Cultrix logo
Menu
    • Call us: 0330 333 5790
      • General: 0330 333 5790
      • Accounts: 0330 333 5791
      • Sales: 0330 333 5793
      • Service desk: 0330 333 5794
      • Web team: 0330 333 5792
  • Login
  • Home
  • About us+
    • Our story
    • Brand values
    • Meet the team+
      • Recruitment
    • Case studies
    • Giving back
    • News
  • IT support
  • IT services+
    • Consultancy+
      • System audit
      • Strategy
      • Troubleshooting
      • Business continuity
    • Disaster recovery+
      • Emergency server support
      • Viruses, spyware and malware
      • Computer repair
      • Data recovery
    • Supply and install+
      • Hardware, software and licensing
      • Networking and servers
      • Broadband
      • VOIP
      • CCTV
      • Power
      • Audio visual
    • Migrations
    • Relocations
    • Cybersecurity+
      • Cyber Essentials
      • Antivirus
      • Spam filtering
      • Backup
      • Content filtering and user monitoring
      • Bring Your Own Device
      • Mobile device management
      • Vulnerability audit
      • Penetration testing
      • Compliance
    • Training+
      • Floor walking
      • Cultrix appearances
      • Security awareness training
  • Cloud+
    • Virtual desktops and servers
    • Microsoft Office 365
    • Google Workspace
    • Microsoft Azure
    • Amazon Web Services
    • Backup for cloud
    • Hosting
  • Web services+
    • Startup holding page
    • Build-A-Website workshop™
    • Custom website builds+
      • Consultancy
      • Template design and build
      • Landing pages and micro sites
      • Development workshops
      • Integrations
      • Smartphone apps
    • Content creation+
      • Copywriting
      • Photography and illustration
      • Video and animation
    • Website marketing services+
      • Search Engine Optimisation
      • Social channel creation
      • Social media management
      • Chatbots
      • PPC and remarketing
      • Email marketing
    • Website support services+
      • Maintenance and support
      • Vulnerability scanning
      • Security
      • Troubleshooting
      • Sanitisation
      • Optimisation
      • Quality scanning
      • Transfers
    • Hosting+
      • Shared
      • Dedicated servers
      • SSL Certificates
  • Partners+
    • Resellers
    • White label partners+
      • Outsourced service desk
      • IT Services
      • Web services
      • Cloud
      • Hosting
      • White label admin extras+
        • White label sales admin
        • White label accounts
        • White label complaints handling
    • Field technicians
    • Strategic partnerships
    • Business handovers
  • Contact us+
    • General: 0330 333 5790
    • Accounts: 0330 333 5791
    • Sales: 0330 333 5793
    • Service desk: 0330 333 5794
    • Web team: 0330 333 5792
  • Login

Schedule 6 - Endpoint Protection and Security Services

  • Master Services Agreement – IT Services
  • Schedule 1 – IT Support Services
  • Schedule 2 – Patch Management Services
  • Schedule 3 - Monitoring and Alerting
  • Schedule 4 - Cloud Productivity Platform Administration and Licensing
  • Schedule 5 - Backup and Recovery Services
  • Schedule 6 - Endpoint Protection and Security Services
  • Annex A - Service Level Agreement (SLA)
  • Annex B - Acceptable Use Policy (AUP)
  • Annex C - Shared Responsibility Model
  • Annex D - Fair Use Policy (FUP)
  • Legal >
  • Terms >
  • Master Services Agreement – IT Services >
  • Schedule 6 - Endpoint Protection and Security Services

This Schedule forms part of the IT Master Services Agreement and describes the scope, responsibilities and limitations relating to Endpoint Protection and Security Services.

Security Services provide additional protection for devices, users and cloud services through tools such as antivirus, endpoint detection and response (EDR), security operations centre (SOC) monitoring, SaaS threat detection, cloud backup and other security controls.

These services build on, but are separate from, core IT Support, Patch Management, Monitoring and Alerting and Backup and Recovery. They are generally optional and will only apply where they are included in your Order. You may not use all services and components described in this Schedule.

1. Service overview

Endpoint Protection and Security Services are designed to:

  • reduce the likelihood and impact of malware, ransomware and other attacks on in-scope devices and accounts;
  • provide enhanced detection, investigation and response capabilities through EDR and SOC services;
  • improve the security posture of cloud environments such as Microsoft 365 and Google Workspace;
  • support user-level protections, including cloud backup, phishing defence and awareness training;
  • provide optional endpoint-level backup and business continuity capabilities.

Security Services do not guarantee that security incidents will never occur, but they significantly enhance visibility, resilience and the ability to respond effectively when issues arise.

