Introduction to yourservice

Desktop-as-a-Service (DaaS) with U2Cloud (the “Service”) is a

cloud offering providing the customer (“Customer” or “you”)

with virtual desktops and the necessary supporting

infrastructure. This Service Description and the attached

appendices (collectively, the “Service Description”) describe

the Service being provided to you (“Customer” or “you”) as

well as what to expect for your DaaS implementation with

U2Cloud.

Introduction

The Service is a cloud-based service that allows you to self-

provision your own virtual desktops, applications and supporting

services. U2Cloud provides image management for our clients,

enabling them to reduce their IT expenses while providing

users with customized desktops and applications.

Desktop-as-a-Service - It’s your very own private PC, that you

can connect to from anywhere on the planet. Jump from

tablet to laptop to phone and keep working without missing a

beat.

With DaaS, screen images are streamed to the user while

keyboard and mouse input are sent back to the server. When

using DaaS, you can present users with an entire desktop

environment or just the individual applications. Data is

centrally stored and can be accessed by hosted virtual

desktops or SaaS applications. From a user perspective, these

applications are integrated seamlessly. They look, feel and

behave like local applications.

U2Cloud DaaS (the “Service”) is a cloud –based offering providing

virtual or shared desktops from U2Cloud’s datacenters.

Desktop-as-a-Service (DaaS) with U2CloudService description | Feb 2017

DaaS with U2 Cloud offers you an

easy way to provide a fully managed,

cloud-based desktop experience to

your users. You don’t have to worry

about procuring or deploying hardware

or installing complex software to

deliver a desktop experience to your

users. U2Cloud takes care of all the

heavy lifting of managing hardware and

software, and tasks such as patching and

maintenance, enabling you to deliver a

high quality desktop experience to

your users.

Whether you are managing traditional

desktops or an on-premises solution for

virtual desktop infrastructure (VDI), both

of these approaches require significant

capital investment and are often

complex and difficult to deploy and

manage. Using our cloud-based desktop

environment eliminates the needfor

up-front investment and ongoing

management of infrastructure, providing

you with an easy, cost-effective way to

bring a secure and broadly accessible

desktop experience to your users. For

a low monthly fee, DaaS provides a

complete cloud-based desktop

computing service including compute,

persistent storage, and applications.

Your users get a better experience than

a traditional desktop with more

functionality, such as the ability to

access their applications and data from

a device of their choice. You get a

simpler way to provision desktops for

users for half the cost of an on-

premises VDI solution.

You simply select from a choice of

DaaS bundles that offer a range of

different amounts of CPU, memory,

storage, and choice of applications —

and launch the number of DaaS that

you require. You can choose from

multiple hardware options and then

choose a bundle with software pre-

installed. DaaS with U2 Cloud

provides users a desktop experience

that can be accessed from a variety of

devices such as a laptop computer (Mac

OS or Windows), iPad, Blackberry, or

Android tablet. The user’s applications

and data stay the same regardless of

which device they use, so they can easily

switch between devices without losing

their work.

You have the choice of creating a

standalone, managed directory for users

who will use DaaS, or you can integrate

withyour on-premises Active Directory

so that your users can use their existing

credentials to obtain seamless access

to corporate resources. This integration

works via a secure SSLconnection

to your on-premises network

using ADSync.

DaaSbundles

DaaS with U2 Cloud offers a choice of

service bundles providing different

hardware and software options to meet

your needs. You can choose from the

Standard, Professional or Premium

family of bundles that offer different

CPU, memory, and storage resources,

based on the requirements of your users.

Easyprovisioning

Provisioning desktops with U2 Cloud is

easy. All you need to do is to choose

the bundle that best meets the needs

of your users and the number of

desktops that you would like to launch.

Whether you choose to launch one or

many different desktops, it’s as simple as

selecting the appropriate bundle and

the user(s) that you wish to provide

with services. As soon as the resources

are ready, users receive an email giving

them instructions on how to connect

to their services.

Secure

DaaS with U2 Cloud enables you to

deliver a high quality desktop

experience to your end-users as well

as help meet compliance and security

policy requirements. When users are

using U2Cloud DaaS, your

organization’s data is not sent to or

stored on end- user devices.

Offer description

2

Secure and cost-effective cloud-based desktops designed for your business.

