Security Foundations

Strengthen your business with a proven security foundation

BrightShield helps you establish the core protections every small business needs. From safer accounts and devices to practical policies and secure daily routines.

How it works

Strengthen your core systems

We help you secure the tools your business relies on by improving key settings and reducing the ways attackers can get in.

Secure your accounts, apps, and devices

We strengthen the tools your team uses every day by tightening access, improving login protection, and securing the devices where your business data lives.

Stronger account security

We remove unused or risky accounts, reduce unnecessary access, and strengthen login protection including multi-factor authentication where needed.

Safer business apps and connected tools

Important apps like Xero, Dropbox, Google Drive, and other data-holding systems are reviewed and updated with safer access, sharing, and connection settings.

Secure laptops, desktops, and mobile devices

We help ensure your devices use updated software, encryption, and safer settings, making them much harder for attackers to compromise.
Illustration representing financial protection

Build secure, reliable policies & practices

We put the right policies, workflows, and resilience measures in place so your security stays strong long after the improvements are complete.
FAQs

Frequently Asked Questions

What does Security Foundations include?

Security Foundations focuses on fixing the issues identified in your Security Audit and putting the essential protections in place. This includes improving the setup of your website, email, domain, and cloud platforms; securing accounts, devices, and business apps; and building the policies and day-to-day practices your business needs to stay safe.

How is this different from the Security Audit?

The Security Audit shows you where your risks are and what to focus on. Security Foundations is where we help you fix those issues, improve your systems, and set up the core security measures every small business needs.

Think of it as the step that turns your audit findings into real, lasting protection.

Do I need to complete a Security Audit first?

Yes. The audit gives us a clear picture of your current security posture and ensures that the work we do in Security Foundations is tailored to your systems, your risks, and how your business operates.

How do you help fix the issues found in my audit?

We work with you to improve the key settings, access controls, configurations, and practices highlighted in your audit. You stay in control throughout the process, and we guide you through what needs to change and why, without technical complexity or disruption.

What types of improvements will you make to my systems?

Security Foundations focuses on strengthening the systems your business uses every day. Based on your audit results, we help you fix unsafe settings, reduce unnecessary access, and put safer defaults in place across your core tools. This typically includes:

Your business website
We address issues like missing security certificates, unsafe configuration settings, and accidental exposure of information. Our goal is to ensure your website is using secure connections and isn’t leaking anything publicly that shouldn’t be visible.

Email security and delivery settings
We help you correct the settings that protect your email from impersonation and spoofing. This includes improving the way your messages are verified, fixing deliverability problems, and ensuring attackers can’t easily pretend to be you.

Domain and DNS configuration
We review the key records behind your domain name to make sure they’re safe, current, and set up properly. We also help you secure your domain registration details so no one can hijack, redirect, or tamper with it.

Your main cloud platforms
For tools like Microsoft 365 or Google Workspace, we help you:

  • tighten sharing settings
  • remove risky or unnecessary access
  • improve admin privileges
  • strengthen login protection
  • correct unsafe or outdated configurations

These improvements significantly reduce the chance of someone gaining unauthorised access.

Cloud-based business apps that store important data
If you use tools like Xero, Dropbox, Google Drive, or similar apps, we help ensure:

  • access is limited to the right people
  • sharing links aren’t open too widely
  • login protection is strong
  • old or unused connections are removed

This reduces the risk of accidental data exposure or unauthorised access.

Laptops, desktops, and mobile devices
We help ensure your devices use safer settings, are running up-to-date software, and have basic protections like encryption enabled. These improvements make your devices far harder to compromise.

Exposure from past data breaches
If any of your accounts or email addresses have been part of known leaks, we help you take the right steps to secure them and prevent attackers from using old credentials to break in.

Public file-sharing and visibility risks
We help you lock down shared folders and files that may have been set to “anyone with the link” or otherwise exposed. This is one of the most common, and preventable, risks we see.

Connected apps and integrations
We review the apps connected to your core platforms and remove outdated, unused, or overly permissive integrations. This reduces hidden pathways attackers could use to gain access.

Inactive or leftover accounts
We help you identify and remove accounts belonging to former staff, contractors, or old tools that still have access to your systems — a frequent source of security risk in small businesses.

Overall, the improvements you receive depend on your audit results and the systems you use, but the goal is always the same: a safer, cleaner, more secure setup that reduces your real-world risk.

How much time will this take from me or my team?

Very little. Most of the work is done by our team behind the scenes. When we need to review or update settings together, we use brief, guided screen-sharing sessions so you remain fully in control without needing technical knowledge.

Will you need access to my systems?

Most improvements are completed through short, guided screen-sharing sessions where you control what is shown and nothing is changed without your approval. For some tasks, you may choose to provide limited, temporary access, but this is completely optional.

Can you help us roll out multi-factor authentication and safer access?

Yes. We guide you through improving login security, reducing unnecessary permissions, removing old accounts, and enabling multi-factor authentication for the accounts that matter most.

What policies will you provide or help us set up?

We help you create or refine practical, ready-to-use policies such as:

  • Acceptable Use
  • Password & Authentication
  • Remote Work
  • Device Security
  • Basic Data Protection Practices

Every policy can be tailored to your business and is written in approachable, plain language.

Do you help with onboarding/offboarding and other internal processes?

Yes. We help you establish simple, secure processes for:

  • onboarding new staff
  • removing access when people leave
  • reviewing vendors and supply chain risks
  • verifying payment or banking changes to prevent fraud

These everyday practices significantly reduce your exposure to common attacks.

Can you help us prevent payment fraud or impostor scams?

Yes. We help you set up straightforward verification steps for payment changes, invoice alterations, and new supplier requests. These simple measures will stop the majority of financial fraud attempts targeting small businesses.

For ongoing protection, our Security Watch service can keep you informed about new scam tactics and alert you when something changes, helping those safeguards stay effective over time.

Do you help with disaster recovery or incident response planning?

We help you put the foundational pieces in place: key contacts, basic response workflows, essential recovery steps, and guidance on what to do if something goes wrong. This gives your business a more resilient starting point without needing a full enterprise plan.

How long does the Security Foundations process take?

Most businesses complete the foundational work within a few weeks, depending on the number of systems involved and how quickly screen-sharing sessions can be scheduled. We work at your pace and keep the process as smooth and efficient as possible.

What kind of support do we get during the process?

You’ll have direct support from our team throughout. We guide you through each improvement, answer questions along the way, and make sure every change is clear, safe, and aligned with your business.

What happens once the foundational work is complete?

Once your core systems, accounts, and processes are in good shape, you can choose to subscribe to our cost-effective Security Watch service, where we alert you to new risks, emerging threats, and important changes that need attention.

Or you can simply maintain the improvements yourself with confidence.

Explore other BrightShield services

Security Audit

A complete, tailored review of your systems, settings, and accounts, with clear findings and a practical plan to strengthen your security.
Learn more

Security Watch

We monitor your systems, devices, and accounts, notifying you of risky changes, new scams, and relevant vulnerabilities to help keep your business secure.
Learn more
Let's Talk

Ready to strengthen your security foundation?

Get in touch with our team to talk through Security Foundations tailored to your business.

Book a Call