Security Architect as a Service

A few weeks ago, we published our company, Not Bad Security. With the company launch, we also published our first continuous service: Security Architect as a Service. This blog post will walk you through what this is all about.

Early this year, we had multiple conversations with Jussi on how we have seen that Customer IT teams are often stuck with their problems and might be unsure of certain technology areas. It is natural and happens for everyone working in technology that constantly evolves. But, at the same time, the uncertainty cannot be a showstopper for moving forward. And for getting more secure.

What makes options different for an internal IT team compared to a consultant or architect working in a consulting or IT-service provider? It is not purely skills or work ethics. Most of the time, specialists working in IT service providers or consulting companies have collaboration opportunities within their organization. They can ask for insights, have a sparring session with a co-worker, ask for second opinions for their thoughts, or verify if someone has done this before. For example, I have been privileged to work with the most excellent experts in different technology areas. When learning some new technology areas, I have had someone discuss my ideas and thoughts on the subject. About a week ago, I developed a custom solution for Azure for one of our customers. I had an excellent afternoon coffee with Kim Pihström, a top-level software developer for Azure, and he gave me some ideas to improve. Without his guidance, I would have probably finished my solution but could not have been sure if I built it the best way possible since I’m not a software developer myself. 

We try to tackle this need with our Security Architect as a Service. We see our service as helpful for the following scenarios:

  • Tech teams seeking further insights
  • Asking for second opinions – has someone built this before?
  • Verifying a deployment or implementation approach
  • Securing solutions with differing opinions and options

How does it work? We are in stand-by mode and will assist, provide feedback and review any security changes, architecture considerations, and questions you might have with any Microsoft security products. In addition, our fixed fee makes it easy to ensure no hidden fees or surprises around the corner. What does it mean in practice? Your experts can contact our Senior-level architects in the following Security areas:

  • Azure 
  • Identity & Zero Trust
  • Microsoft Defender Solutions
  • Device management
  • Application authentication and Single Sign-on
  • Software development

Having our service can eliminate the need for you to hire architects for some technology areas that are hard to recruit these days. We would love to get seen as an extension of your team’s capabilities and make them perform better. Additionally, it is good to note that we don’t need access to your environment or try to build the solution for you. We help your team to do it themselves!

The service contract can be terminated with a 30-day cancellation period if you are not happy with the service. So there is no risk involved. 

The results are in for the Microsoft Cybersecurity Architect (SC-100) exam!

Photo by @punttim /

Insights on preparing for the Microsoft Certified: Cybersecurity Architect Expert (SC-100) certification