Browse
Search
Agenda - 11-15-2022; 8-h - End Point Protection – Managed Detection Response CrowdStrike Contract
OrangeCountyNC
>
BOCC Archives
>
Agendas
>
Agendas
>
2022
>
Agenda - 11-15-2022 Business Meeting
>
Agenda - 11-15-2022; 8-h - End Point Protection – Managed Detection Response CrowdStrike Contract
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
11/10/2022 2:52:16 PM
Creation date
11/10/2022 2:44:21 PM
Metadata
Fields
Template:
BOCC
Date
11/15/2022
Meeting Type
Business
Document Type
Agenda
Agenda Item
8-h
Document Relationships
Agenda for November 15, 2022 BOCC Meeting
(Message)
Path:
\BOCC Archives\Agendas\Agendas\2022\Agenda - 11-15-2022 Business Meeting
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
30
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
1 <br /> EORANGE COUNTY <br /> BOARD OF COMMISSIONERS <br /> ACTION AGENDA ITEM ABSTRACT <br /> Meeting Date: November 15, 2022 <br /> Action Agenda <br /> Item No. 8-h <br /> SUBJECT: End Point Protection — Managed Detection Response CrowdStrike Contract <br /> DEPARTMENT: Information Technologies <br /> ATTACHMENT(S): INFORMATION CONTACT: <br /> 1. CDW-G — CrowdStrike Contract David Mathias, IT Operations Manager/ <br /> 2. CrowdStrike Terms and Conditions Security Officer, 919.245.2272 <br /> 3. CDWG — CrowdStrike Quote Jim Northrup, Chief Information Officer, <br /> 919.245.2276 <br /> PURPOSE: To approve and authorize the Manager to sign a contract with CDW and CrowdStrike <br /> in the amount of $112,965 to monitor 1,500 devices, e.g., computers and servers, replacing the <br /> currently deployed Carbon Black endpoint protection with CrowdStrike end point protection and <br /> additionally adding a vendor initiated managed detection system. <br /> BACKGROUND: Orange County Information Technologies (IT) uses Carbon Black, a next <br /> generation antivirus system on all compatible computing devices. The current system has been <br /> managed successfully by IT staff since 2019. One of the shortcomings of this system is, unless <br /> IT staff is continually monitoring email 24 hours a day/7 days a week, a detection may go <br /> unnoticed for hours, e.g., an event or infection occurs on a Sunday at 11:59 PM. This increases <br /> the risk of a single machine infecting other machines until staff monitoring of email resumes on <br /> Monday. <br /> The proposed CrowdStrike system not only replaces Carbon Black, but it also includes an <br /> additional component of 24x7 monitoring and response, e.g., an infection or other infringement is <br /> remediated up to and including network quarantine. Through this contract the vendor guarantees <br /> a 1 to 2 hour response time, dependent on event severity, per the Service Level Agreement. Real <br /> world response times are considerably less and available upon request. <br /> The purchase would be made through CDW, a reseller of CrowdStrike products. The contract <br /> documents were originated by the vendor which are in line with industry standards while meeting <br /> policy requirements and legal sufficiency with the County Attorney's Office. These industry <br /> standards place an emphasis on the intellectual property despite the additional benefit of human <br /> involvement. <br />
The URL can be used to link to this page
Your browser does not support the video tag.