Ideal IT 8.0 | Scope & Standards

Rocket IT has a simple but powerful purpose – Help People Thrive. It is backed up by four core values, including one that helps us remember to Be a Passionate Steward.

With that as our direction, good stewardship demands we describe and hold you and ourselves accountable to the minimum technology infrastructure standards required to deliver a predictable experience for your team.



We provide a team of expert technologists that match your priorities for addressing security, productivity, functionality, and efficiency. That team will carry out the activities described herein.

In order to do this, we will use reasonable efforts to adhere to agreed-upon deadlines, subject to your cooperation and events or incidents outside our reasonable control, as described in your Master Services Agreement (MSA). We'll provide priority support for all critical issues as diagnosed according to our standard procedures, maintain IT support resources in accordance with industry standards, and provide direct access to our leadership team for escalation.

In return, you will assign a leader within the organization to work with our team. That decision maker will attend all Quarterly Business Reviews, provide availability to your senior management when necessary, and provide access to documents, statements, computer systems, and third-party support services.

Importantly, we know that everything isn't always perfect. We each will give and receive accommodations for conflicts, unforeseen events, and other priorities.

Supported Products & Services

The following describes the minimum requirements of aspects of your technology and what is included in the scope of your Ideal IT Statement of Work (SOW) during our stated business hours.

Network Infrastructure

Your network infrastructure can be defined as the hardware and software that allow connection to and management of internal systems and external networks (except in the case of closed networks). This can include internet connections, firewalls, switches, routers, wireless access points, cabling, power resources, VPN solutions, and more.


There are three basic requirements for internet connections to your offices:

  • Business-grade internet service(s)
  • Appropriate speeds for the office covered
  • Public IP address(es)

In addition, it is recommended – though not required – to have a secondary ISP service to business-critical offices.

Rocket IT’s service includes both troubleshooting connectivity problems inside the network on supported company devices and working with your ISP for connectivity problems that are outside the network. We will make recommendations to improve existing ISP issues, work with your ISP(s) to resolve outages, and configure graceful failover on your firewall if you elect to have a secondary ISP connection.

ISP cutovers do require an additional fee from Rocket IT to manage the process and ensure proper configuration of the new connection to your existing network.


A firewall sits at the edge of your network, managing the connection and security of traffic between your network and the internet.

Rocket IT provides one of several business-class firewalls to each supported office location based on the bandwidth requirements and number of required connections. Your Ideal IT cost is based partially on the number of office locations that require a firewall and the correct specifications for each. Each firewall includes anti-virus and anti-spyware services. Basic configuration changes to the firewall, such as NAT rules, Access Control Lists, port forwarding, and minor VLAN configuration, are included in the scope of your Ideal IT SOW.

Major changes to the overall configuration or provisioning of the firewall(s) will be billed as a separate project.


Network switches manage connections between other devices. In networks we support, these are commonly situated between the firewall and the ports to which individual devices connect. Rocket IT requires managed switches for this purpose (this includes all core switches and distribution switches).

A second common scenario is smaller unmanaged switches sitting between a single port and several low-traffic or non-critical devices.

Rocket IT installs and supports small business or enterprise switches by Cisco, but we are willing to consider supporting small business or enterprise switches installed prior to Rocket IT’s support of your network, at Rocket IT’s sole discretion, provided they have an active warranty and the proper specification for their role. Dell, HP and Meraki are examples of legacy hardware we may support under these circumstances.

A switch with the proper specifications may last up to 7 years or longer before requiring replacement, however we will make a recommendation to replace a switch when it will improve performance or avoid possible unplanned downtime.

Wireless Access Points

Wireless Access Points (WAPs) manage wireless connections between enabled devices and your network.

Rocket IT installs and supports small business or enterprise WAPs by Meraki, but we are willing to consider supporting small business or enterprise WAPs installed prior to Rocket IT’s support of your network, at Rocket IT’s sole discretion, provided they have an active warranty and the proper specification for their role. Ubiquiti and Aerohive are examples of legacy hardware we are may support under these circumstances, while LinkSys devices do not meet these criteria.

A WAP with the proper specifications may last up to 7 years or longer before requiring replacement, however we will make a recommendation to replace a WAP when it will improve performance or avoid possible unplanned downtime.

VPN Connectivity

Virtual Private Networking (VPN) allows people to securely connect to your network from a remote location with an ordinary internet connection. Because Rocket IT owns and manages the firewall, we do support VPN functionality, subject to certain restrictions, for your approved list of VPN users. Rocket IT provides service for up to 2 concurrent VPN connections and, for an additional fee, will provide as many additional connections as may be required.

Power Management

An Uninterruptible Power Supply (UPS) is a piece of electrical equipment that temporarily provides emergency power when the primary power sources fail. A properly specified and maintained UPS will provide near-instant, but temporary, power in the event of a primary power source disruption. A UPS is primarily designed to give critical physical servers the chance to gracefully shut down rather than risk corruption due to an abrupt power loss.

