Skip to content

Managed IT Services Catalog

Your Technology, Simplified

At BRY-T Solutions, we offer a comprehensive range of managed IT services designed to support your business’s growth, security, and efficiency. Our service catalog outlines the solutions we provide, tailored to meet the unique needs of your organization—whether you’re a small team, a growing enterprise, or somewhere in between.

How to Use This Catalog:

  • Service Bundles: For most clients, we offer bundled services that combine user, device, and site support. Your proposal or statement of work (SOW) will list these bundles, with this catalog serving as a reference for detailed service descriptions.
  • Flexible Add-Ons: Need more? Our add-on services can be included based on your specific requirements.
  • Clear Structure: Services are categorized by how they’re applied—per user, per device, user/device add-ons, per site, per-site add-ons, and other flexible solutions—for easy navigation.

Get Started Today

Explore the details of each service in the sections below or reach out to discuss your unique IT requirements. Contact us to learn how BRY-T Solutions can support your business.

Managed Service Matrix

✔ = Included
O = Optional Add-On

SERVICESTARTER
(1-3 Users)		RECOMMENDED
(4-50 Users)		ADVANCED
(51+ Users)
PER-USER SERVICESSTARTERRECOMMENDEDADVANCED
Unlimited Remote Helpdesk2 Hours/Month
Security Awareness Training
User Account Management
Secure Password Management
Microsoft 365 Licensing
Email Signature Management
Email & SaaS Application Protection
Mobile Device Support
Third Party M365/Google Backup
Third-Party M365 Entra Backup
Managed Identity Threat Detection (ITDR)
PER-DEVICE SERVICESSTARTERRECOMMENDEDADVANCED
Proactive Endpoint Support
Patch Management (Applications)
Patch Management (OS)
Privileged Access Management
Managed Endpoint Detection (EDR/MDR)
DNS Filtering
Web Content Filtering
Infrastructure Protection & Workstation Assurance
USER/DEVICE ADD-ONSSTARTERRECOMMENDEDADVANCED
Direct-to-Cloud Workstation BackupOO
End-User Remote AccessOOO
Teams Phone via Operator ConnectOOO
Third Party M365/Google Email ArchivingOO
PER-SITE SERVICESSTARTERRECOMMENDEDADVANCED
Strategic IT Consulting
IT Asset Inventory Management
Technology Procurement Assistance
Secure IT Asset DisposalO
Comprehensive Vulnerability MonitoringLimited
Domain Registration & DNS Management
Managed SIEM Service
Vendor Management
PER-SITE ADD-ONSSTARTERRECOMMENDEDADVANCED
Block Hour SupportOOO
Disaster Recovery PlanningLimited
Firewall ManagementOO
Network Monitoring and ManagementOO
On-Site SupportOOO
Advanced Reporting and Insights
Third Party QuickBooks Online BackupOOO
WordPress Website HostingOOO
OTHER
Custom IT Solutions & Advisory

Managed Service Definitions

Review each service description below for complete definitions of what is included in each service.

Per-User Services

Unlimited Remote Help Desk

  • During our normal business hours, we will attempt to resolve day-to-day IT support incidents via remote support tools for existing systems and software that we manage. This includes troubleshooting hardware, software, printing, network and other IT-related issues relevant to Client’s corporate systems. We will attempt to resolve such technical problems in a professional, reasonable, and timely manner, taking into consideration the circumstances and nature of the technical problems.
  • Unlimited Remote Help Desk support does not assure that every request for technical support will be resolved to Client’s satisfaction. BRY-T Solutions has limited proprietary information from vendors, manufacturers, and developers, and may not have the ability to obtain the proprietary information necessary to resolve Client’s technical problem.
  • Technical problems that arise may be a result of software or hardware errors or problems that may not be correctable or may be too difficult to resolve remotely, at which point BRY-T Solutions, at its own discretion, will determine if on-site support services are required.
  • Business line application support is provided on a best effort basis and only if Client has a current manufacturer support contract and/or agreement allowing us to initiate a manufacturer service request for support on behalf of Client.
  • Remediation does not include changes to the status quo such as the installation, implementation, instantiation or integration of devices or software to the environment.  Changes to the status quo will be considered Out of Scope.
  • Note: Remote Help Desk hours may be limited to a maximum number of hours per month if appropriate for the Client and clearly indicated in the SOW.

Security Awareness Training

  • This service delivers continuous employee education on cybersecurity best practices, designed to be engaging, accessible, and effective.
  • Gap Analysis: A pre-enrollment assessment identifies each user’s knowledge gaps, allowing for personalized training paths.
  • Monthly Micro-Lessons: Bite-sized, easy-to-understand training modules are delivered monthly to reinforce key security concepts without overwhelming users.
  • Ongoing Phishing Simulations: Real-world phishing simulations are conducted monthly to assess user vigilance and improve detection of social engineering threats.
  • Policy Management: Streamlines the distribution and acknowledgment of critical security policies, ensuring employees review and sign key documents like acceptable use policies.
  • Dark Web Monitoring: Provides alerts if employee credentials are found in known data breaches on the dark web, enabling prompt action to mitigate risks.
  • Custom Training Capabilities: Client administrators can create their own custom training courses within the platform to address specific organizational needs.

