Cybersecurity, finally explained in plain English.
SecureWithQuan helps gyms, restaurants, offices, and local shops find the real risks hiding in their technology — then tells you exactly what to do about it. No jargon. No long-term contracts. No fear tactics.
- Wi-Fi password hasn't changed in 3 yearsUsed by ex-employees, vendors
- Staff email lacks 2-step verification#1 cause of small-biz breaches
- No written response planIf something goes wrong, what now?
Small businesses that run on trust — and can't afford to lose it.
If you're running a business with fewer than 50 employees and no full-time IT or security person, you're exactly who I work with. You don't need a Fortune 500 security program. You need someone to quietly look things over, tell you the truth, and give you a short list of things worth doing.
Six ways to make your business harder to hit.
Every engagement is flat-rate and time-boxed. Pick the one that fits where you are — or start with a free consultation and I'll tell you honestly which one (if any) makes sense for your business right now.
01Small Business Cybersecurity Checkup
A friendly, top-to-bottom health check.
Half-day review
Small Business Cybersecurity Checkup
A friendly, top-to-bottom health check.
Think of it like an annual physical — but for your business's technology. I look at how you handle passwords, email, Wi-Fi, devices, and backups, then tell you what's healthy and what needs attention.
- A one-hour walkthrough of your setup
- A short, plain-English report
- A prioritized list of what to fix first (and what can wait)
- 30-day follow-up email to check in
You can't protect what you don't know is at risk. This is the easiest, cheapest way to find out where you stand — before a problem finds you.
Start with this one02Network Vulnerability Risk Assessment
What's open that shouldn't be?
1–2 days
Network Vulnerability Risk Assessment
What's open that shouldn't be?
I scan your network the way an outsider would and look for doors left unlocked — outdated software, misconfigured settings, devices exposed to the internet that shouldn't be. Then I explain each finding without the tech-speak.
- A safe, non-disruptive scan of your network
- A ranked list of risks (high / medium / low)
- Clear explanation of what each finding means
- Step-by-step fixes you or your IT person can follow
Attackers don't pick targets — they pick easy ones. Most small business breaches come from simple, fixable issues. Finding them first takes you off the easy list.
Start with this one03Wireless Security Risk Review
Is your Wi-Fi quietly leaking?
A few hours
Wireless Security Risk Review
Is your Wi-Fi quietly leaking?
I take a close look at the Wi-Fi your staff, customers, and point-of-sale systems use. I check that guest networks are actually separated, that passwords aren't the default, and that no one is listening in from the parking lot.
- On-site wireless assessment
- Check on guest vs. business network separation
- Review of router and access-point settings
- Simple instructions to harden your setup
Wi-Fi is often the weakest link — and the most overlooked. A misconfigured network can expose customer data, payment systems, and private conversations without anyone noticing.
Start with this one04Staff Security Awareness Training
Turn your team into your first line of defense.
90-minute session
Staff Security Awareness Training
Turn your team into your first line of defense.
A live, friendly training session for your staff. No boring slides. We talk about how scams actually look today, how to spot a fake email, what to do with suspicious phone calls, and how to handle company passwords the right way.
- A 90-minute interactive session (in person or virtual)
- Real-world examples tailored to your industry
- A printable one-page quick-reference guide
- Q&A time so staff can ask what's actually on their minds
More than 80% of breaches start with a mistake someone made — not with fancy hacking. Training your team is the single highest-return investment you can make.
Start with this one05Phishing Simulation Campaign
See how your team handles a fake attack — safely.
2-week campaign
Phishing Simulation Campaign
See how your team handles a fake attack — safely.
I send realistic (but completely harmless) test emails to your staff to see who clicks and who spots them. Then I share the results privately with you and use what we learned as a teaching moment — no shame, just progress.
- Two rounds of realistic test emails
- A full results report showing click rates and patterns
- A short debrief and teaching plan
- Recommendations for ongoing practice
People learn by doing, not by being told. Running a safe simulation shows your team what a real scam feels like — and builds habits that stick far better than any lecture.
Start with this one06Cybersecurity Policy Advisory
Write down the rules — so everyone knows them.
2–3 weeks
Cybersecurity Policy Advisory
Write down the rules — so everyone knows them.
I help you put simple, written policies in place: what staff should do with company data, how to handle a lost device, password rules, remote-work guidelines, and what to do if something goes wrong. Plain English. Short documents. Actually useful.
- A tailored set of core security policies
- An incident response playbook (what to do if…)
- An employee acknowledgment form
- A 60-minute review session to walk through it with you
Written policies protect your business legally, operationally, and with clients who ask. More importantly, they stop 'we didn't know what to do' moments before they start.