Desktop and mobile clients

Clients are available for both

Windows and Mac computers as well

as for the iPad, Kindle Fire, Wyse

Cloud Connect and Android tablets.

Provisioned users, will get an email

containing details on how they can

download the clients. The client

provides users with full access to their

desktop and includes support for

multiple monitors, audio, and video.

The clients for iPad, Kindle Fire, Dell

Wyse Cloud Connect and Android

tablets have a number of features

designed to provide users with a

tablet-optimized desktop experience.

Users can show or hide an on-screen

keyboard by double-tapping on the

screen with two fingers. The client

provides a touch-based mouse

interface so that interacting with

desktop applications is as easy as using

a traditional mouse. Single and double

clicking requires a simple tap or double

tap, or a two fingered tap for a right

click. Users can scroll vertically using

a two-fingered touch and pinch to

zoom. A slide-out radial control can be

accessed by a thumb swipe from the left

of the screen and gives users access to a

variety of commands. With a Kindle Fire,

Wyse Cloud Connect or Android tablet,

users can connect a keyboard or touch

pad to have a laptop experience with

their tablet DaaS.

Provisioning

The U2Cloud Onboarding Team will

collaborate with designated

Customer contacts to provide

standardized onboarding of the

Service. The standard onboarding

Service will include:

• Initiate contact with you to gather

the necessary information to

complete a successful Provisioning

– The necessary information

will include domain, network,

designated Customer

contact list, and other

relevant information

• Establish secure VPN backhaul

connection (if ordered) to provide

an encrypted data path to your on

premise data

• Create and configure the

Service platform

• Create an account for your

company in the incident

management system for incident

and service request management

• Provide links for manuals and

relevant support documentation

as well as information on how to

obtain support

Active Directory integration is

automatically configured for the client

via the Active Directory Connector in

Cloud Portal. The client simply logs in

and installs the tool on the DC. The

customer can sync the entitiesdesired

by creating a group within their AD.

• IT assessment call with sales

and technical engineers to drive

customer requirements

• Up to 10 DaaS users

per organization

• Up to two lines of business

(LOB) applications virtualized

for the Pilot

• Basic Data Migration to test

designated LOB applications

• Access to support portal and

technical support

• Active Directory

Synchronization for Pilot users

• Three hours of professional

services towards the

optimization of the

environment and advanced

Group Policy configuration

What isincludedin thePilot

• VPN backhauls

• User Profile migrations

• Advanced database

configurations

• End-point management

• U2Cloud is not responsible

for performing any backups of

data, software, systems and/or

programs for thePilot phase

What isexcludedfrom thePilot

Pilot program

The U2Cloud DaaS pilot is designed to allow Customers to test full

production operations on a reduced scale for a fixed period of time and then

quickly expand into full scale production. There are no differences in the pilot

infrastructure and the production infrastructure however; some limitations will

exist to reflect the scale and short time period of the pilot.

3

Infrastructure Management

The Service platform resides in a

U2Cloud datacenter. U2Cloud will

provide security in accordance with the

Security Statement provided in Exhibit 2

and incorporated herein.

Requests for Changes to Service

Service requests are required to change

the profile of file servers,VPN backhauls,

storage or to add additionalservices.

Since these requests will impact the

cost of the Service, any personnel

making a request must be on the list of

authorized personnel provided by the

Customer and have authority to make

such requests. Updates to this list are

conducted via Service requests. Service

requests will be completed promptly

based on available capacity.

Examples of change of service requests

that impact cost of Service include:

• Adding or removing virtual or

shared desktops or file servers

• Adding or removing

storage upgrades

• Changing model of existing virtual

or shared desktops or fileservers

• Adding or removing

bandwidth upgrades

• Requests for Add-On Services

Support

Support for the Service is available in

English by phone (888) 486-1277 (24

hours x 7 days a week x 365). Support is

limited to designated Customer contacts

(I.T. personnel or help desk contacts)

that are on the designated Customer

contact list. U2Cloud provides Support

for the infrastructure and Desktops

located in the datacenteronly.

