$20,000 Labour Guarantee
🔐 Security Assessment & Risk Management
-
Initial Risk Assessment (vulnerabilities, threat landscape)
-
Asset Inventory (systems, devices, software)
-
Business Impact Analysis
-
Risk Register and Mitigation Plan
🛡️ Network Security Controls
-
Firewall Management (configuration, monitoring)
-
Intrusion Detection/Prevention Systems (IDS/IPS)
-
Secure VPNs and remote access controls
-
Segmentation of networks (e.g., VLANs, guest networks)
💾 Endpoint Protection
-
Antivirus / EDR (Endpoint Detection and Response)
-
Mobile Device Management (MDM) if relevant
-
Application Whitelisting / Control
-
Patch Management for OS and third-party apps
🧑💼 Identity & Access Management
-
Multi-Factor Authentication (MFA)
-
Role-Based Access Control (RBAC)
-
Password Policies (length, rotation, reuse)
-
Single Sign-On (SSO) / Federated Identity (if applicable)
📧 Email & Web Security
-
Spam Filtering and Phishing Protection
-
Attachment Sandboxing
-
URL Rewriting & Link Scanning
-
DMARC, DKIM, SPF configuration
🔍 Monitoring, Detection & Response
-
Security Information and Event Management (SIEM)
-
24/7 Automated Monitoring
-
Log Collection & Retention
-
Automated Alerts and Incident Ticketing
🔄 Backup & Disaster Recovery
-
Automated Backups (on-site and off-site/cloud)
-
Disaster Recovery Plan (DRP)
-
Regular Testing of restores and failovers
-
RPO/RTO Targets defined
📋 Security Policies & Training
-
Acceptable Use Policy (AUP)
-
Data Classification Policy
-
Remote Work Security Policy
-
End-User Awareness Training (phishing, password hygiene)
⚖️ Compliance & Regulatory Alignment
-
GDPR, HIPAA, ISO 27001, NIST CSF, or other relevant frameworks
-
Audit Support
-
Policy Documentation
-
Gap Analysis Reports
🔄 Ongoing Maintenance & Review
-
Quarterly Business Reviews (QBRs)
-
Vulnerability Scanning & Remediation
-
Policy Review and Update Cycle
Advanced Inclusions
-
Dark Web Monitoring
-
Threat Hunting
-
Deception Technology (honeypots, traps)