2. Packages and modular activation

Security Services are offered in a combination of packages and standalone components. In summary:

  • Patch - operating system and software patching only, with no Service Desk access and no security tooling included.
  • Support - adds Service Desk access to Patch, but does not include Shield, Guardian or User Protection by default.
  • Support + Shield - Support plus the Shield security stack and enhanced security policy management and support.
  • Guardian - Support + Shield plus SOC monitoring (RocketCyber) for higher levels of security incident visibility and response.
  • Shield (standalone) - the Shield security stack can also be purchased on its own, without a Support package.
  • User Protection - a separate package focused on user and cloud security, which can be purchased standalone or alongside any support package.

All Security Services are delivered on a modular activation basis. This means that, even within a package:

  • individual components (for example specific agents or user protections) can be provided as standalone services; and
  • you do not have to activate every available component in a package if it is not appropriate for your environment.

Your Order will set out which packages and components are in place, and for which devices, users, tenants or environments.

3. Endpoint Protection (devices)

Endpoint Protection focuses on physical and virtual devices such as desktops, laptops, servers and covered endpoints. Where purchased, Endpoint Protection may include some or all of the following:

  • Shield - an endpoint security stack delivered via enterprise-grade security tools, consisting of:
    • Antivirus;
    • Endpoint Detection and Response (EDR);
    • Ransomware protection features; and
    • DNS filtering to block known malicious destinations.
    Shield may be purchased as a standalone product or as part of Support + Shield or Guardian.
  • Guardian - the Shield stack plus Security Operations Centre (SOC) monitoring via RocketCyber and integrated SIEM tooling. Guardian provides 24×7 triage and escalation of security alerts raised from in-scope devices and environments.
  • Vulnerability scanning - where purchased, vulnerability scanning on in-scope devices and systems (for example using Vulscan or equivalent tooling) to highlight missing patches, misconfigurations and known vulnerabilities.
  • Endpoint backup and business continuity - where purchased, endpoint-level backup and the ability to recover covered endpoints as virtual machines (for example in the cloud) following device failure. These services are further described in the Backup and Recovery Schedule and linked to Endpoint Protection for entitlement and packaging.
  • On-premise BCDR appliances - where purchased, suitable backup and business continuity appliances for server-level backup, disaster recovery and business continuity, as described in the Backup and Recovery Schedule.

Endpoint Protection applies only to devices that are correctly onboarded to the relevant security tooling and remain reachable by those tools.

4. User Protection (accounts and cloud services)

User Protection is focused on identities, accounts and cloud services rather than physical devices. Where purchased, it may include:

  • Cloud Backup (cloud-to-cloud backup for Microsoft 365 and/or Google Workspace) - backup of supported Microsoft 365 data such as Exchange Online, OneDrive, SharePoint Online and, where supported, Teams. This is sometimes referred to as “Cloud Backup” and is also described in the Backup and Recovery Schedule.
  • Cloud Threat Detection and Response (SaaS Alerts or equivalent) - monitoring of in-scope SaaS platforms (for example Microsoft 365 and Defender) for suspicious activity, misconfigurations and risky behaviour, with alerts integrated into our security workflows.
  • Dark Web Monitoring (DarkWebID or equivalent) - monitoring for exposed credentials associated with your domains to help identify where passwords may have been compromised.
  • Email Security - advanced phishing and email threat protection, currently provided via Graphus and transitioning to Inky or equivalent, typically marketed as “Email Security”. This may include link and attachment scanning, impersonation detection and other controls.
  • Phishing simulations and cybersecurity awareness training (BullPhish or equivalent) - regular phishing simulations and associated training content to help users recognise and report suspicious emails.

User Protection can be purchased as a bundle or as individual components. Entitlement is typically licensed per user and may not cover all users in your organisation unless this is specified in your Order.

5. Standalone and add-on security services

In addition to the packages above, certain security services are available as standalone or add-on options. These may be used alongside Endpoint Protection, User Protection or on their own. They include, but are not limited to:

  • Password management - for example, Keeper or similar password manager solutions;
  • Virtual Private Network (VPN) services - secure remote access solutions for in-scope users and devices;
  • Vulnerability scanning - periodic or continuous scanning of in-scope networks, endpoints or servers;
  • Penetration testing - scheduled penetration tests (for example using Vonahi or equivalent) to validate the effectiveness of security controls;
  • Security posture improvement - targeted initiatives such as Microsoft Secure Score improvement (“Fortify”), as set out in your Order;
  • Other specialist security tools and services - where agreed separately in writing.

