Committee
          10. Problem Management
            In addition to the process set forth above, the Customer will provide Technical support, for The Customer Child domains using Client Customer personnel.
          11. The Customer will work through the problem in co ownership with WaTech on any Forest related problems.

        E. Special Terms

        Access to Software

        Customer understands that WaTech licenses software from third party providers for the purpose of providing services to its Customers. Customer may access such software as part of the services provided to the Customer hereunder. Customer agrees that it will not, nor will it allow its agents, employees, or its authorized third parties to decompile, disassemble, reverse engineer, or otherwise access the source code of any software provided by WaTech whether the software is developed for WaTech or licensed by WaTech from a third party provider. Customer shall be liable to WaTech and/or any third party provider of software for any breach of this provision.