Skip to content
North Valley AI Security AI Security Consulting
Open navigation menu

Services

AI security and cybersecurity services for small organizations

Services are designed for small businesses, nonprofits, solo founders, professional services firms, and local organizations that need clear, authorized, security-first help.

Best for: Teams already using AI without a clear internal policy.

AI Security & Usage Assessment

Purpose

Review how the business is currently using AI tools and identify risks around sensitive data, employee workflows, account access, and vendor settings.

Ideal customer

Small businesses already using ChatGPT, Microsoft Copilot, Google Gemini, Claude, AI meeting tools, AI document tools, or AI automation platforms.

Pricing guide

Starter: $600-$1,200 / Expanded: $1,200-$2,500

Details +

Deliverables

  • AI usage inventory
  • Risk summary
  • Recommended AI use policy
  • Practical do/don't guidance
  • Prioritized action plan

Coverage

  • AI tools currently used by staff
  • Sensitive data and prompt handling patterns
  • Account access and workspace settings
  • Vendor privacy and training controls
  • Workflow risks and employee guidance gaps

Examples

  • Reviewing whether meeting notes should be sent to an AI transcription tool
  • Creating rules for ChatGPT, Copilot, Gemini, Claude, or AI document tools
  • Identifying safer settings for team workspaces and shared accounts

Limitations

  • Does not include unauthorized testing or vendor system probing
  • Does not require passwords, secrets, client files, or regulated data
  • Recommendations depend on the tools and workflows disclosed during review

Best for: New or small organizations that need a realistic security starting point.

Small Business Cybersecurity Baseline Review

Purpose

Assess basic cybersecurity posture for small businesses that need practical, affordable guidance.

Ideal customer

Small businesses, nonprofits, solo operators, and local teams that want practical security priorities before investing in larger IT projects.

Pricing guide

$400-$1,200 depending on scope

Details +

Deliverables

  • Risk summary
  • Priority checklist
  • 30/60/90-day roadmap
  • Plain-English explanation

Coverage

  • Email security
  • Password manager adoption
  • MFA
  • Device basics
  • Website/domain security
  • Backup practices
  • Admin account review
  • Basic policy gaps
  • Vendor risk concerns

Examples

  • Checking whether admin accounts have MFA
  • Reviewing basic backup and account recovery practices
  • Creating a simple security roadmap for an owner or office manager

Limitations

  • Does not include penetration testing or intrusive scanning
  • Does not replace managed IT support or 24/7 monitoring
  • Does not certify compliance with a specific framework

Best for: Teams preparing for a broader AI rollout across workflows.

Secure AI Adoption Roadmap

Purpose

Help a business adopt AI tools safely without creating avoidable privacy, compliance, or security problems.

Ideal customer

Businesses that want to introduce AI across multiple workflows without leaving tool choice, staff behavior, and data rules to chance.

Pricing guide

$1,200-$3,500

Details +

Deliverables

  • AI adoption roadmap
  • AI acceptable-use policy
  • Tool/vendor comparison notes
  • Implementation checklist

Coverage

  • Approved AI tool list
  • Data handling rules
  • Role-based usage guidance
  • Workflow-specific risk controls
  • Staff guidance
  • Management recommendations

Examples

  • Choosing which AI tools are appropriate for sales, admin, operations, or document work
  • Defining what staff may enter into AI tools
  • Planning a phased rollout for a team that is AI-curious but risk-aware

Limitations

  • Does not provide legal advice about industry-specific obligations
  • Does not guarantee vendor behavior or future vendor policy changes
  • Implementation support is scoped separately when needed

Best for: Small teams that need shared expectations without enterprise complexity.

AI Policy & Staff Training

Purpose

Create practical internal guidance and training for teams using AI.

Ideal customer

Owners, managers, and teams that want practical staff guidance before AI use becomes inconsistent or risky.