User Account Management

  • This service covers the complete lifecycle of user accounts within your business environment, ensuring secure and efficient account management through your primary identity provider (IDP).
  • Account Provisioning & Management: Creation, modification, and deactivation of user accounts within the primary IDP, including license assignment, permission management, and enrollment in multi-factor authentication (MFA).
  • Onboarding & Offboarding: Efficient management of user onboarding and offboarding processes, including provisioning new accounts, configuring productivity apps, and ensuring proper access controls. Timely client communication is essential to ensure accurate and secure account transitions.
  • Device & Profile Configuration: Setting up user profiles on new devices for seamless integration with business applications, including app configuration, email synchronization, cloud storage, and device enrollment in management platforms like Intune.
  • Mailbox & Collaboration Management: Management of mailboxes, email routing, spam filtering, and collaboration tools to support productivity and security.
  • Administrative Oversight: Provides administrative control for effective account management, including license administration and support with billing inquiries when applicable.

Secure Password Management

  • This service provides secure, encrypted password management across all devices, allowing users to safely store, manage, and share credentials.
  • End-to-End Encryption: Passwords are encrypted on the user’s device before transmission, ensuring data remains secure throughout storage and access processes.
  • Team Collaboration: Supports secure password sharing between team members while maintaining individual privacy and access controls.
  • Credential Monitoring: Includes monitoring of password strength and alerts for compromised credentials to help maintain strong security hygiene.
  • Centralized Policy Management: Customizable security policies enable centralized control over password practices, with administrative capabilities to manage account transfer rights and user access settings.
  • Account Management Features:
    • Account Transfer: Facilitates secure transfer of credentials when roles change, ensuring continuity without exposing sensitive information.
    • Free Personal Licenses: Every user receives a free personal license, allowing them to maintain secure password practices at home as well.
    • Role-Based Access Control (RBAC): Enforces least-privilege access through granular permissions based on organizational roles.
  • Compliance Support: Helps organizations meet security best practices and compliance requirements related to credential management.

Microsoft 365 Licensing

  • Licensing for Microsoft 365, with a focus on Business Premium.
    • Business Premium includes advanced features such as Microsoft Intune for device management, enhanced security through Defender for Endpoint, and access to the full suite of Microsoft applications, including Outlook, Teams, SharePoint, and OneDrive.
    • Business Premium (or equivalent product licensing) is a prerequisite for some other services offered by BRY-T Solutions.
  • As a Microsoft reseller, we can procure any Microsoft 365 license your organization requires.
    • Licensing for additional Microsoft 365 products and services is available to clients with an active support subscription.
    • Implementation of new features included with additional licensing may require an out-of-scope project, at the sole discretion of BRY-T Solutions.
  • Microsoft 365 licensing is typically included in a service bundle but may also be billed separately based on individual license usage.
  • All Microsoft 365 licensing is subject to the terms and conditions of the Microsoft Customer Agreement.

Email Signature Management

  • This service provides centralized management of company-wide email signatures, ensuring a unified and consistent brand image across all communications. It allows for the creation, deployment, and standardization of email signatures for all users within Microsoft 365 or Google environments.
  • Key Features:
    • Centralized control for consistent branding, contact information, and compliance across all emails.
    • Automatic updates to reflect changes in branding, employee details, or legal disclaimers without user intervention.
    • Cloud-based management ensures signatures are applied consistently, regardless of device or email client.
  • Service Options:
    • Standard: Covers core signature management features, including centralized design, deployment, and automatic updates for branding consistency.
    • Pro: Includes advanced features such as dynamic content for marketing campaigns, signature scheduling, advanced user targeting, analytics, and integrations with CRM systems.
  • Considerations:
    • Requires Microsoft 365 or Google Workspace.
    • Customization of signature templates requires input from the client to reflect specific branding or compliance needs.

Email & SaaS Application Protection

  • This service helps secure SaaS applications such as Microsoft 365, Google Workspace, Slack, Teams, and file-sharing platforms like OneDrive, SharePoint, Google Drive, and Dropbox.
  • Provides protection for email, file sharing, and messaging by defending against phishing, malware, and ransomware while enforcing data loss prevention (DLP) policies.
  • Core Features:
    • Integrated into your cloud environment for real-time threat detection, automated remediation, and compliance enforcement across major collaboration and file-sharing tools.
    • Email security banners can be implemented to alert users to external or suspicious emails, enhancing phishing prevention.
    • Configurations are set according to industry best practices, with continuous adjustments as needed to address evolving security risks.
    • Incident response is supported as part of this service, with escalation paths tailored to the nature and severity of the threat.
  • Optional Add-Ons:
    • Advanced DLP & Encryption: For organizations requiring enhanced data security beyond Microsoft 365 Business Premium capabilities, this upgrade offers expanded DLP coverage, advanced content inspection, policy-based encryption, and granular data control.
    • Incident Response as a Service (IRaaS): Offers an enhanced incident response framework, providing more structured escalation processes, faster response times, and additional support resources, which may include coordination with a dedicated Security Operations Center (SOC).
  • Service Considerations:
    • No guarantees are made regarding the prevention of all cyber threats.
    • Continuous monitoring and adjustments are recommended to maintain an optimal security posture.

