Security Assessment

What We Actually Check

Having antivirus or a firewall does not mean your environment is secure. Configuration quality, access hygiene, and patch discipline matter more than the tools themselves. Our assessment examines the areas where real breaches happen:

• Active Directory and identity: admin accounts, group policy settings, password policies, stale accounts, privilege escalation paths
• Multi-factor authentication: MFA coverage across Microsoft 365, VPN, RDP, and admin portals — including gaps in conditional access policies
• Endpoint security posture: SentinelOne or existing EDR agent status, policy enforcement, detection rule updates, and device compliance
• Vulnerability scan results: Tenable-based scanning of internal and external assets — CVE severity scoring, missing patches, exposed services
• Firewall and perimeter: Fortinet or existing firewall rule review — unused rules, overly permissive policies, VPN configuration, NAT exposure
• Microsoft 365 security: Secure Score review, mailbox forwarding rules, app permissions, SharePoint/OneDrive sharing policies, audit logging status
• Backup security: access segregation, retention policies, immutability settings, recovery test records

How the Assessment Works

We follow a consistent 4-phase process aligned with NIST Cybersecurity Framework and CIS Controls principles:

1. Scoping and access. We define what systems, accounts, and network segments are in scope. You provide temporary read-only access or credentials — no agents are permanently installed during assessment.
2. Technical review. We run vulnerability scans (Tenable), review endpoint protection status (SentinelOne/Huntress), audit Active Directory, examine firewall rules (Fortinet/Cisco), and check M365 configuration. This typically takes 3–5 business days depending on environment size.
3. Analysis and prioritization. Findings are scored by severity and business impact — not every vulnerability is critical, and we separate the urgent from the routine so you can focus budget where it matters.
4. Report and walkthrough. You receive a written report with specific findings, affected systems, severity levels, and recommended fixes. We walk through the report with your team and answer questions before any work begins.

Common Findings We Uncover

After completing over 2,500 IT projects since 1999, we consistently see the same categories of risk — even in organizations that believe they are well-protected:

• Domain admin accounts used for daily work — a single compromised credential gives full network control
• MFA disabled on admin portals or VPN — often the entry point for ransomware attacks
• Firewalls with “allow all” outbound rules — malware exfiltrates data undetected
• Unpatched Windows servers running critical services — known CVEs with public exploits available
• Microsoft 365 mailbox forwarding rules to external addresses — active or dormant compromises
• Backup credentials stored on the same domain — ransomware encrypts backups along with production data
• Endpoint protection installed but not reporting or updating — no visibility when agents silently fail
• Legacy systems (Server 2012, Windows 10 EOL) on flat networks — no segmentation isolating vulnerable machines

If any of these sound familiar, an assessment will quantify the actual risk and show you what to fix first.

When You Should Run an Assessment

• After a security incident or close call — phishing success, unauthorized access, ransomware attempt
• Before or after infrastructure changes — server migration, firewall replacement, cloud adoption
• During compliance preparation — HIPAA, PCI-DSS, NIST 800-171, or cyber insurance applications
• After IT staff turnover — verifying what previous admins configured and what they left behind
• When switching IT providers — baseline audit before a new MSP takes over
• Annually as part of security hygiene — threat landscape changes; last year’s clean report doesn’t mean this year is safe

What You Receive

• Executive summary — overall risk posture, critical findings count, and top 3 priorities for leadership review
• Technical findings report — each issue documented with affected system, severity rating (Critical/High/Medium/Low), evidence, and specific remediation steps
• Vulnerability scan output — Tenable scan results with CVE references, patch status, and exposure timeline
• Microsoft 365 security review — Secure Score breakdown, conditional access gaps, mailbox audit findings
• Prioritized remediation roadmap — what to fix first, estimated effort, and dependencies between fixes
• Live walkthrough session — we review the report with your team, explain findings in plain language, and answer questions

Built for 10–250 User Environments

Our security assessments are designed for small and mid-sized businesses — typically 10 to 250 users — running a mix of on-premise servers, Microsoft 365, and line-of-business applications. We work with medical practices, legal offices, logistics companies, manufacturing facilities, and professional services firms across the New York metro area.

You don’t need an internal security team to get a thorough assessment. We handle the technical review, explain the results without unnecessary jargon, and help you decide which fixes to prioritize based on your actual risk — not a generic framework checklist.