How It Works

Five steps from identifying a risk to having it managed.

Everything MJM does follows the same path: find the gaps, fix the ones that matter, then keep them closed. Here's exactly what that looks like.

STEP 01Identify

Recognise the risks that apply to your business

Most UK businesses have at least one of three active security risks: network and firewall gaps that haven't been reviewed since installation, ransomware exposure from backups that either don't exist or have never been tested, or Shadow AI — staff using ChatGPT, Gemini, and other external tools with business data, often without any policy or oversight.

You don't need to know which of these applies to you before booking the review. That's exactly what the review is for.

Network & Firewall Gaps

Firewall rules, wireless access points, perimeter security

Ransomware & No Recovery

Backup independence, tested recovery, defined RTO

Shadow AI

Unauthorised tools, data leakage, AI usage policy

STEP 02Review

Book your free security review — we do the work

Fill in a short form telling us about your environment. If you're comfortable giving us read-only access to your systems (Microsoft 365 tenant or on-premises environment), we can conduct a deeper, more thorough review.

There is no live session. No video call where you have to scramble to find answers. We review your environment independently, on our side, in our own time — and we come back to you with the findings.

Option A — Questionnaire

Answer questions about your setup. Takes 10 minutes. Good starting point if you're not ready to share access.

Option B — Read-only access

Give us read-only access to your M365 tenant or on-premises environment. We review live configuration, not just your answers.

We do the rest

No preparation needed. No live session. We review independently and come back to you.

Book your free review

STEP 03Report

Receive your scored report — within 5 business days

Within 5 business days of completing your review, you receive a written report scored out of 175. Every finding is explained in plain English — not technical jargon — and prioritised by risk level so you know exactly what needs attention first.

The report is yours to keep regardless of what you decide to do next. If your posture is strong, we'll tell you that directly. There is no pitch. No pressure. Just a clear picture of where you stand.

Scored out of 175

Every control assessed, scored, and explained

Risk-prioritised

Findings ranked by severity — you know what to fix first

Yours to keep

No obligation to proceed. The report is always yours.

STEP 04Fix

Fix the gaps — one-off project, fixed price

If your report shows gaps worth fixing, we scope a one-off remediation project based directly on the findings. You receive a fixed price before any work starts — no hourly billing, no surprise invoices.

We fix exactly what the report found. Firewall rules reviewed and hardened. Backup configured and tested. Shadow AI discovered, policy written, Copilot deployed properly. The scope is driven by your report, not a generic package.

Network hardening

Firewall and wireless configuration corrected and documented

Backup & recovery

Independent backup configured, tested, and verified

Shadow AI remediation

AI tool discovery, policy creation, Copilot deployment

STEP 05Protect

Stay protected — ongoing managed security

Once the gaps identified in your report are closed, the next step is making sure they stay closed — and that new ones are caught before they matter. Our ongoing managed security service monitors your environment continuously, reviews your posture monthly, and manages the IT and network layer underneath.

Everything under one provider. No gaps between your IT support, your network, and your security.

24/7 EDR monitoring

Endpoint detection and response — threats caught before they spread

Monthly security review

Written review of posture, changes, and open items every month

Starters & leavers

Accounts created and revoked same day, with audit trail

See our services

Common Questions

Straight answers.

How long does the review take?

The questionnaire takes about 10 minutes to complete. If you provide read-only access, you don't need to do anything further — we conduct the review on our side. You receive your scored report within 5 business days.

Is the review really free?

Yes. There is no cost, no obligation, and no requirement to proceed with any paid service. The report is yours regardless of what you decide.

What does "read-only access" mean — can you change anything?

No. Read-only access means we can view configuration settings, account states, and security controls — but we cannot make any changes to your environment. Every access action is logged in your system's own audit trail.

We already have an IT provider. Is the review still worth doing?

Yes — in most cases, it's more valuable if you have an existing IT provider. General IT support and active security management are different things. The review gives you an independent view of your security posture, separate from your day-to-day IT relationship.

What if the report shows no significant gaps?

We'll tell you that directly and explain what's keeping your posture strong. A clean report is a good result. You'll leave knowing where you stand — which is the point.

Is there a contract for the ongoing managed service?

Our managed security service is a monthly agreement. There is no long minimum term commitment. If the service isn't working for you, you can give notice and we'll wind down cleanly.

Ready to start at step one?

The free security review takes 10 minutes on your side. We do the rest and send your report within 5 business days.

Get your free security review