Customer responsibilities

You will be responsible for the

following activities:

• All end user support including,

but not limited to client devices

(desktops, notebooks, smartphones

thin clients, etc.) and images

(operating systems, applications

and settings)

• Validating application compatibility

in a virtual environment and

monitoring application performance

– U2Cloud provides assistance in

validating application compatibility

• Network connectivity and

bandwidth from Customer to

end user and Customer to Internet,

including supporting the VPN

hardware and software. No

VPN required

• Active Directory configuration

and administration

• Ensuring that Customer’s authorized

support contacts have purchasing

authority to order/change Service

• Supporting Provisioning and any

Service upgrade activities

U2Cloud

responsibilities

• Maintain Service platform hardware

and software that resides in

U2Cloud datacenter, including

connection from the Internet

and VPN

• Perform incident management

for platform-level support in

accordance with Operational

Response Targets

• Provide preventive maintenance on

datacenter/platform hardware

Miscellaneous

No hardware is being transferred, sold,

leased or licensed to Customer under

this Service Description. To the extent

U2Cloud uses hardware or software

as part of its delivery of the Service,

such hardware or software will be

licensed, owned or otherwise held by

U2Cloud. The Service can be hosted

out of datacenters in both the United

States and the European Economic Area.

During discovery, Customer will select

which region to host the Service.

4

Corporate Headquarters

Green Cove Springs, FL, USA

East Coast Data Center

Jacksonville, FL, USA

US Gov Development Center

Orlando, FL, USA

West Coast Data Center

Las Vegas, NV, USA

Central Data Center

Denver, CO, USA

About U2Cloud

U2Cloud enables users to access data from anywhere and at any time with the same experience you have come to expect from your office desktop or laptop. All your software, apps, data files and Email are securely operating in the Cloud. U2Cloud offers ultimate 24/7 portability and security, at reduced cost and increased productivity. No hassles software updates to download or maintain and simple to s ubscribe. A variety of service levels are offered - appropriately scaled to government, private sector enterprise and a wide array of indust ries. U2Cloud is operating globally from a growing number of North American facilities on the East coast, Midwest and West coast.

Copyright © 2017 U2 Cloud, LLC. All rights reserved. Other product and company names mentioned herein may be trademarks of their

respective companies.

This Service Level Agreement

summarizes the Service Level guidelines

between U2Cloud, LLC(“U2Cloud”)

and you and is incorporated into the

Agreement by reference. This Service

Level Agreement applies separately to

each of your paid services. U2Cloudmay

update, amend, modify or supplement

this Service Level Agreement from time

to time.

1. SERVICE.

U2Cloud will use commercially

reasonable efforts to provide the

Services as defined by the plan or plans

purchased or subscribed to under

your Account(s).

2. SERVICEAVAILABILITY.

1.Definition. U2Cloud will provide

at least 99% Service Availability,

measured on a per calendarmonth

basis. “Service Availability” is defined in

the table below. We guarantee 99%

availability of your Hosted Virtual

Desktop in any given calendar month.

We have defined some key terms

below to ensure our clients understand

this guarantee.

5

Exhibit 1:Service Level Agreements (SLA) forU2Cloud

Description Desktop-as-a-Service AvailabilitySLA

Hosted Virtual

Desktop

Is defined as the hosted virtual desktop environment that

we are providing to you as a part of our hosted desktop

service offerings.

Monitoring U2Cloud auto-tests the connection of and session generation

of a hosted virtual desktop every 30 minutes.

Availability The virtual desktop is available when it allows a user

with correct credentials to login and access a desktop

environment and/or stream anapplication.

Unavailability Any period of time when users are unable to login to their

hosted virtual desktop for which they have appropriate

permissions. This period begins when detected by our system

or when a ticket is created/escalated with our support team.

Unavailability Issues caused by external network issues or incidents on the

client network identified by support personnel shall not count

towards the monthly availability calculation.

Unavailability Incidents relating to human error or technical issues on the

client terminal including but not limited to Microsoft Updates,

Anti-Virus, Malware or terminal hardware/software issues

shall not count towards the monthly availability calculation.

Additionally issues or incidents relating to scanners, printers,

copiers, cameras, USB memory or external hard drives shall

not count towards the monthly availability calculation.

2.2. Calculation.

To calculate Service Availability, U2Cloud

uses a combination of methods,

including analyzing logs from both

U2Cloud’s event monitoring system

and the actual affected infrastructure

components and matching these

findings with client reports to determine

the actual timeframe. Any loss of Service

Availability less than five minutes in

duration will not be included in the

calculation of ServiceAvailability.