Mobile Device Support

  • Provides support for mobile smartphones specifically related to synchronization with Microsoft 365 accounts or other business email systems.
  • Devices must have an active data plan from the carrier and be running the current or most recent previous version of iOS or Android.
  • For additional mobile device security and management functionality, it is recommended that the client subscribe to Microsoft 365 licensing that includes these capabilities.

Third Party M365/Google Backup

  • This service provides unlimited cloud-based storage to protect and preserve Microsoft 365 and Google Workspace data. It protects Exchange, OneDrive, SharePoint, Teams, and Google Workspace apps like Gmail and Google Drive, helping safeguard data from accidental deletion, ransomware, or internal threats.
  • Automatic Scheduling:
    • The system automatically schedules subsequent Backups as per the “Last Backup (Completed Time).” Example: If a SharePoint Site Backup is completed at 8 AM, the next subsequent Backup is automatically scheduled for 4 PM.
  • Backup Frequency by Item Type, unless throttled by provider API:
    • Emails: 12x / day
    • Contacts: 1x / day
    • Calendars: 1x / day
    • Tasks: 1x / day
    • OneDrive / Google Drive: 1x / day
    • SharePoint / Shared Drive: 3x / day
    • Groups & Teams*: 3x / day
    • *Teams private 1:1 chats are NOT included in the backup.
  • The registered AD Group’s Members are validated every 12 hours (Schedule Time – 2 AM and 2 PM UTC Daily). The specific time is configured across all Regions. Therefore, all Organizations will follow the same scheduled time. It is not customizable for Organization wise.
  • With a Shared Drive backup, if the scan shows that the drive is empty then it will not check again for 1 week. If new items are found, it will then proceed with a normal schedule from there.
  • Please note that if a user/drive/team is detected as being empty it will not follow this schedule. Instead, the service will check periodically to see if any data has been added and will then proceed with backups normally once we find data. How often this checks depends on the data type:
    • For email/OneDrive: we will check twice a day to see if there is data and will start backing up once data is found. One thing to note is that if there is no email data, OneDrive will also not back-up. However, if there is email data and no OneDrive data, then only OneDrive is disabled. Once data is detected, the backup will run as per the above schedule from that point forward.
    • For SharePoint and/or Groups & Teams: We will check every 3 days to see if data exists. Once data is detected, the backup will run and will proceed with the above schedule from that point forward.

Third-Party Entra ID Backup

  • This service protects key Microsoft identity components, including Users, Groups, and Roles & Admins. It offers quick setup, precise snapshot search, attribute-level restore, and live data comparison to help identify and recover from cyber threats or accidental deletions swiftly.
  • Supported Entra Object Types:
    • Users
    • Groups
    • Roles & Admins
  • Backup Frequency:
    • Backups run automatically every 24 hours, based on the frequency set during authorization.
    • Immediate backups are only permitted during the initial Entra authorization process.
  • The system creates snapshots only for objects that have changed since the last backup. If no changes are detected, no new snapshot is created, even though the backup itself was successful.
  • Restores may occasionally skip certain items. Skipped items can be reviewed by downloading a report from the System Status page under the Restore tab.

Managed Identity Threat Detection & Response (ITDR)

  • This service provides continuous monitoring and protection against identity-based threats, focusing on detecting and responding to unauthorized access attempts, credential misuse, and privilege escalation within your environment.
  • Real-Time Threat Detection: Identifies suspicious activities related to user accounts, such as unusual login patterns, lateral movement attempts, and credential abuse, both on-premises and in cloud environments.
  • Compromised Credential Monitoring: Detects exposed credentials and potential account takeovers, helping prevent attackers from gaining unauthorized access to critical systems.
  • Privilege Misuse Detection: Monitors for signs of privilege escalation, lateral movement, and attempts to bypass authentication mechanisms.
  • Integration with Entra ID and Active Directory: Works seamlessly with Microsoft Entra ID (formerly Azure AD) and on-premises Active Directory to provide comprehensive visibility into identity-based threats.
  • Automated Response & Remediation: Enables rapid containment of identity threats through automated actions such as account locking, session termination, and forced password resets.
  • Expert Analysis: Backed by a team of cybersecurity experts who review identity-related threats and provide guidance on remediation strategies.
  • Enhanced Security Posture: Complements other security measures like Endpoint Detection & Response (EDR) by focusing on the identity layer, providing a critical component in a zero-trust security model.