Pricing guide

Policy only: $400-$900 / Policy + training: $1,000-$2,500

Details +

Deliverables

  • AI acceptable-use policy
  • Sensitive data handling guide
  • Staff training deck or handout
  • Short live or remote training session
  • FAQ for employees

Coverage

  • Approved and prohibited AI uses
  • Sensitive data handling rules
  • Employee examples and common scenarios
  • Manager rollout notes
  • Verification expectations for AI-assisted work

Examples

  • Training staff not to paste client files, credentials, or private notes into AI tools
  • Creating a one-page AI quick guide for employees
  • Running a short live or remote training session with Q&A

Limitations

  • Does not monitor employee AI use
  • Does not replace manager approval and enforcement
  • Policy language should be revisited as tools and workflows change

Best for: Teams building or approving an AI-enabled workflow.

LLM Application & Workflow Threat Modeling

Purpose

Review planned or existing AI workflows and identify likely misuse, data leakage, prompt injection, access-control, logging, and vendor risks.

Ideal customer

Teams designing, approving, or revising an AI-enabled workflow that can read, transform, summarize, route, or act on business information.

Pricing guide

$1,200-$4,000+

Details +

Deliverables

  • Threat model
  • Abuse-case list
  • Risk-ranked findings
  • Control recommendations
  • Secure design notes

Coverage

  • Data flows and trust boundaries
  • User roles and access controls
  • Prompt injection and untrusted content risks
  • Logging, retention, and vendor dependencies
  • Output review and human approval points

Examples

  • Reviewing an internal document assistant before staff use
  • Threat modeling an AI intake triage workflow
  • Identifying where a model or automation should not be allowed to take action

Limitations

  • This is not unauthorized testing.
  • Any testing must be scoped, documented, and limited to systems the client owns or is authorized to assess.
  • Implementation testing and code review are separate scopes unless explicitly included.

Best for: Businesses that need a focused AI workflow without a heavyweight platform.

Custom Secure AI Tools & Automations

Purpose

Build lightweight, security-focused AI-enabled tools for business workflows.

Ideal customer

Businesses with a focused workflow that could benefit from a lightweight AI assistant, automation, prototype, or internal tool.

Pricing guide

Prototype: $2,000-$6,000 / Small production tool: $6,000-$15,000+ / Ongoing support available separately

Details +

Deliverables

  • Scope and requirements notes
  • Secure workflow design
  • Prototype or tool build
  • Testing and handoff documentation

Coverage

  • Workflow requirements and user roles
  • Sensitive data boundaries
  • Secure design and maintainability
  • Prototype or small production build
  • Testing, documentation, and handoff

Examples

  • Internal document assistant
  • Local-first workflow assistant
  • AI-assisted report generator
  • Intake triage helper
  • Secure prompt/workflow templates
  • Small dashboard or automation
  • Prototype business tool

Limitations

  • Final pricing depends heavily on complexity, integrations, deployment, and support needs
  • Hosting, long-term maintenance, and urgent support are scoped separately
  • Production data and secrets are not handled until data handling is explicitly scoped

Best for: Organizations that want a non-invasive view of public exposure.

Open-Source Security & Exposure Review

Purpose

Use lawful, non-invasive, open-source methods to help a business understand what information may be publicly exposed.

Ideal customer

Organizations that want to understand public exposure without authorizing intrusive scans, exploitation, or credential testing.

Pricing guide

$400-$1,500

Details +

Deliverables

  • Exposure summary
  • Risk-ranked observations
  • Cleanup recommendations

Coverage

  • Public website review
  • Public domain/DNS observations
  • Publicly visible business information
  • Public code/configuration exposure where applicable
  • Public AI/data exposure risks

Examples

  • Reviewing public website and domain signals
  • Checking for obvious public configuration or code exposure
  • Summarizing public business information that could create operational risk

Limitations

  • No unauthorized scanning
  • No exploitation
  • No credential attacks
  • No intrusive red teaming
  • No testing third-party systems without written authorization

Best for: Businesses that depend on email and a public website but lack a security baseline.

Website, Domain, and Email Security Setup

Purpose

Help small businesses set up safer basics around domains, websites, and email.

Ideal customer

Businesses that rely on email, a public website, and a domain name but are unsure whether the basics are set up safely.

