Managed IT

STIGroup offers two types of managed services: Managed Information Technology (MIT) and Managed Security Operations (MSO). Each service area provides multiple levels of support for security, network, and system related issues based on client needs. STIGroup employs specialized, industry leading software tools to optimize services delivery, including a ticketing system that is used for the tracking and reporting of all Client incidents and service requests. When an incident is detected, either by the Client or by STIGroup, a support ticket is generated, notifications are sent to Client support personnel, and an engineer is assigned to investigate the issue. The engineer will take remediation actions as appropriate to address the situation if contracted to do so. The engineer may also involve external vendor support departments if the outage affects infrastructure managed and/or supported by other organizations, or colocation personnel if the outage requires immediate physical remediation steps at a data center.

Severity Levels

STIGroup services are customized per Client engagement, however, for most engagements, monitoring of events generated by security infrastructure and/or systems and infrastructure, as well as requests directly from clients, are processed based on severity levels that dictate an applicable SLA response time: critical, alert, and low/audit:

Critical-level events include any high risk event categories, usually including persistent and/or potentially successful attacks or network down emergencies. Critical events are monitored on a real-time, 24x7 basis and responded to by a STIGroup security engineer within 15 minutes of being received within the applicable SLA.

Alert-level events include medium risk events, usually including non-persistent and/or unsuccessful attacks or individual system issues. Security events are reviewed three times a day on business days (Mon-Fri) and once a day on weekends (Sat-Sun) within the applicable SLA. Individual system issues are addressed in the order received. Events at this level that require attention are processed within 30 minutes of being identified or according to applicable SLA. Low/Audit-level events include low risk activity and audit events, or normal system change requests or preventative maintenance requests, and are reviewed daily on business days (Mon-Fri) in the order received. Events at this level that require attention are processed within 4 hours of being identified or according to applicable SLA.


STIGroup is frequently contracted by organizations ranging from 50 to 3000 employees for a wide range of IT security and Integration work. Typical IT Security projects include enterprise risk assessments, security and vulnerability assessments, regulatory compliance consultation, and tactical projects including network and system security design and implementation, remediation of security and availability issues, and staff augmentation. Typical IT projects include enterprise infrastructure redesigns and relocations, virtualization, messaging, wireless LANs, disaster recovery and planning, business continuity, system upgrades, and mobile.

We are focused on developing long-term and strategic relationships with all of our clients. As a result of this engagement principal, even client relationships that begin with a tactical engagement eventually result in STIGroup providing strategic direction for technology roadmaps, staffing, and overall IT infrastructure and security systems and process design.

STIGroup consultants maintain a significant amount of industry and product vendor certifications as part of our commitment to providing a high level of service to our customers. Our professional analysts are certified on many major vendor and industry leading platforms.