Per-Device Services

Proactive Endpoint Support

  • Ongoing maintenance, monitoring, and support for workstations and servers to address potential IT issues before they disrupt business operations.
  • System Health Monitoring: Continuous tracking of system performance, resource usage, and hardware health to detect potential issues early.
  • Automated Issue Resolution: Utilizes automated scripts and workflows to proactively address common issues, minimizing downtime and reducing manual intervention.
  • Performance Optimization: Regular system checks to identify and resolve performance bottlenecks, ensuring smooth operation of devices.
  • Security Tool Verification: Ensures that required security tools are properly installed and operational on all managed endpoints.
  • Alerting & Notifications: Alerts for critical system events, with response levels tailored to the client’s Service Level Objectives (SLOs).
  • Remote Management Capabilities: Secure remote access for diagnostics, troubleshooting, and proactive maintenance without disrupting end-users.

Patch Management (Applications)

  • This service provides patching for mainstream third-party applications on Windows devices, ensuring critical app updates and security patches are applied in a timely manner.
  • Application Coverage: We make a reasonable effort to patch commonly used software; however, only specific applications available in the Winget repository are covered under this service.
  • Patching Schedule: Patches are deployed daily at 10 PM to minimize disruption to business operations.
  • Customization: Patch schedules and approval configurations can be customized as needed to meet specific client requirements.
  • User Cooperation: Successful patch deployment may require user cooperation, including responding to reboot prompts when necessary.

Patch Management (OS)

  • This service ensures Windows and macOS operating systems are kept up to date with the latest patches.
  • Patch Scanning & Deployment:
    • Patch scans run daily at 12:00 PM to identify missing updates.
    • Windows Deployment Schedule:
      • Critical/Important Patches: Deployed daily at 1:35 AM.
      • Driver Updates: Deployed monthly on the last Thursday at 12:35 AM.
      • All Other Patches: Deployed daily at 3:05 AM.
      • Feature Packs: Deployed monthly on the 3rd Thursday at 12:35 AM.
    • macOS Deployment Schedule:
      • Optional Patches: Installed weekly on Wednesdays at 12:00 AM.
      • Recommended Patches: Installed daily at 1:30 AM.
  • Approval Configuration:
    • Windows: Critical and important updates are automatically approved and applied immediately. Service packs, feature packs, and drivers may be set to defer, in which case deployment is delayed by 3 days.
    • macOS: Optional and recommended updates are automatically approved and applied immediately.
  • Monitoring & Issue Resolution: Patch deployment may occasionally fail due to device-specific issues. We continuously monitor patch status and work to resolve any failures or delays as quickly as possible.
  • User Cooperation: Successful patch deployment may require user cooperation, including responding to reboot prompts when necessary.
  • Customization: Patch schedules and approval configurations can be customized as needed to meet specific client requirements.

Privileged Access Management

  • Manages and controls elevated privileges on Windows PCs to reduce security risks associated with administrative access.
  • Key Features:
    • Removal of local administrator rights from all end-user devices.
    • Privilege Elevation Requests:
      • End-users submit requests for administrative access when needed (e.g., installing software or changing system settings).
      • Requests generate real-time alerts for review and approval.
      • Approvals can be handled by support technicians or delegated to client IT staff if configured.
    • Just-In-Time (JIT) Admin Access (Technician Mode):
      • Temporary administrative access granted to technicians for troubleshooting or specific tasks.
      • Access is time-bound and logged to ensure accountability.
    • Application Control (Blocker):
      • Automatically blocks unauthorized applications, scripts, and executables.
      • Policies can be customized to allow or deny specific applications as needed.
    • Audit & Logging:
      • All elevation requests, approvals, and administrative actions are logged for audit purposes.
      • Logs include details such as who requested access, who approved it, and what actions were performed.
    • Approver Configuration:
      • Clients can designate internal IT staff as approvers, with flexible role-based permissions.
      • Approver roles can be adjusted based on organizational requirements.
    • Alerting & Notifications:
      • Real-time alerts for elevation requests and policy violations.
      • Notifications can be customized based on priority or risk level.
  • System Requirements:
    • Available for managed Windows PCs only.

Managed Endpoint Detection & Response (EDR/MDR)

  • This service delivers continuous threat detection, analysis, and remediation, actively managed by a dedicated 24/7 Security Operations Center (SOC).
  • Threat Detection & Monitoring: Constant monitoring of workstations and servers for indicators of compromise, including malware, ransomware, persistence mechanisms, and advanced persistent threats (APTs).
  • Proactive Threat Hunting: Huntress deploys lightweight agents to identify hidden threats that traditional antivirus may miss, focusing on post-exploitation detection and persistent footholds left by attackers.
  • Expert-Led Remediation: Incidents are reviewed by cybersecurity experts who provide detailed remediation plans. In many cases, Huntress can automatically isolate compromised devices to contain threats before they spread.
  • Incident Response & Reporting: Includes detailed incident reports, forensic analysis, and threat intelligence to help your team understand the nature of the threat and the actions taken.
  • Layered Security Approach: Designed to complement Microsoft Defender for Endpoint or Microsoft Defender Antivirus, creating a robust, multi-layered defense strategy.
  • Automated & Manual Response: Combines automated threat detection and isolation with manual intervention by human security analysts when needed.
  • Real-Time Threat Intelligence: Continuous updates based on global threat data to stay ahead of emerging cyber threats.