2.3. Service Availability Credit.

Subject to your valid submission of a

Service Availability Credit request and

the other conditions herein, ifService

Availability under your Account for

any calendar month is below 99%,

U2Cloud will issue a credit (“Service

Availability Credit”) in accordance

with the following schedule: If the

subscription period for anaffected

Service is less than one calendar month,

then the Service Availability Credit will be

adjusted on a pro ratabasis.

To request a Service Availability

Credit,(a) your Account must be in

good standing with U2Cloud, (b) you

must open a technical support ticket in

the http://www.U2Cloud.com/support

form reporting an apparent Service

interruption within 72 hours of the

event, and (c) you must send an emailor

written Service Availability Credit request

to the Billing Department at billing@

U2Cloud.com in the month immediately

following the month for which you are

requesting a Service Availability Credit.

Service Availability Credit requests must

include your Account name or Account

number and the dates and specific times

for which you are requesting Service

Availability Credits.

U2Cloud will compare information

provided by you to the data referenced

in Section 2.2 above. A Service

Availability Credit will be issued only if

U2Cloud confirms from such data that a

Service Availability Credit is available.

U2Cloud will calculate the Service

Availability Credit based on the type

ofparticular Service for which Service

Availability was below the prescribed

level, the fees for the particularservice.

The limits and sole remedies regarding

Service Availability Credits total credits

under this SLA are set forth in Section

4 of thisService Level Agreement.

Wrongly reported faults reported outside

of business hours may be subject to a

$150.00 per hour fee.

3. TERMS & CONDITIONS.

To request a Recovery Credit, (a) your

Account must be in good standing with

U2Cloud, (b) you must open a Technical

Support Ticket. and (c) you must sendan

email or written Recovery Credit request

to the Billing Department at billing@

U2Cloud.com in the month immediately

following the month for which you are

requesting a Recovery Credit. Recovery

Credit requests must include your

Account name or Account number and

the dates and specific periods of lost

or corrupted Data for which you are

requesting the Recovery Credit.

U2Cloud will compare information

provided by you to the actual Data that

resides in your database. A Recovery

Credit is issued only if U2Cloud

confirms Data loss warranting the

Recovery Credit. If U2Cloud is unable to

restore the relevant Data within five (5)

business days of a valid Recovery Credit

request, you will receive amonthly

fee credit of 100%. The limits and sole

remedies regarding Recovery Credits

and total credits under this SLA are

set forth in Section 4 of this Service

Level Agreement.

4. TOTAL CREDIT LIMITS; SOLEAND

EXCLUSIVE REMEDIES.

4.1. Total Service Availability Credits. The

total Service Availability Credit due to

you for any Account may not exceed

50% of the monthly fees charged to that

Account during the month for which the

Service Availability Credit is to be issued,

unless the amount to be credited is

less than $1.00 in which case the credit

amount will be $1.00. Only one Service

Availability Credit is available in any

given calendar month. Notwithstanding

anything set forth in theAgreement or

this Service Level Agreement, the Service

Availability Credit described in Section

2 of this Service Level Agreement will

be your sole and exclusive remedy in

connection with any loss of Service

Availability as described in such section

or breach by U2Cloud of the Agreement

or this Service LevelAgreement.

4.2. Total Recovery Credits. The total

Recovery Credit due to you for any

Account may not exceed 100% of the

monthly fees charged to that Account

during the month for which the

Recovery Credit is to be issued. Only

one Recovery Credit is available in any

given month. Notwithstanding anything

set forth in the Agreement or this

Service Level Agreement, the Recovery

Credit described in Section 3 will be

your sole and exclusive remedy forany

Service Availability

6

99.0% to 99%

98.0% to 98.99%

95.0% to 97.99%

90.0% to 94.90%

89.90% or below

Amount of the refund as a percentage of monthly fee

for affected Service

3% of monthly feecredited

5% of monthly feecredited

10% of monthly feecredited

25% of monthly fee credited

2.5% credited for every 1% of lost availability up to the maximum

total penalty limit

losses arising from any Data loss as

described in such Section of this Service

Level Agreement.

4.3. Total Credit Limit. The total credits

that you may be issued with respect

to any calendar month, including the

aggregate of Service Availability Credits

and Recovery Credits, will not exceed

150% of the monthly fees charged to the

Account during the month for which all

such credits are issued.

4.4. No Refund. Credits are applicable

only toward use of the Service and are

not convertible into cash or any type

of refund.

