Managed Cloud Security - Service Terms

The terms in this section, called the “service terms”, apply to a group of services or a specific service within a group.

The following service terms apply to a TELUS Managed Cloud Security Service (“”).

TELUS Managed Cloud Security Service is a TELUS managed security service, powered by a Software-as-a-Service-based (SaaS-based) security platform (the “”), that implements, enables, manages and monitors your security incidents based on the security policies defined by you.

TELUS Managed Cloud Security service provides solutions to help protect your company’s traffic generated either at the user level (“”) or locally across each physical site (“”).

By leveraging the power of the Cloud Security Platform, security policies are centrally configured, managed, and applied equally across all users and sites.

TELUS Managed Cloud Security Services’ requirement for Remote Networks is based on the aggregated bandwidth going through your firewall at any given time estimated based on the type and number of security features enabled, packet size, number of VPNs, and speed of each site access.

TELUS Managed Cloud Security Services’ requirement for Remote Users is based on the number of remote access VPN connections required. TELUS Managed Cloud Security Service endeavours to provide consistent security for users who are connecting to their corporate network or the internet.

The chart below specifies the TELUS Managed Cloud Security Service elements and features (“”) and your and our related responsibilities.

You consent and represent that you will use the TELUS Managed Cloud Security Service for its primary purpose and that you will not intentionally interfere with, disrupt the integrity or performance of, or attempt to gain unauthorized access to the Cloud Security Platform, nor facilitate any attack, send, upload, or storing of malicious code of any kind.

In the event of fire, water damage, theft, malicious attack, loss of environmental controls, or any other incident at your site that is not caused by normal business activities, we will assess, plan, and recover operations upon your request and approval, and will bill these services at TELUS’ standard rates, based on the time spent on such project and on a time and materials (“T&M”) basis. Enhancing or testing disaster recovery plans are available on a T&M basis.

The Managed Cloud Security Service does not include the installation, configuration or maintenance of anti-virus software. Without limiting anything else in this agreement, we make no warranties relating to, and are not responsible for, the detection or prevention of viruses or the effect of any viruses on your hardware, software, LAN or facilities, even if the introduction of the viruses is related to the provisioning of the Managed Cloud Security Service.

Changes to the Managed Cloud Security Service subsequent to the initial installation required as a result of significant upgrades or changes to the VPN termination devices located at your site(s), including new or upgraded routers, or firewalls, will be billed on a T&M basis and may result in changes to the monthly fixed charge shown in the Your Services & Summary Charges section.

The Managed Cloud Security Service can be registered to a new street address as a result of a relocation of your primary service address originally associated with these service terms. To relocate the Managed Cloud Security Service, you must provide us thirty (30) days written notice prior to any change of primary address together with the new service address. If applicable, a site VPN termination device may also be moved from one location to another. If requested, we will supervise the move to your new service address and bill you in T&M, otherwise you are responsible for the relocation. If the affected VPN termination device is not re-installed by you in an acceptable state as determined by us to offer the Managed Cloud Security Service after a relocation that was not supervised by us, you agree to pay us in T&M to re-install the affected VPN termination device in an acceptable state to resume the offering of the Service. Service Availability Target calculation will be suspended during the relocation period and will not be re-instated until we determine that we can provide the Service as outlined in this agreement to you. You will continue to be charged during the relocation period as outlined in the Your Services & Summary Charges section.

Unless expressly permitted by us, you shall not resell the Managed Cloud Security Service, or provide access to the Managed Cloud Security Service, directly or indirectly to third parties. If we permit such resale to or access by third parties, you shall be responsible for all such third party use or access and shall indemnify TELUS against all damages, costs and legal fees incurred by us from any claim arising from third party use of or access to the Managed Cloud Security Service.

