Close-up of a bird perched on a branch

Security services built for outcomes, not endless tickets.

Whether you need a one-time security review, ongoing monitoring, or the policies your funders are asking for, every Marsh IT LLC engagement is scoped, fixed in price, and mapped to recognized security frameworks.

Two men having a discussion in a modern office. One man is wearing an orange beanie and white t-shirt, and the other man is wearing a dark maroon shirt. They are standing in front of a wall covered with papers and design boards. The office has a wooden floor, a table with papers and a plant, and minimal decor.

Our Service Plans

Continuous Monitoring

Best for: ongoing oversight without hiring IT staff.

What this includes :
• Monthly configuration-drift monitoring via Google admin APIs and automation

• Ongoing review of new third-party app connections and token grants

• Quarterly access reviews and alert triage

• A monthly posture report for your board or funders

• A set allotment of remediation time each month

SaaS Security Posture

Best for: organizations that have never had a real security review.

What this includes:
• Google Workspace configuration review against the CIS Google Workspace Benchmark

• Full inventory of third-party / OAuth apps connected to your data

• Identity, MFA, and admin-access review

• Shadow-IT discovery (what staff are using that you haven't approved)

• Written findings mapped to NIST CSF 2.0, with a prioritized remediation roadmap

Policy & Compliance Buildout

Best for: organizations facing a grant, audit, or insurance renewal

What this includes:
• Acceptable Use Policy and third-party app approval workflow

• Data-handling policy aligned to NY SHIELD Act "reasonable safeguards"

• Incident response plan tailored to your team

• Onboarding/offboarding runbooks

Add-On Services

  • Security-Hygiene Training — Practical staff training on phishing, MFA, and safe app-connection habits, so your people strengthen your posture instead of weakening it.

  • Workflow Automation — Onboarding/offboarding intake forms, routing, automated notifications, and Apps Script automations across Sheets/Gmail/Drive. (Including access-removal triggers when someone leaves — an offboarding security gap most teams miss.)

  • Endpoint Protection Rollout — Remote, guided EDR deployment, console verification, and policy-baseline enforcement across mixed device fleets.

  • Internal Systems / Intranet — A secure Google Sites hub for SOPs, HR/IT comms, and resources, with a permissions strategy that controls who sees what.

tailored solutions to future-proof your business

✴︎

tailored solutions to future-proof your business ✴︎