5. TECHNICAL SUPPORT.

U2Cloud will use commercially

reasonable efforts to assist you, through

your authorized Account contacts,

with setting up and configuring your

Account, having access to the Services

and other issues related to the Services.

Only your authorized Accountcontacts

may request information, changes

or technical support pursuant to the

Agreement. For more information,

visit the technical support pageof

U2Cloud’s administrative control panel.

U2Cloud’s technical support response

time depends on the complexity of the

inquiry and support request volume.

6. MANAGEMENT.

6.1. Account Management Tools.

Through your authorized contacts,

you may manage your Account with

U2Cloud’s online management tools,

the administrative control panel and

end-user control panel. U2Cloud will

not be required to perform for you

any task that can be done through the

control panels.

6.2. Custom Configuration. Requests

for modification to the standard

configuration of the Services will be

considered on a case ¬by¬ case basis.

Approval of such modifications will be at

U2Cloud’s sole discretion. U2Cloud does

not guarantee any particular result from

non¬standard configurations nor can

it be held liable in any way for Service

performance changes or failures which

result from non¬standard configurations.

6.3. Additional Services. For tasks

that cannot be performed through

the administrative control panel,you

may request that U2Cloud perform

professional services on a time and

materials basis. The request will include

a detailed description of work and

the authorized amount of time, in

half hour increments, to perform the

work. U2Cloud may evaluate andrevise

the request (including the estimated

number of hours to perform the

work) and reserves the right, in its sole

discretion, to decline any request. Any

additional services will be performed

at U2Cloud’s standard published rates,

provided that any emergency services

that require commencement within 24

hours will be charged at1.5x U2Cloud’s

standard published rate. U2Cloud will

use commercially reasonable efforts to

perform requested additional services.

However, it does not guarantee any

particular result from performance

of additional services or make any

representations or warranties

regarding such additional services nor

can it be held liable in any way

(including for any credits) for Service

performance changes or failureswhich

result from performing tasksrequested

by you. U2Cloud may require a

separate agreement for any of these

additional services.

7. STORAGE CAPACITY; DATA

TRANSFER; SERVER RESOURCES.

Each Account is allotted storage

capacity and data transfer amounts

on U2Cloud’s serversaccording

to the Service and related options

selected by you. The servers may stop

accepting, processing, or delivering

Data, including e-mail messages, when

such set allotment or the purchased

limit is reached thus causing a loss of

Service Availability or Data loss. U2Cloud

will not be responsible forsuch loss

of Service Availability or Data losses,

and such loss of Service Availability

will be excluded from calculations

for Service Availability. The amount of

data stored affects client and server

performance. Large data storage may

respond slower to user requests or

cause client no responsiveness while the

data is processed. Unlimited capacity

allocation per plan is subject to technical

limitations of the software used to

access such capacity. U2Cloud does

not guarantee incoming and outgoing

mail delivery time. As a result, a delay

in incoming and outgoing mail delivery

time – regardless of the cause – is not

included in any calculation of Service

Availability. U2Cloud has no control

over software limitations imposed by

a software manufacturer. Data storage

capacity may not be used for

archiving services.

8. CERTAINLIMITATIONS.

There are numerous situations beyond

U2Cloud’s control and are therefore not

in the scope of this SLA.

8.1. Malicious Attacks. U2Cloud will do

everything in its power to stop any third

party “Denial of Service” attacks or other

forms of “disabling” attacks initiated

against your hosted virtual desktop

network or infrastructure.

7

8.2. Scheduled Maintenance. In order

to maintain performance and security

of the Services, U2Cloud performs

scheduled maintenance within its

published maintenance windows. This

may require specific Services to be

suspended during the maintenance

period. Loss of ServiceAvailability

due to scheduled maintenance will

notbe included in the calculation of

Service Availability. U2Cloud will use

commercially reasonable efforts to

notify you in advance of any scheduled

maintenance that may adversely affect

your use of the Services.

8

8.3. Emergency Maintenance. U2Cloud

may need to perform emergency

maintenance, including security patch

installation or hardware replacement.

U2Cloud will not be able to provide

you with advanced notice in case

of emergency maintenance. Loss of

Service Availability due to emergency

maintenance will be excluded from

calculations for Service Availability.

