01 The Problem
A small accounting firm in Manhattan Beach was preparing for their annual cyber liability insurance renewal. The insurer's new requirements included endpoint detection and response (EDR), multi-factor authentication on all accounts, encrypted backups, and documented incident response procedures. The firm had none of these — they were running Windows Defender with no central management, shared a single admin password for QuickBooks, and their only backup was a USB drive in the owner's desk drawer.
02 Our Approach
We performed a full security assessment and deployed SentinelOne EDR across all 8 endpoints with centralized alerting. We configured Microsoft 365 Business Premium with Conditional Access and MFA for all users, migrated QuickBooks data to a properly permissioned file share, set up automated encrypted cloud backups with 90-day retention, and created a documented incident response plan. The entire rollout was completed in two on-site visits over one week.
03 The Result
The firm passed their cyber insurance audit on the first submission — the insurer noted it was one of the cleanest small-firm assessments they'd seen. The monthly managed IT cost ($1,100) is less than the premium increase they would have faced for non-compliance. Zero security incidents in the 4 months since deployment.