Home / Services
Start with the audit — it's free and tells you exactly where your biggest risks are. From there, GetBulwark fixes the immediate gaps, then works through every remaining control at the pace your environment requires. If you are not on Google Workspace yet, start with the free IT Health Check. Pricing is confirmed after the discovery call — never before.
The average first audit score is 97 out of 215. The gaps are usually the same: MFA not enforced, ex-employees still active, DMARC missing, sharing too open, no backup outside Google. The audit takes 45 minutes, conducts a 20-point manual review across identity, email, data, and devices, and delivers a scored PDF within 48 hours. The report is yours whether you use GetBulwark or not.
STEP 01
GetBulwark reviews your Admin Console live and conducts a 20-point manual review across identity governance, email authentication, data access controls, and device compliance. No preparation needed.
STEP 02
Within 48 hours: a PDF scored out of 215. Every finding explained in plain English, prioritised by risk. Clear next steps for each gap.
STEP 03
Fix things yourself. Ask GetBulwark to handle it. Do nothing. Every outcome is fine. The report — and the documented evidence of what was found — is yours regardless.
This is what lands in your inbox within 48 hours — every finding scored, explained in plain English, prioritised by risk.
Not ready for a monthly retainer? Most clients start here.
One fixed fee. No ongoing obligation. We take the audit findings and fix everything — MFA enforced on every account, DMARC at reject, sharing tightened, ex-employee access removed, backup configured, devices protected. The project closes with a full re-run audit showing the before and after score in writing. You keep that report regardless of what you decide next.
If the work is good, we'll talk about what ongoing management looks like. If it isn't, you've at least hardened your environment and learned something important about who not to trust with your security. Usually 5 to 10 working days.
The before and after scores are documented in writing and delivered to you at project close. The work is verifiable. There is nothing to hide behind.
50% on project start. 50% on delivery of the re-run audit report. Fixed price — no scope creep, no hourly billing.
The fixed price is confirmed after the audit — never before. Complexity of findings, account count, and device scope all inform the final number. There is no surprise on delivery.
Typical starting point
Smaller teams, focused findings — most common first engagement
From £750 excl. VAT
Larger or complex environments
More accounts, devices, Drive exposure, or legacy configuration
Scoped after audit
The free audit tells you exactly what needs fixing. The hardening quote follows directly from the findings — no upsell, no padding.
Managed Monthly Credit
You paid to harden your environment. If you decide you also want someone to maintain it, the cost already paid comes with you. Example: 10 users — £750 for hardening, £850/month managed. Start within 30 days and that £750 is gone from your first invoice.
Payment terms
50% on project start. 50% on delivery of the re-run audit report. Fixed price — no scope creep, no hourly billing.
Book the free manual review firstThe hardening project has no prerequisites and no strings attached. It stands alone as a fixed-price engagement. But if after the re-run audit you decide you want ongoing management — a lot of clients do — the transition is straightforward and the cost already paid comes with you. Start with the free manual review →
One named specialist. One transparent monthly rate. Every month: your Workspace is reviewed, leavers are processed same day, starters are live within 24 hours, and a written report lands in your inbox. Every device is monitored around the clock. Every account is backed up with a recoverable copy outside Google. Security stops being the task that gets ignored because nobody owns it.
Custom Hardening Roadmap
The discovery call maps your current environment — what's broken, what's exposed, what's already working. From that, GetBulwark builds a prioritised hardening roadmap: fix the fires first, then close every remaining control over a defined timeline. The monthly price reflects where you actually are, not where you need to be eventually.
Without GetBulwark
With GetBulwark
One stack. Every client. The same destination.
We start by fixing what's on fire: DNS/DMARC, backup, access control. Then we work through every remaining gap — every device monitored 24/7, every account backed up outside Google, the same 20 controls reviewed every month. One destination, no half-built versions, no tiers.Security
Administration
Starting from
From £85/user/month
excl. VAT · Full stack included — EDR, backup, monthly review · Pricing confirmed on discovery call
10 users = from £850/month
Less than a single day of contractor rates — for a full month of security monitoring, documented reviews, and a named specialist who actually owns thisThe discovery call scopes your environment and confirms the monthly figure before anything starts. No surprises, no lock-in before you've seen the numbers. See a sample audit report →
A complete Google Workspace setup or migration, built properly from day one. Whether you are coming from Microsoft 365, basic hosting, personal Gmail, or an old Workspace setup nobody ever locked down. MFA, email authentication, access governance, endpoint monitoring, and backup are configured before you go live.
Foundation
Migration
Security
Handover
Fixed project price
from £2,500
excl. VAT · Fixed price confirmed after discovery call
Typical timeline: 3 to 5 weeks. Zero downtime on email. The price is agreed before work begins.
Book the free manual review firstNot sure if Google Workspace is the right move? Read the honest comparison → or scope the migration →
Most clients follow with
Managed Monthly Support
The Foundation project gets the environment built properly. Managed Monthly keeps it maintained, monitored, and documented after launch.
Not on Google Workspace or Microsoft 365? Still running on personal Gmail, local laptops, Dropbox, or a mix of everything? A structured 30-minute conversation that maps exactly where your business stands — and what a proper setup would look like.
Q1
If the answer involves manually emailing passwords and hoping for the best, you have an access problem. Ex-employees retaining access to client files, email, and shared tools is the most common finding — and the most avoidable.
Q2
On a laptop? In a Dropbox account tied to someone's personal email? In a shared folder nobody's cleaned out in three years? If the laptop walks out the door tomorrow, what's gone with it.
Q3
If the answer is @gmail.com addresses, there is no admin control, no central management, and no way to recover anything if someone leaves. A professional email setup on your own domain fixes this.
15 questions · 165 points · What happens after
Proper business email on your domain. All files migrated to Google Drive. Security configured from day one. Team trained. Everything documented. Businesses without a proper security baseline typically score 15–45 out of 165 — the Health Check tells you exactly where you are.
Project from
£2,500
excl. VAT
Every managed client gets the same security stack. But the risks that keep founders awake are industry-specific. These pages show exactly how GetBulwark's approach maps to the threats your sector faces.
Start with the free audit. It costs nothing, takes 45 minutes, and gives you a clear picture of where you stand — regardless of what you decide to do next.