Home / Services / Sample Report

Monthly Deliverable

This is what lands in your inbox every month

Every Bulwark client receives a written security report on the 1st of each month. Here is exactly what it looks like.

Sample report — Example Ltd · March 2026 · This is example data

0 out of 215
Client
Example Ltd
Period
March 2026
Users
12
Devices
14
Trend
↑ 12 pts
46 /50
Identity & Access
55 /55
Email Security
45 /55
Data Governance
36 /55
Device Management
Identity & Access — 46 / 50
MFA enforced — 12/12 users compliant
10 / 10
Password policy — strong, 90-day expiry
10 / 10
Admin roles — 1 super admin (correct)
10 / 10
0 inactive accounts (>90 days)
10 / 10
Less secure app access — 2 users have legacy app exceptions
6 / 10
Email Security — 55 / 55
SPF — hard fail (-all) configured correctly
11 / 11
DKIM — google selector verified and passing
11 / 11
DMARC — reject policy, aggregate reports to Bulwark
11 / 11
No suspicious forwarding rules detected
11 / 11
Gmail safety settings — enhanced pre-delivery scanning on
11 / 11
Data Governance — 45 / 55
External sharing — restricted to domain allowlist
11 / 11
Shared Drive permissions — correctly scoped
11 / 11
Google Groups — 1 group allows external posting
6 / 11
Marketplace apps — 3 approved, no unrestricted access
11 / 11
Data regions — not configured (recommended for regulated clients)
6 / 11
Device Management — 36 / 55
Mobile Device Management — enabled and enforced
11 / 11
Endpoint protection — deployed on 12/14 devices
11 / 11
OS patch compliance — 1 MacBook pending macOS 15.3.1
6 / 11
Screen lock — 2 mobile devices have no PIN requirement
2 / 11
Remote wipe — confirmed for managed devices only (2 BYOD unmanaged)
6 / 11

Recommended actions this month

HIGH

Enforce screen lock PIN on 2 mobile devices. These devices can access company email and files without a lock screen. Bulwark can push this policy remotely — no action needed from the users.

MED

Revoke less secure app access for 2 users. Legacy apps are using basic authentication. Bulwark will contact both users to migrate to OAuth-compatible alternatives.

MED

Restrict external posting on the "general" Google Group. Currently anyone outside the company can send email to this group address.

Every Bulwark client receives this report as a 4-page PDF on the 1st of each month. The report covers 20 checks across 4 categories, scored out of 215, with every finding explained in plain English and clear priorities for what to address.

Want to see your own score?

The first audit is free. 45 minutes, 20 checks, written report. No obligation.

Book your free audit