Unless explicitly stated otherwise in your Order, these services are treated as add-ons and may be chargeable on either a recurring or project basis.

6. Service boundaries and exclusions

Endpoint Protection and Security Services are designed to enhance your security posture but have important boundaries. Unless explicitly agreed in your Order, Security Services do not include:

  • guaranteed prevention of all attacks, breaches, malware infections or data loss;
  • coverage of any device, user, tenant or environment that has not been onboarded into the relevant security tooling;
  • coverage of devices where security agents are repeatedly disabled, removed or blocked from communicating;
  • design and delivery of full security architectures, Zero Trust implementations, firewall rule sets, segmentation designs or MDM/BYOD rollouts (these are delivered as projects under separate arrangements);
  • comprehensive compliance programmes (for example CE/CREST/DORA/PCI/ISO) beyond the use of security tools that may support such programmes;
  • response and recovery for incidents outside the scope of the tools and services in place.

Where an incident is detected, remedial work is usually carried out under IT Support, Backup and Recovery or project arrangements, depending on the nature and scale of the incident.

7. Customer responsibilities

To ensure Endpoint Protection and Security Services remain effective, you must:

  • provide and maintain accurate records of in-scope devices, users, domains and tenants;
  • allow installation and operation of required security agents and integrations, and avoid disabling or tampering with them;
  • ensure systems and endpoints remain powered on and connected where practical, so updates and security functions can run;
  • encourage users to follow reasonable security practices, including MFA, password hygiene and awareness training;
  • inform us of significant changes (for example new systems, mergers, major expansions) that may affect coverage;
  • act on reasonable recommendations we make to maintain or improve your security posture.

8. Dependencies on third-party platforms

Security Services rely on various third-party tools and platforms, which may include (but are not limited to) security monitoring platforms, endpoint protection tools, email security services, password management solutions, VPN providers and cloud platforms such as Microsoft 365 and Google Workspace.

The availability, performance and feature sets of these platforms are outside our direct control. We will act reasonably to work with our suppliers and adapt our services where vendors make changes, but we are not responsible for vendor outages, product retirements or feature changes.

9. Changes to this Schedule

We may update this Schedule to reflect changes in security tooling, vendor capabilities, best practice or the range of Endpoint Protection and Security Services we offer. We will publish updated versions on our website and, for material changes, provide reasonable notice.

Contact us

  • Get a call back
  • New Supplier
  • Setup a Direct Debit
  • Tel: 0330 333 5790
  • Email: ITexperts@cultrix.co.uk
  • Location pin
  • Facebook logo
  • Instagram logo
  • LinkedIn logo
  • Medium logo
  • Pinterest logo
  • Twitter logo
  • YouTube logo

What we do

  • Backup
  • Business continuity
  • Cloud
  • Consultancy
  • Disaster recovery
  • G Suite
  • Hosting
  • IT support
  • Microsoft Office 365
  • Security
  • Supply and install
  • System audit
  • White label IT services
  • White label product support
  • White label Service desk
  • White label support on-demand

IT support

  • Announcements
  • Service status
  • Login
  • IT Academy
  • Web Academy
  • Legal
  • Privacy and cookies
  • GDPR
  • DPA
  • Infrastructure

© Cultrix Limited 2026. All rights reserved.

All calls to and from Cultrix HQ are recorded to help us with staff training, as well as for our own monitoring and customer quality assurance purposes.

Cultrix Limited is a company registered in England and Wales with company number 4556716 and VAT number 804568131.

Cultrix and Cultrix Digital are trading names of Cultrix Limited.

  • IT support locations+
    • IT support East Midlands+
      • IT support Chesterfield
      • IT support Derbyshire
      • IT support Mansfield
      • IT support Northampton
      • IT support Nottingham
    • IT support London
    • IT support North West+
      • IT support Manchester
    • IT support Yorkshire+
      • IT support East Yorkshire
      • IT support North Yorkshire+
        • IT support York
      • IT support South Yorkshire+
        • IT support Barnsley
        • IT support Doncaster
        • IT support Rotherham
        • IT support Sheffield
      • IT support West Yorkshire+
        • IT support Castleford
        • IT support Featherstone
        • IT support Huddersfield
        • IT support Leeds
        • IT support Normanton
        • IT support Pontefract
        • IT support Wakefield
  • IT support specialisms+
    • Charity IT support
    • Multi-office IT support
    • PAYG/On-demand IT support
    • Remote IT management
    • Remote IT support
    • Tenant IT support
    • White Label IT support
  • Move to Cultrix

This website uses cookies, if you'd like to know more about these cookies here's our cookie policy.Close