The software used to deliver the Managed Cloud Security Service (whether embedded in hardware as firmware or standalone software that is provided without hardware or otherwise) and any copy or modification of it is and will remain the sole property of TELUS or its third party suppliers. The right to use any software included with the Managed Cloud Security Service is a non-exclusive, non-transferable license to use such software, and in respect of its use, you will:

The licenses used to deliver the Managed Cloud Security Service are an integral part of the Service Elements, except where you have purchased the licenses directly through TELUS resale or through other sources. If you own the licenses, then Your Services and Summary Charges table will only reflect the costs related to the management of the Managed Cloud Security Service and the required licenses will not be part of the Service Elements. You are responsible to procure any maintenance or support services to support the licenses. You are also responsible for renewal of the licenses. The use of licenses purchased separately will be according to the End-User License Agreement (“”) imposed by the vendor.

You acknowledge and agree that any data or information including your personal information or the end users’ information provided to TELUS may be shared by TELUS with TELUS’ subcontractors or third party service providers in order to provide the Managed Cloud Security Services under this agreement. You further acknowledge that such information may be processed and stored outside of Canada and may be subject to access under the laws of the foreign jurisdiction.

TELUS Managed Cloud Security Services come with a service availability target performance commitment described below (the “”). Where we fail to achieve the Service Availability Target in any month we will provide you with the applicable one-time credit indicated in the table below. The payment of the credit is your sole remedy for a failure by us to meet the Service Availability Target and we will not be obligated to pay any other compensation and will have no other liability to you for any failure to meet the above and such a failure will not be considered a breach or default of this agreement by us.

The Service Availability Target is the percentage of time in a calendar month that the TELUS Managed Cloud Security Service should be available for your use on a per location basis. Service Availability Target is calculated as follows:

Service availability =

When we measure and calculate the result we assume each month is 30 days but we include all periods of unavailability over the calendar month except for any period of unavailability that is caused or contributed to by one of the following excusable downtime (“”):

Service credits are calculated as a percentage of the monthly fixed charges attributable to the applicable Service and further pro-rated based on the portion of the Service impacted by the outage (e.g., for Managed Cloud Security for Remote Users, the outage impact is measured based on the number of users affected; for Managed Cloud Security for Remote Network, the outage impact is measured in Mbps). The credit is applied only once for the month we fail to achieve the Service Availability Target.

In an effort to identify risk and reduce overall impact of changes to your environment, we have implemented a 3-tier support process for change requests that require testing. The request will be processed and TELUS support will determine if the change is within an acceptable level of risk. We will then contact you and negotiate timelines for testing and execution if needed.

Change management processes include the ongoing evaluation, management and tracking of the execution of requests for changes conforming to ITIL best practices.

Requesters in your authorization list provided to TELUS (“”) will have access to TELUS change portal tools and will be accepted as valid change requesters. All other change requests from users not on the Authorization List will be rejected.

Both standard and non-standard change requests can be submitted via the change request web portal. You are responsible to ensure all details in the change requests are valid and accurate for successful change implementation.

These requests will be reviewed and if a quote is required (non-standard and/or complex change), we will engage all necessary parties to review and assess the request. We will submit a quote back to you for approval as required.

In cases where a statement of work (“”) is required, we will work with your internal teams to develop the appropriate SOW.

A standard change request is implemented through a scheduled change window and consists of simple policy changes as listed in your proposal template and/or welcome guide associated with the Managed Cloud Security Service. Requests above the monthly quota indicated in the above Service Element’s table are subject to T&M charges.

An expedited change request is a standard change request with quicker turnaround time objectives. Expedited change requests initiated by you are subject to T&M charges.

An emergency change request is a standard change request that is urgent due to immediate or potential impact to Service Availability Target with quicker turnaround time objectives. Emergency change requests initiated by you are subject to T&M charges.

The following table outlines the TELUS Managed Cloud Security Service change management performance objective applicable to standard charges:

We may cancel the TELUS Managed Cloud Security Service at any time for any reason on thirty (30) days’ prior written notice to you. Should we do so, you will not be liable for the payment of any service cancellation charges in connection with such cancellation.

When you cancel TELUS Managed Cloud Security Services, we calculate the cancellation charge using the table below. The service cancellation charge is the aggregate of the percentage of the total monthly fixed charges remaining for the service period after cancellation.