Managed hosting · Security · Compliance

One missed setting
can sink
a small business.

We watch sixteen of them. Every day. On every domain we manage. So the breach, the audit, and the insurance denial never become your problem.

Book a 20-minute call → Scan your domain →
Trusted by

HALLOWAY · CPA    MERIDIAN LAW    WESTBROOK MD    TIDEMARK INS.    COVE FINANCIAL

LIVE · 16-POINT SECURITY CHECK FREE · NO SIGNUP
https://
OVERALL SCORE
72/100
NEEDS ATTENTION
FINDINGS
11 passed 3 warnings 2 failed
SCANNED 0.42s AGO
DNSSEC PASS
SSL / TLS PASS
HSTS WARN
SPF PASS
DKIM PASS
DMARC WARN
MTA-STS FAIL
TLS-RPT FAIL
+ 8 more checks PASS
We’d fix all of this within 48 hours of onboarding. Get the report →
43%

of cyberattacks target small businesses

Verizon DBIR 2024
$254K

average cost of an SMB breach in 2025

IBM Security
60%

of breached SMBs close within six months

U.S. National Cybersec. Alliance
1 in 3

cyber-insurance claims are denied for missing controls

Marsh McLennan
The work, itemized

Sixteen checks.
Most providers ignore the rest.

Every domain we manage is swept daily across five categories. If a setting drifts, we fix it before you notice — and before your insurer does.

PASS WARN FAIL

DNS & Domain

2 CHECKS
DNSSEC Domain Name System Security Extensions
RPKI Resource Public Key Infrastructure

Certificates & Transport

4 CHECKS
SSL / TLS Strength Certificate & cipher evaluation
Enhanced HTTPS HSTS, preload, redirect chain
Enhanced TLS Config Protocol versions & cipher suites
Certificate Validation Expiry, chain, transparency logs

Email Authentication

5 CHECKS
SPF Sender Policy Framework
DKIM DomainKeys Identified Mail
DMARC Domain-based Message Authentication
MTA-STS Mail Transfer Agent Strict Transport
TLS-RPT SMTP TLS Reporting

Headers & Application

3 CHECKS
Security Headers CSP, X-Frame, X-Content-Type
WordPress Detection Version, plugin & theme audit
Website Scanning Malware, blocklist, defacement

Infrastructure

2 CHECKS
IP Reputation & Abuse Blocklists, abuse contacts, history
IPv6 Readiness AAAA record & dual-stack support
Mara Klein
SENIOR ACCOUNT ENGINEER · CISSP

“Every client gets my direct number. If something breaks at 2 a.m., I’m the one who picks up — not a call center, not a chatbot.”

White glove, by design

We are the IT department
you cannot afford to hire.

The median salary for a full-time security engineer in the U.S. is $185,000. We provide one — along with infrastructure, monitoring, and compliance documentation — starting at $49 per month.

01

Day-one migration

Supervised DNS cutover, zero public-facing downtime, typically on a Saturday.

02

Quiet maintenance

Patches, certificate renewals, and security updates happen outside your business hours.

03

Audit packets

PDF evidence bundles for insurers, auditors, and regulators — generated on demand.

04

One human, one phone number

A named engineer who knows your stack. No ticket queues, no escalation trees.

Field notes

Three quiet wins.
Names withheld, as agreed.

All case studies →
LAW FIRM · 12 ATTORNEYS

Insurance audit passed in six days.

Underwriter required evidence of email authentication enforcement and certificate hygiene. Previous provider could not produce it. We onboarded on Monday; the auditor had her packet by Saturday.

RESULT 01 Audit passed — 6 days
RESULT 02 Premium reduced 18%
RESULT 03 Zero findings at renewal
MEDICAL PRACTICE · 31 STAFF

HIPAA-compliant mail rebuilt without downtime.

Patient-facing email was missing MTA-STS and TLS-RPT entirely. SPF record had exceeded the lookup limit. We rebuilt the authentication stack in one supervised cutover.

RESULT 01 5/5 email checks passing
RESULT 02 Zero downtime
RESULT 03 HIPAA audit cleared
ACCOUNTING FIRM · 4 OFFICES

Tax-season uptime through credential-stuffing.

During peak filing season, a credential-stuffing attack flooded their login page. We detected it within minutes, blocked the IPs, rotated session tokens, and the firm never noticed.

RESULT 01 100% uptime through attack
RESULT 02 4,200 malicious requests blocked
RESULT 03 Zero client data exposed
The ledger

What ‘not getting around to it’
actually costs.

Every line item below is a real finding from a real engagement. The dollar figures come from insurer claim data, regulatory schedules, and post-breach forensics reports.