Start with this onePricing shared during your free consultation.
Let's have a free 30-minute conversation.Four simple steps. No runaround.
I know hiring outside help can feel risky, especially for something technical. So here's exactly how working with me goes — start to finish — so there are no surprises.
We talk — for free, for 30 minutes.
A friendly call. You tell me how your business works, what worries you, what you already have in place. I listen. No slide deck, no sales pitch.
I tell you honestly what I'd do.
Sometimes that means recommending one of my services. Sometimes it means telling you you're in good shape already, or that a free fix would solve 80% of it. I say what I actually think.
You decide — no pressure.
If we move forward, you get a flat-rate quote, a clear timeline, and a single point of contact (me). No surprises. No upsells. No one from 'the team' you've never met.
I do the work and hand you plain-English results.
Every report is written like a letter to a friend — not a compliance document. You'll understand every finding, what it means, and exactly what to do next.
- Years of hands-on security work, translated for real humans
- Industry-recognized cybersecurity certifications
- Focus on small businesses, not enterprise playbooks
- Fully insured and independent
I started SecureWithQuan because good advice shouldn't cost $10,000.
I spent years in cybersecurity watching the same thing happen: large firms would quote small businesses tens of thousands of dollars, months-long engagements, and reports so technical the owner couldn't actually use them.
Meanwhile the problems were almost always the same handful of things — a shared password, a network someone set up once and forgot about, a staff member who didn't know what to look for. Simple stuff. Fixable stuff.
So I built SecureWithQuan around a different idea: one honest advisor, flat-rate engagements, and reports your cousin could read. If you run a real small business with real customers and a real inbox full of things to worry about, I'd like to make cybersecurity one less of them.
Plain language, always.
If I can't explain a risk to you the way I'd explain it to my mother, I haven't understood it well enough yet.
No contracts, no retainers.
You hire me when you need me. If the work is done and I've told you the truth, that's a success — not a reason to keep billing you.
No fear-mongering.
Cybersecurity is already stressful. My job isn't to scare you — it's to give you enough clarity that you can make good decisions calmly.
Small-business-first thinking.
Enterprise tools and advice don't work for a 12-person office. Every recommendation I make is sized to your budget, your staff, and your reality.
The questions everyone asks before hiring me.
If something else is on your mind, the fastest way to get an answer is a quick call.
Ask me directly →If you use email, Wi-Fi, a payment system, or store customer information, then yes — you have something worth protecting. The good news: small businesses don't need enterprise-grade security. A few right-sized steps will put you ahead of 90% of small businesses out there.
It can be — if you hire a large firm built for big companies. My engagements are flat-rate and range from $250 to $900. That's roughly the price of a weekend at a nice hotel, not a six-figure contract. And the free 30-minute consultation is designed to tell you honestly whether you even need paid work yet.
Not with me. My whole promise is to explain things the way I'd explain them to a friend who owns a bakery. Every report, every finding, every recommendation gets translated into plain English. If you can read a lease or a menu, you can read one of my reports.
Your IT person keeps things running — that's different from cybersecurity. Think of it like this: a great mechanic isn't the same thing as a safety inspector. I work alongside your existing IT help, not instead of them. In fact, many of my clients' IT folks appreciate having a second, independent set of eyes.
No. I don't resell products, I don't take commissions from vendors, and I don't do retainers. You hire me for a specific engagement, I finish the work, and if you need me again later — you know where to find me.
That's fine and it happens. Every service is standalone, so you can add another one whenever you're ready. There's no pressure and no ladder I'm trying to push you up. Many clients start with a Checkup and come back six months later for training or policies.
Most engagements wrap up in one to three weeks from kickoff. The Wireless Review can be done in an afternoon. The Policy Advisory is the longest at about three weeks because we're writing documents together. You'll always know the timeline up front.
Everything I do is confidential. I sign an NDA before any paid work begins, findings stay between us, and no one — not vendors, not insurers, not competitors — gets any information about your business unless you tell me to share it.
That's exactly what the free 30-minute consultation is for. Tell me what's on your mind and I'll tell you — honestly — which service (if any) is the right starting point. Sometimes the answer is 'none of them yet,' and I'll tell you that too.
Book your free 30-minute consultation.
Fill out the form and I'll reply within one business day with a few times that work. No cost. No pressure. No one will try to sell you anything.
- You tell me about your business and what's on your mind
- I ask a few questions to understand your setup
- I give you an honest read — paid work or not
- You decide what, if anything, happens next