Email Security
Managed Retainer
Monthly policy tuning, threat reporting, quarterly DMARC review, and incident response support for suspected business email compromise. Mimecast or Proofpoint Essentials licence included in the monthly fee — no separate software invoice.
Monthly Retainer Pricing
Four monthly activities. Quarterly DMARC review. Incident response included.
Email security is not a set-and-forget deployment. Threat actors adapt their techniques, your user base changes, and your authorised sending platforms evolve. This retainer keeps the solution tuned, the reporting current, and the incident response ready.
Licence and Platform Management
The Mimecast or Proofpoint Essentials licence is managed and renewed by Konve IT at the partner rate, included within the monthly fee. No separate licence invoice. Platform health monitoring ensures the solution remains connected to Exchange Online and processing email correctly. Vendor-issued platform updates and threat intelligence definition updates are applied as released — your protection is always current without you managing it.
Policy Management and Tuning
Monthly review of quarantine activity, false positive rates, and threat detection statistics. Filtering policy tuning to reduce false positives where legitimate email is being incorrectly quarantined, and to improve detection accuracy where emerging threats are being missed. Allow and block list management — requests from your nominated contact actioned within two working days. Policy changes are documented and reported in the monthly Email Security Report.
Email Security Report
Delivered by the fifth working day of each calendar month. Covers: total email volume processed; threats detected and blocked by category — phishing, malware, spam, impersonation; quarantine activity and false positive rate; any notable threat patterns observed during the month; policy changes made; and DMARC pass and fail statistics. Formatted for management review and suitable as evidence for professional indemnity insurance purposes.
Business Email Compromise Incident Response
Where a business email compromise, phishing attack, or email-borne threat is suspected or confirmed, Konve IT provides first-response support within the service levels below. Analysis of available email logs and headers to determine the nature and scope of the incident. Identification of affected accounts and compromised mailboxes. Recommended immediate containment actions — password reset, session revocation, quarantine rule adjustment. This is email security incident response, not broader IT security incident response.
Response and resolution commitments.
Service levels are measured during Business Hours — 09:00 to 17:30, Monday to Friday, excluding English public holidays — from the point at which Konve IT receives written notification or identifies the issue through monitoring.
Konve IT is not liable for incidents caused by changes made to the email environment without Konve IT's knowledge, Microsoft 365 or email security platform outages, or users responding to phishing emails despite technical controls being in place. No email security solution provides absolute protection against all threats.
This retainer covers the managed email security layer only.
- Helpdesk or end-user support of any kind
- Configuration of email security for additional domains not in the original deployment
- Broader security incident response beyond email security first-response
- Email archiving management where not included in the original deployment
- Major reconfiguration of the email security environment — subject to a written change order
- Changes to Microsoft 365 tenant configuration outside the email security solution
Per user per month. Licence included.
The monthly retainer fee includes the Mimecast or Proofpoint Essentials licence at Konve IT's partner rate. There is no separate licence invoice. The fee adjusts as your user count changes — billed for what you actually have.
Email Security Managed Retainer
Retainer Terms
From the commencement date confirmed in the Statement of Work.
Renews for successive 12-month periods unless either party gives 30 days' written notice before the end of the then-current term.
Issued on the first working day of each calendar month. Payable within 14 days.
Fee adjusts from the first invoice following written notification. Minimum 5 users billed regardless of count.
Any increase in the underlying licence cost from the solution provider is passed through with 30 days' written notice.
Email security not yet deployed?
This retainer assumes that the email security solution has already been deployed and is actively filtering email. If the solution has not been deployed, the Email Security Deployment and Configuration engagement sets it up first — after which the retainer begins.
Three steps to a running retainer.
If your email security solution is already live and filtering email — whether deployed by Konve IT or another provider — the retainer can begin immediately following signature of the Statement of Work.
Complete the onboarding form
Download and complete the Konve IT Client Onboarding Form. If already submitted for a previous engagement, you do not need to complete it again.
Complete the service questionnaire
Download and complete the Email Security Questionnaire. Confirms which solution is deployed, user count, domains covered, and preferred reporting contact for the monthly report.
Review and sign the Statement of Work
Konve IT issues a Statement of Work within two working days. The retainer commences on the first day of the calendar month following signature, or from the commencement date confirmed in the SoW.