DNS Filtering

  • This service blocks access to harmful or inappropriate domains using pre-configured categories to ensure a secure browsing environment, reducing exposure to web-based threats such as phishing, malware, and botnet activity.
  • Deployment Options:
    • Roaming Client: Installed directly on user devices to provide consistent protection, even when devices are off-network.
    • Network-Level Filtering: Configured by pointing the network’s DNS settings to DNSFilter’s servers, applying security policies to all devices connected to the network.
  • Key Features:
    • Protection against phishing, malware, and command-and-control callbacks.
    • Category-based filtering to block inappropriate or high-risk content.
    • Customizable block/allow lists to meet specific business needs.
    • Logging and reporting for visibility into DNS queries and blocked threats.
  • Considerations:
    • Client input is required for customizing filtering policies and reviewing reports.
    • Real-time monitoring is not included; clients must open a support ticket for policy adjustments or report inquiries.

Web Content Filtering

  • This service blocks access to harmful or inappropriate websites using pre-configured web content categories, helping to ensure a secure browsing environment and reduce exposure to web-based threats such as phishing and malware.
  • Policy Customization: Filtering policies can be customized based on client requirements, with input needed to define specific rules or exceptions.
  • Service Requirements: Microsoft Defender for Endpoint, included with Microsoft 365 Business Premium.
  • Support Model: Real-time monitoring is not included. Clients must submit a support ticket for any policy adjustments or report-related inquiries.

Infrastructure Protection & Workstation Assurance

  • This service ensures that critical IT infrastructure and workstations are covered beyond the original equipment manufacturer (OEM) warranty, minimizing downtime and supporting operational continuity.
  • Key Features:
    • Infrastructure Protection: Provides hardware service coverage for servers and networking equipment, offering fast access to replacement parts and expert repair services to reduce downtime.
    • Workstation Assurance: Offers full replacement coverage for workstations, including accidental damage, ensuring quick hardware replacements to maintain productivity.
    • Proactive Risk Management: Helps anticipate potential hardware failures, enabling faster response times and reducing the impact of unexpected issues.
  • Service Requirements:
    • Required for any devices out of OEM warranty to maintain consistent service levels.

Direct-to-Cloud Workstation Backup (D2C)

  • This service offers a comprehensive cloud-based backup solution for critical workstations, eliminating the need for local hardware. Backups are stored directly in the cloud, ensuring continuous data protection and quick recovery in the event of data loss or system failure.
  • Optional Local Cache: Clients can opt to add local cache hardware (at their own expense) to improve recovery speeds. This hybrid approach stores recent backups on-site while maintaining full off-site protection for added security and flexibility.
  • Storage Allocation:
    • Each workstation enrolled in the Direct-to-Cloud (D2C) backup adds 300GB of storage to the client’s shared data pool.
    • Backup schedules and retention policies are managed according to best practices to minimize the risk of exceeding storage limits.
    • Clients can request specific backup policies if needed.
  • Overage Policy:
    • Additional charges apply if the total storage exceeds the allocated quota.
    • Clients will be notified in advance of any potential overage charges.

End-User Remote Access

  • This per-user add-on service provides secure remote access to office machines through our client portal, utilizing the integrated remote access service. Each user authorized for remote access during the billing month is considered ‘enabled’ and will be included in the monthly billing. Except for the initial subscription activation, which may be prorated, this service does not allow prorated refunds or credits for changes in the number of users within any billing period.

Teams Phone via Operator Connect

  • Enable seamless calling within Microsoft Teams using a Third-Party Operator Connect provider. Teams Phone integrated with a reliable carrier service, allowing for inbound and outbound calling of phone numbers via the Teams app, simplifying communication and offering a streamlined approach to voice services within Microsoft 365.
  • Through a standalone implementation project, BRY-T Solutions works with the Client to design, configure, and deploy the new phone system.
  • Ongoing maintenance and management of the system is included in the Add-On Subscription cost. Complex modifications may result in an Out of Scope project, at the sole discretion of BRY-T Solutions.
  • Client must have an active Microsoft 365 tenant that includes standard Teams licensing for all users.
  • Annual commitment required.

