EN
ESDon’t Take Our Word For It
A security company should be able to prove its own posture, not just describe it. The panels below are pulled live — from our own platform and from public DNS — every time you load this page.
Platform Build
checking…
The version of the BVTech edge platform serving this site right now, reported by the server itself.
Backup Verification
checking…
Our backups are verified daily and test-restored monthly. This date comes from our operations log, not from marketing copy.
Last Test Restore
checking…
A backup that has never been restored is a hope, not a backup. We restore real data on a schedule and log it.
Public DNS Proof — Checked From Your Browser
These checks run in your browser against public DNS the moment this page loads — the same checks our free Security Scoreboard runs on any business domain. We point the tool at ourselves.
📧 SPF
checking…
Tells the world which servers may send mail as bvtech.org, blocking basic spoofing.
🛡️ DMARC
checking…
Our enforcement policy for mail that fails authentication — the control that stops lookalike email.
🔏 DNSSEC
checking…
Cryptographic signing of our DNS zone so answers can’t be silently tampered with in transit.
We Run the Same Stack We Sell
Every control we recommend to clients runs inside BVTech first. This is the standing posture our practice operates under — and clients are welcome to ask us to evidence any line of it.
MFA on Every Account
Multi-factor authentication is enforced on every administrative and user account we hold — ours and the tenants we manage. No exceptions, no legacy auth.
EDR + 24/7 MDR
Every BVTech endpoint runs managed detection and response with around-the-clock SOC review — the same SentinelOne + Huntress pairing we deploy for clients.
3-2-1 Backups, Tested
Three copies, two media, one off-site, encrypted in transit and at rest. Verified daily, test-restored monthly, with results logged — see the live panel above.
Vaulted Credentials
All credentials live in an enterprise password manager with per-client vaults, breach watch, and a sealed break-glass procedure. Nothing in spreadsheets, ever.
Patching Cadence
Operating systems and third-party software on a defined patch schedule, with critical security updates expedited out-of-band when severity demands it.
Written Programs
A maintained Written Information Security Program, Incident Response Plan, and Disaster Recovery / Business Continuity Plan. Clients may review them under NDA.
Vendor Risk Tiering
Every vendor in our stack is classified Critical, High, or Standard and reviewed on a schedule. We hold our suppliers to the bar we hold ourselves to.
Verifiable Certificates
Every Academy certificate we issue is cryptographically signed and publicly checkable at our certificate verifier — proof you can hand to anyone.
Defined Breach Duty
Our client agreements commit to defined incident notification windows, including HIPAA Business Associate terms for healthcare clients. The duty is in writing before it’s ever needed.
Now Run the Same Checks on Your Business
Our free Security Scoreboard grades any domain on nine real controls in about ten seconds — no email required to see your score.