Perimeter
Managed firewalls, intrusion prevention, geo-fencing, and DNS filtering. The first filter — we treat it as the least reliable.
// SECURITY MODEL
DEFENCE. IN DEPTH.
Six independent control layers. Any one of them can be bypassed without exposing the data.
Assume breach
The starting assumption of every environment we operate is that the perimeter will be bypassed. Phishing succeeds. A laptop gets stolen. A vendor account leaks. The attacker is going to get past the first line. Our job is to make sure that does not turn into a breach.
We do that by building six independent control layers — each one valuable on its own, none of them load-bearing. An attacker who clears the perimeter still has to defeat identity. An attacker with valid credentials still has to defeat endpoint controls. An attacker with endpoint access still cannot reach segmented data. An attacker who reaches data still cannot encrypt the immutable backups.
// THE SIX LAYERS
EACH ONE INDEPENDENT.
Identity
Phishing-resistant MFA, conditional access, privileged-access workstations, just-in-time elevation. Most attacks start with stolen credentials; this layer is where they should stop.
Endpoint
EDR/XDR on every endpoint, with behaviour-based detections that do not need a signature update. Containment in minutes.
Network
VLAN segmentation, micro-segmentation for sensitive data, lateral-movement detection, and east-west traffic inspection. An attacker who lands cannot pivot freely.
Data
Encryption at rest and in transit, classification, DLP for the data classes that warrant it, and access reviews on a regular cadence. The data itself is the last gate.
Recovery
Immutable backups, multi-region replication, tested failover. The control that makes ransomware a recoverable event instead of a disclosure event.
Zero trust, applied
"Zero trust" is a much-abused phrase. The version we operate is concrete:
- No implicit trust based on network location. Being on the office LAN does not grant anything that being on a coffee-shop wifi would not.
- Identity is the perimeter. Every resource access is authenticated and authorised at request time, against the user's current risk signal — not a session token issued at login.
- Device posture is enforced. Compromised, out-of-date, or unmanaged devices are blocked from reaching sensitive resources, regardless of who is signed in.
- Least privilege by default, just-in-time elevation by exception. Standing admin access is rare; temporary elevation with logging is the norm.
The practical effect is that an attacker with stolen credentials, hitting from outside the network, on an unmanaged device, gets blocked before reaching anything sensitive — without anyone on our team having to react in real time.
// DETECTION & RESPONSE
WHAT HAPPENS WHEN SOMETHING TRIPS.
From alert to written post-incident review.
// MAP IT TO YOUR ENVIRONMENT
WANT A WALKTHROUGH OF YOUR CURRENT POSTURE?
A 90-minute review of your current security stack against this model — what is in place, what is missing, what to fix first. Written summary at the end. No obligation.