A common secondary feature of a UPS is its ability to function as a surge protector, preventing harm to your hardware from voltage spikes.

Rocket IT supports and installs American Power Conversion (APC) devices in this category. Specifically, we strongly recommend a managed UPS, which allows for remote restoration of functionality if an event causes a server to shut down.

A proper UPS may last up to 6 years, but they often require replacement of their batteries at about 3 years.

Security Infrastructure

Until the introduction of ransomware, security infrastructure for organizations with 500 employees or fewer was fairly standard: firewall, backup, anti-virus, and spam filter. As long as they were the right products, configured properly, and managed by competent people, an organization could feel safe.

Unfortunately, the world of security changed around 2014 due to the pervasive and sinister nature of crypto-viruses. After years of effort by the infosec industry to get ahead of malicious actors, the new normal includes much more robust anti-virus solutions, limitations on local administrative privileges, ongoing employee technology testing/training, and a vigilant IT team making constant improvements to security protocols to balance team productivity with essential security.


A proper firewall is still your first line of defense. Our efforts in this area are described above in the section on networking.


Included in your Ideal IT cost, Rocket IT deploys an Advanced Endpoint Protection solution that watches for unexpected or unusual behavior and can help protect against even the newest virus, spyware, ransomware, or exploit-based attacks.

User Permissions

Gone are the days when your staff could install any program on any device they felt was necessary to complete their work. However, the initial measure commonly taken – removing a person’s local admin privileges – often prevented common, everyday changes to a person’s computer like regular software patches and updates.

The solution is to allow your people to have local admin credentials, but with plenty of controls in place. Included in your Ideal IT cost, our application allows for such controls as application whitelisting (the person can only run pre-approved programs) and ringfencing (preventing an application from behaving unexpectedly and interacting with anything outside of its purview).

Spam Filtering

Spam filtering may be ubiquitous, but it requires constant tuning to deliver the right balance of delivering good email and blocking bad email. We leverage Microsoft’s built-in spam filter with Office 365 and will provide user- or organization-level changes, as required.

Ever-Evolving Security Measures

Our team will stay on our toes on your behalf. We regularly implement and improve on security best practices for the benefit of our clients. We will communicate these changes and their positive effect on your security during our Quarterly Business Reviews.

Staff Testing and Training

Each of your people with even basic technology access now has a security job. Their vigilance and proper training will go far to prevent the likelihood of a successful attack on your systems. Included in your Ideal IT cost, we will test each employee twice a month with emails designed to mimic well-designed phishing attacks. Those who fail the test will be enrolled in training to help them be better prepared. During Quarterly Business Reviews, we will report on your team’s results, and you will have access to a dashboard to see their progress between meetings. We will highlight repeat offenders and make recommendations if we believe more severe actions are required to improve their performance.


Since no security is guaranteed to prevent data loss, a proper backup must include multiple layers of redundancy, copies of incremental changes (to prevent problems due to deletion or corruption that is undiscovered for an extended time), and geographic separation of backup locations (to prevent loss due to physical damage of backup equipment).

For premise servers, Rocket IT includes a robust backup solution we call CC:Backup in your Ideal IT cost. It includes a physical appliance at every site that has a physical server and secure, off-site replication of your encrypted data in the cloud.

For cloud servers, Rocket IT works exclusively with Amazon Web Services (AWS) cloud servers and will configure them to replicate to a separate AWS location. The cost of the replication is discussed and covered as a separate cost from your Ideal IT SOW.

Incident Response

By implementing the stack of security systems and processes above, the risk that a substantial breach will occur on your network is lessened greatly. However, no system is foolproof, and there may be situations where a breach happens. Examples might include someone inputting their credentials into a malicious and/or spoofed site, or someone falling prey to a social engineering attack.

Included in your Ideal IT SOW, we will handle remediation of an event that is limited to one person and one machine. This may include remediation steps like resetting passwords, implementing MFA, and/or performing targeted scans of the machine.

Events that go beyond this are billed as out-of-scope incident responses and may require multiple people working for multiple days to ensure all systems are restored to their secure state.

Server Infrastructure

Servers are the lifeblood of productivity for most organizations, so they should be well-built and well-maintained. We only support servers that have an active manufacturer’s warranty and are on a modern Microsoft Server operating system. Rocket IT prefers and recommends Dell servers for most applications, but we also support HP servers and are willing to consider supporting any existing enterprise-grade server still supported under an active manufacturer’s warranty. A well-designed server should be expected to last up to 6 years.

Virtualization is very common, and our team is prepared to support your VMware instances that are on a currently supported version. We do not support Hyper-V hosts.

Cloud servers are also increasingly common, and we can migrate, deploy, manage, and support your server instance in AWS. We do not support Microsoft Azure instances.

