These Minimum Standards define the hardware, software, connectivity and security requirements needed for vIT4u Ltd to provide reliable and effective IT support.
The standards apply to any device, system, application or service that connects to, processes or stores Your business information.
We may update these requirements as technologies, security risks and manufacturer support arrangements change.
1. General requirements
All supported equipment and software must:
- Be intended and licensed for business use.
- Be supported by its manufacturer or software developer.
- Receive current security updates and firmware updates.
- Be of sufficient specification and condition to perform its intended purpose.
- Be accessible to Us for monitoring, maintenance and support.
- Not have been modified in a way that prevents normal management, security or support.
- Be included within Our asset records, monitoring and security arrangements where applicable.
Unsupported, obsolete, personally owned or consumer-grade equipment may be excluded from support or supported on a chargeable reasonable-endeavours basis.
2. Desktop and laptop computers
Unless otherwise agreed, supported computers must have:
- A manufacturer-supported 64-bit processor compatible with the installed operating system.
- Windows 11 Professional, Enterprise or another operating system approved by Us.
- A minimum of 8GB RAM, 16GB RAM recommended for normal business use.
- A solid-state drive rather than a mechanical hard disk.
- At least 20% free disk space under normal operating conditions.
- TPM 2.0, Secure Boot and hardware capable of supporting full-disk encryption.
- A working battery where the device is a laptop.
- Current manufacturer-supported drivers and firmware.
- A supported business warranty where the device is business-critical.
Windows Home editions are not supported unless specifically agreed because they do not provide all the business management and security capabilities We require.
Devices should normally be replaced when they:
- Can no longer run a supported operating system.
- Cannot receive security or firmware updates.
- Are no longer economically repairable.
- Regularly affect productivity or service reliability.
- Are more than five years old, unless We have assessed them and agreed otherwise.
3. Servers
Physical and virtual servers must:
- Run a currently supported server operating system.
- Have sufficient processor, memory, storage and network capacity for their workload.
- Use resilient business-grade storage where appropriate.
- Have active hardware and software warranties or support agreements.
- Be protected by a suitable uninterruptible power supply where located on-premises.
- Have tested backup and recovery arrangements.
- Be monitored for availability, storage capacity, hardware condition and backup status.
- Be located in a secure, clean and suitably ventilated environment.
- Not be used as a normal user workstation.
Server operating systems, applications, databases and hypervisors that are outside manufacturer support do not meet Our Minimum Standards.
4. Network equipment
Network infrastructure must use business-grade equipment approved by Us, including:
- A managed firewall or security gateway.
- Managed network switches where management, security or troubleshooting requires them.
- Business-grade wireless access points.
- Secure wireless encryption and unique administrative credentials.
- Separate guest wireless access where visitors require internet access.
- Supported firmware on firewalls, switches, access points and other network appliances.
- Appropriate network segmentation where security or operational requirements justify it.
Consumer routers, unmanaged wireless extenders, domestic mesh systems and unsupported network equipment may not meet Our Minimum Standards.
Network cabinets and communications equipment should be secured against unauthorised access and provided with suitable power protection and ventilation.
5. Internet connectivity
Internet services must be appropriate for the number of users and the business services being operated.
The connection should provide:
- Adequate download and upload capacity.
- Stable latency and reliability.
- A business support service where internet access is operationally important.
- A suitable router or firewall that We can manage or support.
- A static public IP address where required by the supported solution.
Businesses that depend on internet-based telephony, cloud applications or remote access should maintain a secondary internet connection or mobile failover service.
Internet speeds and availability are dependent upon third-party telecommunications providers and are not guaranteed by Us.
6. Operating systems and software
All software must:
- Be legally licensed.
- Be approved for business use.
- Be supported by its developer.
- Receive current security updates.
- Be compatible with the supported operating system and other business applications.
- Be installed and maintained using approved administrative processes.
Unauthorised, pirated, obsolete or end-of-support software is not supported.
Where an application requires an obsolete operating system, browser, database, plug-in or runtime, the entire application may be treated as not meeting Our Minimum Standards.
Specialist or line-of-business applications must have an active support agreement with the application supplier. We may require the supplier to assist with problems relating to their application.
7. Microsoft 365 and other cloud services
Cloud services supported by Us must:
- Use individual named user accounts.
- Have multi-factor authentication enabled where supported.
- Use licensing appropriate to the required security and management features.
- Have separate administrative and everyday user accounts where appropriate.
- Be configured to retain appropriate audit and security information.
- Be protected by an approved backup or recovery service where the underlying provider does not meet the required recovery need.
- Be purchased through Us or provide Us with sufficient administrative access to support the service.
Shared user accounts should not be used except where explicitly required and approved.