8.4 This SLA does not go into effect until

after Provisioning has been completed

(as described in the Provisioning section

of the Service Description)

8.5 Service unavailability caused by

events outside the reasonable control

ofU2Cloud, including failure or

unavailability of the Customer’ssystems,

the Internet, or any other service or

third-party used by Customer to use,

connect to, or access theService.

9. DATA RETENTION & RESTORATION.

U2Cloud will not be responsible

for retaining any of your Data after

termination of your Account. Your

Data will be deleted promptly after

your Account is terminated and from

backups during scheduled backup

rotation. U2Cloud will not restore,

provide onany storage media or send

out any Data pertaining to terminated

Accounts, unless specifically noted in a

customized service agreement. It is your

responsibility to back¬up and migrate

your Data prior to termination of your

Account or any other action which can

lead to deletion of any of your Data from

the Services.

10. ADDITIONAL SERVICELEVEL

AGREEMENTS.

In addition to the Availability SLA,

U2Cloud will meet to exceed the

following SLAs:

Operational Response Targets

Although U2Cloud strives to achieve

the below-listed operational response

targets with respect to Incident

Response Times and Service Requests,

failure to achieve these targets will

not give rise to any legal liability

for U2Cloud.

“Incident Response Times” is defined as

the elapsed time between submission

of an incident to U2Cloud and the

acceptance by a technician of an

assignment to address the incident.

“Service Requests” are defined as

requests for fee-based Services (for

example, the purchase of additional

seats). U2Cloud target completion of

these services at 5 business days.

“Severity Level 1” is defined as a problem

where the majority of End Users who

use the Service are severely affected

which severely affects the Customer’s

ability to conduct its businessoperations,

and there is no workaround for the

applicable problem.

“Severity Level 2” is defined as a problem

where the majority of End Users who

use the Service are affected which

moderately affects the Customer’s

ability to conduct itsbusiness operations

because performance is degraded or

functionality of the affecteditem

is limited.

“Severity Level 3” is defined as a problem

where a reasonably limited number

of End Users who use the Service are

affected and the effect on Customer’s

ability to conduct its businessis limited.

“Severity Level 4” is defined as a

problem where a single End User is

affected and the effect on Customer’s

ability to conduct itsbusiness operations

is limited.

Operational Response Targets

Incident

ResponseTimes

Severity Level 1 – 98% with 30 minutes

Severity Level 2 – 98% within 30 minutes

Severity Level 3 – 98% within 4 business hours

Service Requests Completion within five (5) business days or less.

Journey toa Secure Cloud

10

U2Cloud’s infrastructure was architected

to be one of the most secure and

flexible cloud computing environments

available. Maintaining a secure

infrastructure is one of the top concerns

of companies today. At U2Cloud,we

see security as a mutual responsibility.

U2Cloud has secured the underlying

infrastructure and you must secure

your users access and control.

This document summarizes the

numerous controls implemented within

U2Cloud, so customers can determine

if these capabilities and controls are

suitable for their unique requirements.

• Identity and Access Management

- Ensures that only properly

authenticated entities are allowed

access

• Integrity & Encryption - Used

internally within U2Cloud for

protecting control channels and is

provided for customers providing

rigorous data protection capabilities

• Availability & Isolation - Minimizes

interaction with data by keeping

appropriate containers logically or

physically separate

• Physical & Environmental Security

Identity & AccessManagement

U2Cloud enables more secure, identity-

based access to systems, applications,

and data both on premises and in

the cloud from virtually any location

or device. It enables use of a single

identity across an organization as well

as with partners’ networks, and provides

seamless, always-on connectivity,

management of organization identities,

credentials, information protection,

system and application settings.

Integrity

Secure Access – All of the services

provided by U2Cloud are delivered

over SSL. All communications between

U2Cloud’s internal components are

protected with SSL. In most cases,

the SSL certificates are self-signed.

Exceptions are for any certificates for

connections that could be accessed

from the Internet. Encryption of data

in storage and in transit is used to

align with best practices for ensuring

confidentiality and integrity of data.

Availability & Isolation

Beyond authenticating access to

data, simply keeping different data

appropriately segregated provides

well-recognized protection. U2Cloud

provides isolation at a number of levels,

as discussed below.

Isolation of Hypervisor, Root OS,

and Guest VMs

A critical boundary is the isolation

of the root VM from the guest

VMs and the guest VMs from one

another, managed by the hypervisor

and the root OS.