Third Party M365/Google Email Archiving

  • This service serves as a substitution for the standard Third Party M365/Google Backup Service, providing comprehensive email archiving for Microsoft 365 and Google Workspace environments.
  • Key Features:
    • Advanced eDiscovery tools for secure, efficient search and retrieval of email records.
    • Compliance tagging and audit logs to support regulatory and legal requirements.
    • Role-based access controls, allowing compliance officers, legal teams, and data protection officers to manage retention policies, apply legal holds, and monitor user activity.
    • Real-time email journaling to maintain a continuous, compliant archive.
  • Additional Capabilities:
    • Unlocks the ability to back up Teams private 1:1 chat messages when configured with the required Azure billing account prerequisites.
  • Considerations:
    • Replaces the standard email backup service, offering enhanced compliance and archiving features.
    • Client input is needed to configure retention policies and legal hold settings based on specific compliance requirements.

User/Device Add-Ons

Direct-to-Cloud Workstation Backup (D2C)

  • This service offers a comprehensive cloud-based backup solution for critical workstations, eliminating the need for local hardware. Backups are stored directly in the cloud, ensuring continuous data protection and quick recovery in the event of data loss or system failure.
  • Optional Local Cache: Clients can opt to add local cache hardware (at their own expense) to improve recovery speeds. This hybrid approach stores recent backups on-site while maintaining full off-site protection for added security and flexibility.
  • Storage Allocation:
    • Each workstation enrolled in the Direct-to-Cloud (D2C) backup adds 300GB of storage to the client’s shared data pool.
    • Backup schedules and retention policies are managed according to best practices to minimize the risk of exceeding storage limits.
    • Clients can request specific backup policies if needed.
  • Overage Policy:
    • Additional charges apply if the total storage exceeds the allocated quota.
    • Clients will be notified in advance of any potential overage charges.

End-User Remote Access

  • This per-user add-on service provides secure remote access to office machines through our client portal, utilizing the integrated remote access service. Each user authorized for remote access during the billing month is considered ‘enabled’ and will be included in the monthly billing. Except for the initial subscription activation, which may be prorated, this service does not allow prorated refunds or credits for changes in the number of users within any billing period.

Teams Phone via Operator Connect

  • Enable seamless calling within Microsoft Teams using a Third-Party Operator Connect provider. Teams Phone integrated with a reliable carrier service, allowing for inbound and outbound calling of phone numbers via the Teams app, simplifying communication and offering a streamlined approach to voice services within Microsoft 365.
  • Through a standalone implementation project, BRY-T Solutions works with the Client to design, configure, and deploy the new phone system.
  • Ongoing maintenance and management of the system is included in the Add-On Subscription cost. Complex modifications may result in an Out of Scope project, at the sole discretion of BRY-T Solutions.
  • Client must have an active Microsoft 365 tenant that includes standard Teams licensing for all users.
  • Annual commitment required.

Third Party M365/Google Email Archiving

  • This service serves as a substitution for the standard Third Party M365/Google Backup Service, providing comprehensive email archiving for Microsoft 365 and Google Workspace environments.
  • Key Features:
    • Advanced eDiscovery tools for secure, efficient search and retrieval of email records.
    • Compliance tagging and audit logs to support regulatory and legal requirements.
    • Role-based access controls, allowing compliance officers, legal teams, and data protection officers to manage retention policies, apply legal holds, and monitor user activity.
    • Real-time email journaling to maintain a continuous, compliant archive.
  • Additional Capabilities:
    • Unlocks the ability to back up Teams private 1:1 chat messages when configured with the required Azure billing account prerequisites.
  • Considerations:
    • Replaces the standard email backup service, offering enhanced compliance and archiving features.
    • Client input is needed to configure retention policies and legal hold settings based on specific compliance requirements.

Per-Site Services

Strategic IT Consulting

  • This service provides expert guidance to help align your technology with your business goals, supporting long-term growth and operational efficiency. It focuses on proactive planning, continuous improvement, and informed decision-making tailored to your unique business needs.
  • Key Features:
    • Business-Aligned Insights: Ongoing analysis of your IT environment to provide actionable insights that support business objectives and improve operational efficiency.
    • Technology Reviews: Regular discussions to assess IT performance, identify areas for optimization, and ensure alignment with industry best practices.
    • Strategic Planning: Development of technology strategies to support growth, manage change, and address evolving business requirements.
    • Lifecycle Oversight: Guidance on managing technology lifecycles to ensure timely upgrades, replacements, and effective resource planning.
  • Considerations:
    • This service includes flexible, ongoing strategic support, with time allocated based on your evolving business priorities and technology needs.

IT Asset Inventory Management

  • This service provides tracking and management of your organization’s hardware and software assets. It requires active use of our Remote Monitoring and Management (RMM) tools and related services to ensure accurate, real-time data collection.
  • Client Portal Access: Clients receive secure access to their IT asset inventory through a dedicated portal, providing up-to-date information on device status, warranties, software licenses, and more.
  • Asset Management: We manage asset layouts, data syncing, and documentation to support accurate lifecycle tracking, resource optimization, and compliance.
  • Inventory Accuracy:
    • Accurate inventory records depend on the client informing us of all hardware and software acquired from third-party sources.
    • Failure to report such acquisitions may result in incomplete or outdated inventory data.