Pricing guide

$400-$2,000

Details +

Deliverables

  • Provider and access map
  • Domain registrar security recommendations
  • DNS and email authentication notes
  • Website security header guidance
  • Admin handoff checklist

Coverage

  • MFA
  • Domain registrar security
  • DNS hygiene
  • SPF/DKIM/DMARC guidance
  • Website security headers
  • Basic hosting recommendations
  • Admin access review

Examples

  • Helping enable MFA on registrar, hosting, email, and website admin accounts
  • Reviewing SPF, DKIM, and DMARC readiness
  • Explaining safer DNS, hosting, and admin access choices

Limitations

  • DNS and email changes are made only with approval and appropriate authority
  • Changes can affect email delivery and should be staged carefully
  • This work reduces common risks but does not guarantee deliverability or security

Best for: Teams comparing AI tools, SaaS vendors, or workflow platforms.

Vendor & AI Tool Risk Review

Purpose

Help a business decide whether a vendor or AI tool is appropriate for its workflows and data.

Ideal customer

Teams comparing AI tools, SaaS vendors, automation platforms, or business software before sharing sensitive data or committing budget.

Pricing guide

$400-$1,500

Details +

Deliverables

  • Vendor comparison notes
  • Risk summary
  • Questions to ask vendors
  • Recommended safeguards
  • Go/no-go guidance

Coverage

  • Intended workflow and data use
  • Vendor security and privacy documentation
  • Retention, training, and data-sharing claims
  • Admin controls and user permissions
  • Practical safeguards and decision criteria

Examples

  • Comparing two AI meeting note vendors
  • Reviewing whether a document assistant is appropriate for client files
  • Preparing questions to ask before buying a new SaaS tool

Limitations

  • Depends on available vendor documentation and responses
  • Does not provide legal, procurement, or compliance certification advice
  • Does not include testing vendor systems without written authorization

Best for: Small organizations that need policies people can actually use.

Security Documentation & Client-Ready Policies

Purpose

Create practical documentation for small organizations.

Ideal customer

Small organizations that need practical, client-ready security documents without adopting a heavy governance program.

Pricing guide

$250-$1,200 per document package

Details +

Deliverables

  • Editable policy or checklist package
  • Plain-English summary
  • Implementation notes
  • Review cadence recommendation

Coverage

  • Document purpose and audience
  • Current practices and workflow fit
  • Plain-English policy language
  • Review and revision support
  • Editable final handoff

Examples

  • AI acceptable-use policy
  • Password and MFA policy
  • Incident response checklist
  • Data handling guide
  • Vendor review checklist
  • Employee onboarding security checklist

Limitations

  • Does not provide legal advice
  • Does not certify compliance with a specific framework
  • Documents should be reviewed as tools, vendors, and workflows change

Best for: Businesses that want regular AI and security guidance.

Monthly Advisory Retainer

Purpose

Provide ongoing guidance without hiring full-time security staff.

Ideal customer

Businesses that need recurring guidance after an assessment, roadmap, policy package, or custom AI/security project.

Pricing guide

Light: $400/month / Standard: $850/month / Priority: $1,500+/month

Details +

Deliverables

  • Monthly advisory call
  • Email support
  • Policy updates
  • Vendor/tool review
  • Roadmap tracking
  • Light implementation guidance

Coverage

  • Monthly advisory call
  • AI, vendor, and security questions
  • Roadmap tracking
  • Policy updates
  • Light implementation guidance

Examples

  • Reviewing a new AI tool before staff use
  • Checking progress on security roadmap items
  • Updating policy language as workflows change

Limitations

  • Emergency incident response is not included unless separately agreed
  • Implementation work beyond light guidance is scoped separately
  • Response time and support level are defined in writing

Security limitations are part of the scope

No unauthorized testing, credential attacks, exploitation, intrusive red teaming, or testing of third-party systems occurs without written authorization. Open-source exposure review is limited, lawful, and non-invasive.

Not sure where to start?

Need help choosing the right service?

Start with the question in front of you: AI policy, vendor risk, domain security, staff guidance, or a secure workflow idea.

Request a Consultation View Services
Request a Consultation