MFA Everywhere
Multi-factor authentication is enforced on all systems that support it.
Trust Center
How CyberConnect protects systems, handles data, and responds when incidents happen.
Security Practices
3-2-1 Backups
Critical data follows 3-2-1 backup strategy with verified recovery paths.
Closed Exposure
Unneeded endpoint services and exposed ports are closed by default.
Weekly Patching
Patch cycles run weekly with priority handling for high-severity issues.
Incident Workflow
Triage → contain/minimize risk → restore from backups → validate recovery.
Data Handling
Direct Access Only
Client data access is handled directly by Dorian Balogh (bonded, Level 2 security guard).
No Unapproved Copies
Data is kept private and never copied to other devices without explicit permission.
30-Day Retention
If copying is approved, retained data is held for a maximum of 30 days.
14-Day Sensitive Limit
For regulated/medical-sensitive contexts, retained data is limited to 14 days.
Shorter on Request
Retention windows can be shortened further by written client request.
Response Commitments
24 hours
Emergency response target for active incidents.
48 hours
General request and non-emergency response target.
Tooling Stack
Security + Management
Wazuh, FleetDM, and MeshCentral for monitoring, deployment, and remote management.
Backups
Native macOS backup tooling on Apple systems, Restic for other systems and repositories, plus Gitea for private software development history.
Monitoring
Prometheus + Grafana + Uptime Kuma (self-hosted) plus Ubiquiti hardware telemetry for network visibility.
Secrets Management
Self-hosted Bitwarden for password and 2FA storage, plus retention policy for investigations.
Asset Management
Snipe-IT for asset tracking and deployment lifecycle visibility.
Responsible AI Usage
Self-hosted Open-WebUI and LM Studio with custom workspaces so data never leaves site.
Compliance & Governance Alignment
GDPR + HIPAA
Supports GDPR and HIPAA/HIPPA-conscious workflows when required by clients.
PIPEDA + PCI DSS
Aligns to PIPEDA (Canada) and PCI DSS baselines for payment-adjacent environments.
CIS Controls
Uses CIS Controls as a practical hardening baseline for SMB environments.
Client Mapping
Policies and technical controls can be mapped per client scope during onboarding.
Business Continuity
Restore Validation
Weekly restore spot-checks and monthly full restore drills for critical systems.
RPO/RTO Targets
Continuity objectives defined by system priority (critical, important, non-critical).
Quarterly Reviews
Backup scope, recovery sequence, and single points of failure reviewed quarterly.
Annual Simulation
Tabletop incident simulation with clear communication and ownership paths.
Contact for Security Concerns
Use the Incident Path
For urgent containment support, use the priority incident contact section.
Share What Happened
Include what was observed, when it started, and what systems are impacted.
Encrypted Response
For sensitive disclosures, request an encrypted response path in your first message.
Need these standards implemented in your environment now?
Request a Security Implementation Plan