Technology Procurement Assistance

  • Assistance with sourcing and purchasing hardware and software for your business, ensuring seamless integration with your existing IT infrastructure.
  • Quotes for standard hardware and service upgrades are generally available within 24 hours of the request.
  • Quotes for projects are returned as soon as possible, based on the size and scope of the project. For the most complex projects, additional discovery and project planning fees may be included on the initial quote.

Secure IT Asset Disposal

  • This service provides a secure, environmentally-friendly process for disposing of decommissioned IT assets that have reached the end of their useful life.
  • Key Features:
    • Data Protection: Ensures secure data erasure in compliance with NIST 800-88 standards, with certification of data destruction provided upon completion.
    • Eco-Friendly Disposal: Partners with Veritree to plant a tree for every asset processed, contributing to reforestation efforts in U.S. forests affected by drought and wildfire.
    • Sustainable Recycling: Components that can be reused are handled by recycling partners to reduce landfill waste.
  • Client Requirements:
    • Include power cords or AC adapters with devices when applicable.
    • Use any available box for shipping to facilitate the recycling process.

Comprehensive Vulnerability Monitoring

  • This service provides continuous monitoring, detection, and reporting of security vulnerabilities across your IT environment. It helps identify and mitigate weaknesses in networks, systems, and applications before they can be exploited.
  • Key Features:
    • Automated, continuous vulnerability scanning of endpoints, cloud environments, public-facing domains, and internal networks.
    • Real-time detection of security risks, including unpatched software, misconfigurations, exposed services, and outdated protocols.
    • Detailed risk reporting with actionable insights to help prioritize remediation efforts based on severity and potential impact.
    • Cloud environment assessments to identify security gaps in platforms like Microsoft 365, ensuring compliance with best practices.
    • Domain security scans to detect external threats, such as exposed credentials, SSL/TLS issues, and DNS vulnerabilities.
  • Remediation:
    • Depending on the nature and complexity of detected vulnerabilities, remediation activities may be handled as separate projects.

Domain Registration and DNS Management

  • This service manages domain registration and DNS settings to ensure proper configuration and availability of your online assets. It includes domain renewals, DNS record updates, and access management to support the seamless operation of web services, email, and other critical business systems.
  • Ongoing management is provided once the necessary access is granted. If a domain migration is required, it will be handled as a separate project due to the time and effort involved.
  • Email Authentication Management: This service also includes the configuration and monitoring of SPF, DKIM, and DMARC records to ensure modern email authentication practices are in place, helping to protect against spoofing and phishing attacks.

Managed SIEM Service

  • This service provides centralized Security Information and Event Management (SIEM) to detect, analyze, and respond to security threats in real time. It offers continuous monitoring of system logs and security events to identify suspicious activity across your IT environment.
  • Key Features:
    • Real-Time Threat Detection: Monitors security events from endpoints, servers, network devices, and cloud environments to identify potential threats.
    • Log Collection & Analysis: Aggregates and analyzes logs from multiple sources to detect anomalies, unauthorized access attempts, and other indicators of compromise.
    • Threat Intelligence Integration: Leverages threat intelligence feeds to improve detection accuracy and correlate events with known threat patterns.
    • Incident Response Support: Provides actionable alerts with detailed analysis, enabling faster incident response. In some cases, direct support for incident remediation may be included.
    • Compliance Reporting: Helps support regulatory compliance with detailed audit trails, event logs, and security reports.
    • Customizable Alerting: Alerts are tailored to the specific environment and risk profile, reducing noise and focusing on high-priority events.
  • Service Considerations:
    • Requires integration with supported systems for log collection and event correlation.
    • The scope of incident response may vary depending on the nature of the security event, with complex cases potentially requiring separate project work.

Vendor Management

  • This service provides support by interfacing with the client’s contracted third-party technology vendors, provided the client maintains an active support contract or agreement that allows us to initiate service requests on their behalf.
  • Scope of Service:
    • We will engage with vendors to the best of our ability to facilitate issue resolution, coordinate support requests, and assist in troubleshooting efforts.
    • BRY-T Solutions is not responsible for the performance, responsiveness, or outcomes delivered by third-party vendors.
    • In certain cases, vendors may require direct interaction with the client’s staff, particularly for issues that involve demonstrating specific failures or replicating day-to-day use scenarios that we cannot perform.

Per-Site Add-Ons

Block Hour Support

  • Purchase a set number of hours for IT support outside the scope of your service tier. Ideal for special projects or additional support needs. Unused hours will expire after a period of six (6) months.

Disaster Recovery Planning

  • This service provides guidance and support to help clients create, maintain, and test a disaster recovery plan, ensuring business continuity in the event of major outages or disasters.
  • Key Components:
    • Guidance on identifying critical systems and defining Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs).
    • Support in outlining recovery procedures for data, IT infrastructure, and business operations.
    • Regular plan reviews and recommendations to ensure alignment with evolving business needs and potential risks.
    • Templates and documentation tools may be provided to assist in the development of the disaster recovery plan.
  • Client Responsibilities:
    • Clients are responsible for developing, implementing, and maintaining their disaster recovery plans, with BRY-T Solutions offering expert guidance throughout the process.
    • Active collaboration is required to identify key systems, set recovery priorities, and ensure the effectiveness of the plan.
  • Time Commitment Disclaimer:
    • The level of support provided as part of this service is subject to reasonable time allocations based on standard per-site service assumptions. Extensive support requests beyond these allocations may require additional project work or incur separate charges.