Not everything related to Windows servers is covered under your Ideal IT SOW, but here are some of the things that are covered or not covered:

  • We will handle everyday Active Directory changes, including user accounts (creation, removal, password resets) and groups (creation, removal, member management). Deploying Active Directory and major revisions to Active Directory structure are separate projects not included in Ideal IT.
  • We will manage the patches for your server.
  • We will review alerts that are created for your server.
  • We will do many things upon request and in scope of this SOW. One example is auditing permissions to network resources and making changes as necessary. Another is troubleshooting Group Policy Objects. Creating group policies is a gray area; some are simple commands and some are highly sophisticated programming tasks. We will discuss any requests you may make and determine scope on a case-by-case basis.


Like servers, properly specified and maintained workstations are critical to the success of your team. We support most major brands of desktops and laptops that have an active manufacturer’s warranty and are running a modern Microsoft Windows or MacOS operating system. We prefer and recommend HP workstations, but we also support Microsoft Surface, Dell, and Apple computers, as well as most other major brands.

As part of your Ideal IT SOW, we will troubleshoot slow performance, alerts, printer issues, and will manage patches and Windows 10 updates.

If a device is performing poorly enough to require the rebuilding of a user profile or a “wipe and reload” as recommended by our team (where we completely reinstall the operating system), that is covered, but any failure of that process is expressly outside of our control and it is your responsibility to ensure that no loss of data or key business function happens as a result of this unexpected failure. We do not backup workstations and it is our firm recommendation that no business-critical information exist solely on a workstation.


We provide support on your printers that have an active manufacturer’s warranty. Rocket IT recommends HP and Brother printers. We will also support Dell and certain other brands of printers, subject to prior discussion and approval. We will ensure that supported printers are properly added to an existing print server, provide a base level of software-related troubleshooting, and act on your behalf to work with any managed print providers or manufacturers to provide more advanced support. When a desktop printer has been procured through Rocket IT, we will install it within the scope of Ideal IT. Specialty and large network printers may require an additional installation charge.

IT Strategy and Technology Asset Planning

Rocket IT will schedule four Quarterly Business Reviews per year with your primary IT decision maker and any other relevant staff. We will help you plan and budget as well as educate you on industry trends that should inform your strategic decisions. We will provide data around our performance as well.

Utility Services

These are services where Rocket IT's primary responsibility is to keep it on; we will, at the client's discretion, serve as their agent of record to open support tickets with vendor/third-party support, but the cost of a support agreement or break/fix work will be incurred directly by the client.

Line-of-Business Applications

We will maintain the required infrastructure for these applications and work with the vendor for support requests, patches, and updates. This includes your accounting application.

Phone Services

We will work with your phone vendor for network-related troubleshooting. For legacy Rocket IT-installed 3CX phone systems, we will also add/remove users; configure DIDs, voicemail boxes, and extensions; manage auto-attendants and ring/blast groups; and work with 3CX for support requests and minor updates.

Leased Printers/Copiers

We will troubleshoot network connectivity issues, configure scan-to-email or scan-to-file features, configure address book entries, and work with your vendor(s) for support requests.

Optional Bolt-On Services

The services below are not included as a part of the monthly agreement and are billed as separate line items on the client's monthly invoice.

Remote Administrative Access

We can extend our remote monitoring and management agent to your internal IT staff to allow them to remotely access company-owned and Rocket IT-managed workstations.


You must maintain all legally required software licenses. Rocket IT will make a commercially reasonable effort to remind you of upcoming license renewals in the following areas: servers, domains, and SSL certificates.

End of Support

When a product has an identified “end-of-support” (EOS) date, that is when the manufacturer or vendor will no longer provide patching, updates, or support to ensure the product continues to operate efficiently and securely. During your Quarterly Business Reviews, we will provide updates on upcoming EOS dates that are relevant to your business and make recommendations to avoid reaching those dates on any actively used technology within your organization. Once a product goes EOS, any support on it will be billed out of scope and additional charges, including penalties, may apply.

Pre-Paid Block Time

Much of your technology support costs are covered in Ideal IT, but it is beneficial to handle the out-of-scope billing by pre-purchasing a block of hours. We offer blocks in minimums of 20 hours and will work with you to find the appropriate size for your organization’s needs.

New Workstation Setup

A flat fee of $300 is charged for computer setups for most employees. Computer setups for individuals in managerial positions are billed at an hourly rate, as are all setups for computers purchased elsewhere.

Consumer-Grade Products

We do not support consumer-grade products within the scope of your Ideal IT support SOW.

Residential Services

We do not provide residential IT support services within the scope of your Ideal IT support SOW.

Equipment Purchased Elsewhere

After beginning a support SOW with Rocket IT, equipment purchased elsewhere will require out-of-scope billing for any installation and initial troubleshooting we provide.