Tax Consultancy · 8 employees
3 daysBackups configured but never verified. We detected that 4 months of backups were corrupted.
Reconfigured encrypted backups with automatic weekly recovery checks. Tested disaster recovery plan.
// cybersecurity · smes
IT security audits starting at €55. We detect real threats and deliver a written, actionable plan in 5 days.
Confidential service · NDA available · Report in 5 days · Remote across Spain
// industry data
If your business hasn't experienced a security breach yet, it is a matter of time. The question is whether you will be prepared.
of small businesses experience a security incident yearly
INCIBE 2024average cost of a ransomware attack on an SME
Hiscox 2024of cyber attacks start with a phishing email
Verizon DBIRaverage time taken to detect a system intrusion
IBM Security// scope
Complete coverage of critical points for a modern business. No generic templates, no useless data dumping.
Centralized password managers, mandatory multi-factor auth (MFA), role-based permissions, and secure offboarding of former employees.
We verify real recoveries (not just backup logs). Encrypted files, the 3-2-1 backup rule, and a fully tested disaster recovery plan.
Centralized endpoint protection with real-time status alerts. Behavioral analysis EDR for active threat detection.
Properly configured SPF, DKIM, and DMARC records. Advanced anti-phishing filters and security coaching for the team.
Cloudflare Web Application Firewall (WAF), forced SSL redirection, software patching, suspicious logs monitoring, and rate limiting.
Privacy policy checks, cookie consent mechanisms, processor agreements, and automated consent record-keeping.
Complete segregation of guest and corporate networks, WPA3 encryption, and VLAN segmentation where applicable.
Basic MDM policies, BYOD security rules, local disk encryption, and remote data wipe capabilities in case of device loss.
Active scanning to identify what sensitive business information or credentials are publicly leaked and exposed on the web.
// case studies
Data modified for confidentiality. These are the security risks we typically find and resolve.
Backups configured but never verified. We detected that 4 months of backups were corrupted.
Reconfigured encrypted backups with automatic weekly recovery checks. Tested disaster recovery plan.
Recent phishing attack with provider identity theft. Missing SPF/DKIM/DMARC email configurations.
Full configuration of secure email authentication records. Team anti-phishing coaching. Advanced spam filters.
// how it works
5 days from briefing to delivered report. No surprises with deadlines.
30-minute kick-off call. Review credentials scope, remote access setups, and deliver technical questionnaire.
Deep analysis of the 9 areas. Non-invasive vulnerability scans. OSINT external leak check.
Written report detailing prioritized findings (Red/Yellow/Green) and actionable recommendations.
Report delivered via encrypted email. 45-minute session to review findings and outline action plan.
// tools
Industry-standard tools, no obscure black boxes. I explain exactly what we run.
// plans
Start with a security audit if you want to identify where your vulnerabilities lie. Upgrade to a monthly plan for ongoing protection.
€55
Complete diagnosis with no long-term commitment
from €80/mo
Continuous peace of mind for your SME
custom quote
For businesses with 10+ devices
// doubts
Between 3-5 business days. We work remotely without affecting your daily operations. We deliver a written report via encrypted email followed by a review session.
Yes. We sign an NDA before starting if required. All data collected is encrypted and fully deleted upon closing the project (with proof of destruction).
We call you immediately (we do not wait for the report). The report prioritizes tasks: Red (0-7 days, urgent patches), Yellow (30 days), Green (continuous improvement).
No. The one-off audit of €55 is completely independent. The monthly plan is optional, has no setup fees, and can be cancelled at any time with 30 days' notice.
Yes. For sectors with specific privacy regulations (GDPR/LOPDGDD) we tailor our audits. A signed NDA is mandatory.
I perform an independent external audit — a second opinion on what you already have. This is highly useful precisely because I did not configure the systems myself.
Book a free 15-minute call. If I detect a critical active breach, I will alert you immediately.
No lock-in · No hidden costs · Direct contact