Firewall Management

  • This service includes the management of network firewall devices overseen by BRY-T Solutions (if any), focusing on maintaining secure configurations and up-to-date firmware.
  • Key Features:
    • Configuration changes based on client requests or security best practices.
    • Regular software and firmware updates to address security vulnerabilities, where supported by the device manufacturer.
  • Considerations:
    • If a device lacks an active maintenance contract or is no longer supported by the manufacturer, updates may not be available, increasing security risks. Any required manufacturer service contracts are at the client’s expense.
    • Clients will be notified if their firewall device is identified as out of support or lacking critical updates.

Network Monitoring and Management

  • This service provides continuous oversight of network devices managed by BRY-T Solutions (if any), such as routers and switches, to ensure optimal performance and security.
  • Key Features:
    • Proactive monitoring to detect issues like device failures, performance degradation, or connectivity disruptions.
    • Routine maintenance, firmware updates, and security patching to maintain network reliability and minimize downtime.
  • Considerations:
    • If a device lacks an active maintenance contract or is no longer supported by the manufacturer, updates may not be available, increasing security risks. Any required manufacturer service contracts are at the client’s expense.
    • This service is typically more relevant for traditional on-premises networks. For cloud-native environments, endpoint security may sufficiently cover business needs without dedicated network monitoring.

On-Site Support

  • On-site support services provide hands-on assistance for issues that cannot be resolved remotely. This service includes:
    • Installation and Setup: Physical setup of hardware, network devices, or software.
    • Troubleshooting and Diagnostics: In-person resolution of technical issues, network failures, or hardware malfunctions.
    • Upgrades and Maintenance: Hardware and infrastructure upgrades, preventive maintenance, and equipment testing.
    • Emergency Support: On-site response in critical situations where downtime must be minimized.
  • On-site services are billed at our standard hourly rates. Clients with an active subscription may receive a discounted rate and travel fees may apply, as indicated on the SOW. Scheduling is based on technician availability.

Advanced Reporting and Insights

  • This service provides enhanced reporting on your IT environment and service usage, tailored for clients who require more detailed visibility, such as co-managed IT environments.
  • Key Features:
    • Weekly Updates: A summary of service requests awaiting input from your team, ensuring nothing falls through the cracks.
    • Monthly Executive Summary: In-depth metrics including the number of service requests opened and closed, top requesters, response and resolution times, and overall IT infrastructure health insights.
    • Custom Reporting Options: Ability to include additional data points or reports based on client-specific requirements.
    • Actionable Insights: Reports highlight trends, recurring issues, and areas for potential improvement within your IT operations.
  • Time Commitment Disclaimer:
    • The level of reporting and insights provided as part of this service is subject to reasonable time allocations based on standard per-site service assumptions. Extensive customization or additional reporting requests beyond these allocations may require separate project work or additional charges.

Third Party QuickBooks Online Backup

  • Third Party QuickBooks Online Backup offers secure continuous and on-demand backup of over 40 QBO objects for quick and easy restore. The advanced features of this new solution offer businesses enhanced control to protect their data in the cloud.
  • Businesses can now take advantage of point-in-time restore, download archived files for reporting, import into QBO, replicate records to other QBO accounts for testing and training purposes, upgrade/downgrade subscription plans, auditing purposes, and entity changes.
  • Client must have active subscription to QuickBooks Online. QuickBooks Desktop versions are not supported. Service is billed per each QBO “company”.

WordPress Website Hosting

  • Secure hosting and ongoing management for basic WordPress websites, including security updates, backups, and basic content updates.
  • Design, setup, and any significant website changes are considered separate projects and will be outlined in a dedicated SOW. This ensures clear project scope, timelines, and deliverables for both the website creation and any major updates or redesigns.

Other Services

Custom IT Solutions & Advisory

  • This service provides flexible support for IT needs that fall outside of our standard offerings. Whether you require assistance sourcing, managing, or implementing specialized technology solutions, we can help—provided it aligns with our expertise and business model.
  • Key Features:
    • Flexible Support: Assistance with unique IT challenges or non-standard technologies based on mutual agreement.
    • Vendor Coordination: Help identifying, evaluating, and managing third-party vendors or specialized service providers.
    • Strategic Guidance: Recommendations for tools, platforms, or services tailored to your specific business needs.
  • Considerations:
    • Scope and engagement are determined on a case-by-case basis, with services provided only when we mutually agree on fit and approach.

For more information or to discuss your specific IT needs, please contact us or book an intro call today.