Security Essentials Pack

Lock down the basics—MFA, EDR, email security, awareness training, and backup immutability

Fixed Price

€5,500

Timeline

1–3 weeks

Ideal For

SMBs needing immediate security improvements

What's Included

MFA/SSO rollout (Azure AD, Google, Okta)
EDR deployment and monitoring
Email security hardening
Security awareness training
Immutable backups (ransomware protection)
Baseline security audit and report

What You Get

Week 1: Assessment & Quick Wins

Day 1-2: Security Audit

  • Current posture assessment
  • Identify critical gaps
  • Prioritize quick wins
  • Threat landscape briefing

Day 3-5: MFA & Email Security

  • MFA/SSO rollout (Azure AD, Google, or Okta)
    • Enforce MFA for all users
    • Conditional access policies
    • App registration and SSO setup
  • Email security hardening
    • SPF, DKIM, DMARC configuration
    • Anti-phishing policies
    • Safe Links and Safe Attachments (M365)
    • External sender warnings

Week 2: EDR & Backup Hardening

Day 6-8: EDR Deployment

  • Endpoint Detection & Response (EDR) rollout
    • Microsoft Defender for Endpoint, CrowdStrike, or SentinelOne
    • Policy configuration (block/alert rules)
    • Automated remediation setup
    • Dashboard and alerting

Day 9-10: Backup Immutability

  • Ransomware-resistant backups
    • Immutable snapshots (cannot be deleted for X days)
    • Object lock on cloud storage (S3, Azure Blob)
    • Offline backup copy verification
    • Restore test (verify backups work)

Week 3: Training & Monitoring

Day 11-12: Security Awareness Training

  • Phishing simulation (baseline test)
  • User training (1-hour session covering):
    • Spotting phishing emails
    • Password hygiene
    • MFA best practices
    • Reporting suspicious activity
  • Follow-up phishing test (measure improvement)

Day 13-15: Monitoring & Handover

  • Security monitoring dashboards
  • Incident response playbooks (P1-P4 scenarios)
  • Monthly security report template
  • Handover meeting and Q&A

What’s Included

MFA/SSO: Azure AD, Google, or Okta setup for all users
EDR: Endpoint protection with centralized monitoring
Email Security: SPF/DKIM/DMARC, anti-phishing policies
Awareness Training: Phishing simulation + 1-hour training session
Backup Hardening: Immutable snapshots + restore test
Security Audit: Baseline posture assessment
Incident Playbooks: Response procedures for common threats
30 Days Support: Post-engagement email/Slack support

What’s NOT Included

❌ EDR/SaaS subscription costs (you pay vendor directly)
❌ Ongoing security monitoring (available as separate retainer)
❌ Penetration testing or advanced threat hunting
❌ SIEM/SOC setup (overkill for most SMBs)

Assumptions

  • Team size: Up to 50 users
  • Existing setup: M365 or Google Workspace already in use
  • EDR platform: We configure your chosen EDR (or recommend one)
  • Backup system: Already in place (we harden it; don’t deploy from scratch)

For teams > 50 users or greenfield backup deployments, we’ll scope separately.

Timeline

1–3 weeks from kick-off to completion

  • Week 1: Assessment, MFA, email security
  • Week 2: EDR deployment, backup hardening
  • Week 3: Training, monitoring, handover

Success Metrics

✓ 100% of users have MFA enabled
✓ Email security score > 80% (Microsoft Secure Score or equivalent)
✓ EDR deployed on 100% of endpoints
✓ Backup restore test completes in < 2 hours (RTO)
✓ Phishing simulation pass rate improves by > 20%
✓ Zero unpatched critical vulnerabilities (P1/P2)

Pricing

€5,500 fixed price

Covers:

  • Security audit and gap analysis
  • MFA/SSO configuration
  • EDR deployment and policies
  • Email security hardening
  • Backup immutability setup
  • Security awareness training
  • Incident playbooks
  • 30 days post-engagement support

Add-ons (optional):

  • Quarterly phishing simulations: €300/quarter
  • Monthly security reports: €200/month
  • Security retainer (ongoing monitoring): Starting at €1,000/mo

Who This Is For

  • SMBs: 10–50 person teams with basic security gaps
  • Compliance-driven: Preparing for ISO 27001, SOC 2, or client audits
  • Post-breach: Had a scare (phishing, malware) and need to lock things down
  • Proactive teams: Want to prevent incidents before they happen

What Happens After?

After the 1–3 week engagement:

  • Your security posture is significantly improved
  • Users are trained and aware
  • Monitoring dashboards are live
  • We provide 30 days of support
  • Optional: Sign up for security retainer (monthly monitoring and quarterly reviews)

Common Add-Ons

  • Quarterly phishing simulations: Keep users sharp
  • Penetration testing: Annual pen test to find blind spots
  • Security retainer: Ongoing monitoring, patch management, quarterly reviews

Get Started

Ready to lock down the basics and sleep better at night?

Schedule a Security Assessment

Ready to Get Started?

Book a 30-minute call. We'll discuss your needs and confirm if this package is the right fit.

Book a Free Call View All Packages