ClearGlass delivers fixed-scope cybersecurity, identity hardening, compliance readiness, and automation engagements that translate operational risk into measurable remediation, written findings, and immediate action plans.
We translate a posture question into a written engagement with a fixed price, a written remediation report, and prioritized implementation steps you can hand to a technical team the day we finish.
Every engagement is bounded by a written statement of work, a stated deliverable, and a quoted price. No hour creep, no surprise invoices, no open-ended retainers required to start.
Reports map findings to CIS controls and Microsoft baselines, name the configuration that needs to change, and rank remediation by exposure — not by what is easy to sell next.
Engagements are designed for Ontario small and mid-sized organizations, with PHIPA-aware tracks for health-sector clients and CASL-compliant outreach across every interaction.
Begin with a low-commitment posture review, move to a hardening sprint when you have decisions to make, and convert recurring work into automation when the scope stabilizes.
A 1–2 week engagement to reduce identity and endpoint exposure across Microsoft 365 / Entra ID and Windows, using CIS-aligned configuration baselines, privilege reduction, authentication hardening, and a prioritized remediation plan.
A low-commitment, read-only posture review that identifies the highest-risk configuration gaps, common identity weaknesses, and obvious exposure points, then delivers a branded findings report with clear next steps.
For Ontario health-sector organizations: a privacy and security readiness review mapped to PHIPA obligations, with practical remediation guidance, policy gaps, and an implementation roadmap. Free checklist available.
Monthly retainer to build and maintain PowerShell and workflow automation for reporting, onboarding and offboarding, alerting, backups, and repetitive security operations.
Every engagement runs on the same disciplined sequence: scoped intake, read-only assessment, written remediation, and optional implementation. You never sign more than the step in front of you.
A 30-minute scoped conversation to understand environment size, sector, regulatory exposure, and the decisions you actually need to make. No sales pitch, no upsell.
A non-disruptive posture review of Microsoft 365 / Entra ID, Windows endpoints, and identity configuration — producing a branded findings report and a ranked remediation list.
If you decide to act, a 1–2 week hardening sprint applies CIS-aligned baselines, tightens Conditional Access and MFA, reduces privileged roles, and delivers a written change record.
Once the scope stabilizes, repeating work — reporting, onboarding/offboarding, alerting, backups — moves to PowerShell and workflow automation on a monthly retainer.
Common questions from Ontario SMB and health-sector buyers. Anything not covered, raise it in the briefing.
Every engagement is quoted against a written statement of work that names the environment, the deliverable, and the price before work begins. We do not bill by the hour, we do not bill for "discovery" overruns, and we do not invoice surprises.
If new exposure emerges mid-engagement, we document it in the findings report and quote it as a separate, optional add-on — you decide whether to proceed.
No. The Security Quick-Audit is read-only and runs against a delegated, least-privilege role we can provision with you in the briefing. Nothing is changed in your tenant during assessment.
Write-access is only requested for the Hardening Sprint, and only after a written authorization scope has been signed.
Microsoft 365 and Windows work is aligned to the CIS Microsoft 365 Foundations Benchmark and CIS Windows benchmarks, with Microsoft Secure Score and Entra ID best-practice configuration as the operational reference.
Healthcare engagements are mapped to PHIPA obligations covering administrative, physical, and technical safeguards.
The practice is built for Ontario small and mid-sized organizations and Ontario health-sector clients, and outreach complies with Canada's Anti-Spam Legislation (CASL).
Engagements outside Ontario are accepted case-by-case and quoted in CAD.
Every engagement produces a written, branded findings document: scope, methodology, findings ranked by exposure, concrete remediation steps, and a change log when remediation is performed.
You own the document. You can hand it to internal IT, a board, an auditor, or a future provider.
A briefing can usually be scheduled within 2–3 business days. A Security Quick-Audit typically completes within 3–5 business days of scoped intake. A Hardening Sprint typically runs 1–2 weeks depending on tenant size.
A mission-defined qualification agent trained on ClearGlass's fixed-scope methodology. Describe your environment in plain language — the agent scopes the right engagement, drafts a structured handoff, and routes to the ClearGlass team for written authorization.
Premium, technically credible, Ontario-focused. Speaks the exact voice of the service-page copy. Never speculates, never invents pricing, never sells outside the four fixed-scope offerings. Built for SMB owners and compliance leads who want a written deliverable and a clear next step.
A 30-minute scoped conversation — no pitch, no obligation — to determine which engagement actually fits the decision you need to make.