8. Security software and management
Every supported computer and server must have the security and management services specified by Us. Depending on the service selected, these may include:
- Remote monitoring and management software.
- Endpoint antivirus or endpoint detection and response.
- Managed operating system and third-party application patching.
- Full-disk encryption.
- Email security and anti-phishing protection.
- DNS or web-content protection.
- Security monitoring and alerting.
- Vulnerability management.
- Mobile device management.
- Privileged access management.
- Security awareness training.
Security software must not be disabled, removed or replaced without Our approval.
The installation of competing antivirus, endpoint security, remote access, patching or monitoring products may cause conflicts and must be agreed with Us in advance.
9. Updates and patching
Supported devices and applications must be configured to receive security updates.
Users must allow devices to restart when required and must not repeatedly postpone security updates.
Critical or high-risk security updates should normally be installed within 14 days of release, or sooner where We consider there to be an active or significant threat.
Where an update cannot be installed because of compatibility or operational concerns, We may require alternative safeguards or a formal risk acceptance.
10. Backup and recovery
Important business information must be protected by a backup solution approved by Us.
Backup arrangements should:
- Cover all agreed business-critical systems and data.
- Store backup data separately from the original system.
- Protect backups against unauthorised alteration or deletion.
- Provide appropriate retention periods.
- Be monitored for successful completion.
- Be tested periodically through sample or full restoration.
- Meet the recovery time and recovery point requirements agreed with You.
File synchronisation services such as OneDrive, SharePoint, Dropbox or Google Drive are not, by themselves, a complete backup strategy.
Data stored only on an individual computer, removable drive or mobile device may not be recoverable unless it has been specifically included within the backup service.
11. Mobile devices
Mobile phones and tablets used to access business information must:
- Run a manufacturer-supported operating system.
- Receive current security updates.
- Be protected by a PIN, password, biometric control or equivalent.
- Use device encryption where available.
- Be capable of being remotely blocked or wiped where business information is stored locally.
- Comply with any mobile device management or application protection requirements specified by Us.
Rooted, jailbroken or otherwise security-modified devices are not supported.
12. Printers, scanners and other devices
Printers, scanners, telephone systems, CCTV systems, access-control systems, industrial equipment and other connected devices must:
- Be supported by their manufacturer.
- Use supported drivers, applications and firmware.
- Have unique administrative credentials.
- Be connected and configured securely.
- Have an identified supplier responsible for specialist hardware and application support.
Our support may be limited to network connectivity and reasonable liaison with the relevant third-party supplier.
13. Administrative access
You must provide Us with the administrative access reasonably required to support and secure the environment.
Administrative credentials must:
- Be held securely.
- Not be shared through insecure methods.
- Be changed when compromise is suspected or when responsible personnel change.
- Use multi-factor authentication where available.
- Be provided to Us through an approved secure system.
We are not responsible for delays caused by unavailable credentials, inaccessible systems or third-party suppliers who do not cooperate.
14. Physical and environmental requirements
Business-critical equipment must be:
- Protected from unauthorised physical access.
- Located away from water, excessive dust, heat and other environmental hazards.
- Properly ventilated.
- Connected through suitable surge protection or an uninterruptible power supply where appropriate.
- Installed using safe and suitable power, network cabling and mounting.
We may decline to work on equipment where its location or installation creates a health, safety or equipment-damage risk.
15. Customer responsibilities
You must:
- Tell Us about new equipment, applications, services and locations before they are introduced.
- Obtain Our approval before making material changes to the supported environment.
- Ensure employees follow the security and acceptable-use requirements We specify.
- Notify Us promptly about equipment failures, suspected security incidents and unusual activity.
- Maintain appropriate warranties and third-party support agreements.
- Provide reasonable access to equipment, systems, employees and suppliers.
- Follow replacement or remediation recommendations within the agreed timescale.
16. Equipment or software that does not meet these standards
Where an item does not meet Our Minimum Standards, We may:
- Provide support on a reasonable-endeavours basis.
- Charge separately for investigation, remediation or additional support time.
- Require the manufacturer or another specialist supplier to be engaged.
- Exclude the item from service-level commitments.
- Require additional security controls.
- Recommend that the item is upgraded, replaced, isolated or removed.
- Decline to support the item where it presents an unacceptable security, safety or operational risk.
Any temporary exception should be recorded in writing, including the associated risks, responsibilities and target remediation date.
17. Changes to these standards
Technology and security requirements change over time. We may update these Minimum Standards to reflect:
- Manufacturer support and end-of-life dates.
- Newly identified security risks.
- Changes to legal, regulatory or insurance requirements.
- Changes to Our supported technology platform.
- The availability of more secure or reliable alternatives.
Where an update requires significant expenditure or operational change, We will discuss an appropriate implementation plan with You.