Finding / event Tag Exposure
01 Missed MTA-STS → phishing wire-fraud MID $38,400
02 Expired TLS certificate → “Not Secure” for 11 days LOW $6,200
03 Insurance claim denied → missing email auth controls HIGH $187,000
04 WordPress unpatched → ransomware & data exfil HIGH $254,000
05 HIPAA audit finding → unencrypted patient email HIGH $50K–$1.5M
Your line item with us $49 – 125 / mo
Frameworks we support

Nine standards. One platform.

FRAMEWORK · 01
SOC 2
Service Organization Control

Trust-service criteria for security, availability, and confidentiality.

FRAMEWORK · 02
ISO 27001
Information Security Management

International standard for managing information security risks.

FRAMEWORK · 03
NIST 800-53
Security & Privacy Controls

Comprehensive catalog of controls for federal and enterprise systems.

FRAMEWORK · 04
ISO 42001
AI Management Systems

Governance framework for responsible AI deployment and oversight.

FRAMEWORK · 05
PCI DSS 4.0
Payment Card Industry

Data security standard for organizations handling cardholder data.

FRAMEWORK · 06
HIPAA
Health Insurance Portability

Privacy and security rules for protected health information.

FRAMEWORK · 07
GDPR
General Data Protection Regulation

EU regulation governing the processing of personal data.

FRAMEWORK · 08
CCPA / CPRA
California Consumer Privacy

Consumer data privacy rights and business obligations in California.

FRAMEWORK · 09
Zero Trust
Zero Trust Architecture

Never-trust, always-verify access model across all resources.

Plain pricing

Two options.
No setup fee.

Full pricing details →
PRISMWEB SECURE HOSTING
$49
/month · or $459/year
  • 16-point security monitoring & remediation
  • Managed DNS, certificates & email auth
  • Daily configuration sweeps
  • Compliance evidence packets on demand
  • Day-one supervised migration
  • Named account engineer
  • 99.9% uptime SLA
Get Started →
MSP SECURITY MANAGEMENT
$125
/hour · avg ~$375/month
  • Everything in Secure Hosting
  • Custom security policy development
  • Incident response & forensics
  • Insurance renewal representation
  • Audit preparation & testimony
  • Staff security awareness training
  • Quarterly security reviews
Contact Us →
The long version

Things business
owners ask.

If your question isn’t here, book a call. We’d rather answer it live than hide behind a form.

Q.01 What is a “16-point security check,” and why does it matter?
Search engines and modern browsers reward — and punish — the same configuration details. A missing HSTS header, an unsigned email domain, or a TLS misconfiguration can quietly suppress your rankings, mark your site as “Not secure,” and send marketing emails to spam. Our sixteen checks cover the full stack — DNSSEC, RPKI, SSL/TLS, HSTS, certificate validity, SPF, DKIM, DMARC, MTA-STS, TLS-RPT, security headers, WordPress version, application scanning, IP reputation, and IPv6 — and we resolve findings before they cost you visibility.
Q.02 Do you work with our existing site, or do we have to rebuild?
You keep your site, your CMS, your content, and your team. We migrate your DNS, certificates, and infrastructure to our managed environment in one supervised cutover — typically on a Saturday — with no public-facing downtime. Migration is included on every plan.
Q.03 How does this compare with Squarespace, GoDaddy, Wix?
Those providers serve pages well. None perform the full sixteen-check sweep, and none will represent you to an insurance underwriter, a HIPAA auditor, or your attorney with documented evidence of controls. We are a managed service, not a control panel.
Q.04 Will PrismWeb help our cyber-insurance renewal?
Yes — that is one of the most common reasons clients come to us. Underwriters increasingly require evidence of email authentication enforcement, MFA, certificate hygiene, and patch cadence. We produce that evidence as a PDF packet on demand, and many clients see premium reductions or successful binds at the requested limit.
Q.05 What happens if there is a breach?
We monitor authentication failures, traffic anomalies, and IP reputation in real time. Confirmed incidents trigger a same-hour response: we contain, document, notify your legal contact, and produce the post-incident report your insurer and regulator will request. Forensics support is included in Firm and Enterprise plans.
Q.06 Where is our data hosted, and who has access?
U.S.-based, SOC 2 Type II audited infrastructure. Access is granted on a named basis with hardware-key MFA. We publish our staff access logs to our Open Data dashboard — the only managed host we know of that does so.
A twenty-minute conversation

Tell us your domain.
We’ll tell you what’s wrong.

No pitch deck. No demo environment. We pull your live domain, run the sixteen checks in front of you, and walk through every finding. If there’s nothing to fix, we’ll tell you that too.

Book the call → Or scan your domain first →
WHAT YOU’LL LEAVE WITH
  1. 01 A live 16-point report on your current domain.
  2. 02 A written plan for the findings that matter.
  3. 03 A flat-rate quote, in writing, before you hang up.

“I expected a sales call. I got a free security audit.”

— Halloway CPA