VLANIsolation

VLANs are used to isolate the

internal and management networks.

VLANs partition a network such

that no communication is possible

between VLANs without passing

through a router, which prevents

a compromised node from faking

traffic from outside itsVLAN and

it also cannot eavesdrop on traffic

that is not to or from its VLANs.

Isolation of Customer Access

The systems managing access

to customer environments (the

U2Cloud Portal) are isolated

within U2Cloud’s network. This

logically separates customer access

infrastructure from customer

applications and storage.

Packet Filtering

The hypervisor and the rootOS

provide network packet filters

that assure that the untrusted VMs

cannot generate spoofed traffic,

cannot receive traffic not addressed

to them, cannot direct traffic to

protected infrastructure endpoints,

and cannot send or receive

inappropriate broadcast traffic.

Physical & Environmental Security

U2Cloud’s data centers are state of the

art, utilizing innovative architectural and

engineering approaches. Data centers

are housed in nondescript facilities.

Physical access is strictly controlled

Exhibit 2:Security Statement forU2Cloud

both at the perimeter and at building

ingress points by professional security

staff utilizing video surveillance, intrusion

detection systems, and other electronic

means. Authorized staff must pass two-

factor authentication to access data

center floors. All visitors and contractors

are required to present identification and

are signed in and continually escorted

by authorized staff.

U2Cloud only provides data center

access and information to employees

and contractors who have a legitimate

business need for such privileges. When

an employee no longer has a business

need for these privileges, his or her

access is immediately revoked, even

if they continue to be an U2Cloud. All

physical access to data centers by

U2Cloud employees is logged and

audited routinely.

Fire Detection and Suppression

Automatic fire detection and

suppression equipment has been

installed to reduce risk. The fire

detection system utilizes smoke

detection sensors in all data center

environments, mechanical and

electrical infrastructure spaces,

chiller rooms and generator

equipment rooms.

Power

The data center electrical power

systems are designed to be fully

redundant and maintainable without

impact to operations, 24hours

a day, and seven days a week.

Uninterruptible Power Supply (UPS)

units provide back-up power in

the event of an electrical failure for

critical and essential loads in the

facility. Data centers use generators

to provide back-up power for the

entire facility.

Climate and Temperature

Climate control is required to

maintain a constant operating

temperature for servers and

other hardware, which prevents

overheating and reduces the

possibility of service outages. Data

centers are conditioned to maintain

atmospheric conditions at optimal

levels. Personnel and systems

monitor and control temperature

and humidity at appropriate levels.

Management

U2Cloud monitors electrical,

mechanical, and life support

systems and equipment so

that any issues are immediately

identified. Preventative maintenance

is performed to maintain the

continued operability of equipment.

The controls outlined in this Appendix

are designed to provide strong data

security safeguards that meet theneeds

of a typical user. They are not intended

or designed to address all industry

specific requirements that are driven

by regulatory requirements such as

HIPAA or PCI. Users with specific data

security requirements that exceed the

controls listed in this Appendix should

discuss alternative cloud solutions with

their U2Cloud representative. To the

extent U2Cloud receives or otherwise

has access to Customer’s “education

records” and “personally identifiable

information” contained in such records,

as such terms are defined in FERPA,

U2Cloud acknowledges that it is

subject to the requirements of 34 CFR

§99.33(a) governing the use and re-

disclosure of personally identifiable

information in education records.

Corporate Headquarters

Green Cove Springs, FL, USA

East Coast Data Center

Jacksonville, FL, USA

US Gov Development Center

Orlando, FL, USA

West Coast Data Center

Las Vegas, NV, USA

Central Data Center

Denver, CO, USA

About U2Cloud

U2Cloud enables users to access data from anywhere and at any time with the same experience you have come to expect from your office desktop or laptop. All your software, apps, data files and Email are securely operating in the Cloud. U2Cloud offers ultimate 24/7 portability and security, at reduced cost and increased productivity. No hassles software updates to download or maintain and simple to s ubscribe. A variety of service levels are offered - appropriately scaled to government, private sector enterprise and a wide array of indust ries. U2Cloud is operating globally from a growing number of North American facilities on the East coast, Midwest and West coast.

Copyright © 2017 U2 Cloud, LLC. All rights reserved. Other product and company names mentioned herein may be trademarks of their

respective companies.