Hi
We need to bring our contract up-to-date, does anyone have a template they could share? 
Also, although with Comodo AV, clients should be well protected, how does everyone deal with virus/hacking attacks with a contract?
For AV, I generally include remediation but only if a component of protection (Dome, Comodo AV…etc) wasn’t working or otherwise was at fault for not catching it. (misconfigured…etc). Although Comodo (and generally most security solutions) claim to be able to prevent any outbreaks, its impossible to always have 100% guarantee’d protection from something slipping through. I include this type of verbiage in my contracts. If the outbreak was caused by an end user doing something they knowingly shouldn’t have been doing, then its not included. By that I mean a user violates the security policy. A security (sometimes included in a Acceptable use policy) policy puts some of responsibility on the clients. For example if its not allowed in the policy for a user to check personal email on company devices and a virus comes from there, remediation won’t be included for that incident as long as AV and other security components were functioning as they were suppose to at the time. The hope is that would be caught anyway, but there are no guarantees. So it can be a case by case thing. I’ll assist either way, its just whether its gonna be extra billable or not. This somewhat gives responsibility to both sides. Its up to me to make sure the AV is active, working and up-to-date. Its up to the client to make sure policy is followed and enforced.