Active advisory:
Windows Print Spooler vulnerability (CVE-2025-49722) affects Windows 10/11 & Server — patch now.
View all alerts →
✕
A
AL
IT
CONSULTING
Home
Services
About
Pricing
Contact
Client Portal
Threats
Client login
Get in touch
Home
Services
About
Pricing
Contact
Client Portal
Threat Alerts
Get in touch →
Free security assessment
How secure is your
business right now?
10 questions. 3 minutes. Instant score. No email required.
Question 1 of 10
Does every employee use a unique individual login — no shared passwords or accounts?
Yes, everyone has their own account
Individual accounts enforced
Mostly — a few shared accounts remain
Some shared logins still in use
No — we share accounts or passwords
Not sure
Next
Question 2 of 10
Is multi-factor authentication (MFA) enabled for email and cloud services like Microsoft 365?
Yes, MFA required for everyone
All users must verify with a second factor
Some users have it, not all
Partially rolled out
No, we just use passwords
Not sure
← Back
Next
Question 3 of 10
Do all computers have active endpoint protection — real-time threat detection beyond basic antivirus?
Yes — EDR/XDR on all devices
e.g. Sophos Intercept X, CrowdStrike
Basic antivirus only
Windows Defender or similar
Some devices, not all
Inconsistent coverage
Nothing / not sure
← Back
Next
Question 4 of 10
Are your systems and software regularly patched and updated?
Yes — automated patching in place
Patches deploy on schedule
Manually, when we remember
No automated process
Rarely or never
Updates ignored or delayed
Not sure
← Back
Next
Question 5 of 10
Do you have a business-grade firewall protecting your network?
Yes — a managed next-gen firewall
e.g. Sophos XGS, Fortinet
A basic router/firewall combo
Consumer or small business router
Just the ISP modem/router
No additional firewall
Not sure
← Back
Next
Question 6 of 10
Do you have an automated, offsite backup for your critical business data?
Yes — automated with offsite/cloud copy
e.g. Datto BCDR
Local backup only
No offsite or cloud copy
Backups exist but rarely tested
Haven't verified they work
No backup / not sure
← Back
Next
Question 7 of 10
Has your team received any security awareness training in the past 12 months?
Yes — formal training and phishing simulations
Informal guidance only
Some tips, no formal program
No training in the past year
Not sure
← Back
Next
Question 8 of 10
When an employee leaves, how quickly are their accounts disabled?
Same day — we have a process
Accounts disabled on last day
Within a few days
Usually within a week
It varies — sometimes weeks later
No formal process
← Back
Next
Question 9 of 10
Do you have a written incident response plan?
Yes — documented and reviewed annually
Rough notes, nothing formal
No written plan
Not sure
← Back
Next
Question 10 of 10
Is your IT environment actively monitored 24/7 by an MSP or internal IT team?
Yes — 24/7 monitoring
Someone checks in occasionally
No continuous monitoring
No monitoring — we find out when things break
Not sure
← Back
See my results
0
/ 100
Get a free consultation
Retake
Trusted technology partnerships
Atera
RMM
Sophos
Security
Datto
Backup
Microsoft
Cloud
Intermedia
VoIP