Copper BayTech
All Case Studies

Representative example — illustrates a typical engagement and the kind of results we aim for, not a documented result for a specific named client.

Cybersecurity

Santa Rosa, CA · 2025

Security audit finds two critical vulnerabilities at Santa Rosa Insurance Group — fixed same day

James had no real sense of his firm's security posture. The router was years old, nobody knew the firmware version, and staff were reusing passwords. We found the problems and closed them before anything went wrong.

Vulnerabilities found

2 critical

Time to fix

Same day

Firmware out of date

4 years

The Situation

James ran a five-person insurance practice in Santa Rosa. They handled sensitive client financial data daily — policy information, income records, personal identifiers. They had been in business for eleven years and, like most small firms, had never had a security review.

He reached out after reading about a ransomware attack on a similar-sized firm in the Bay Area. His main concern: “I have no idea what shape we're actually in.”

That's the right thing to be concerned about. Not knowing is the most dangerous position to be in.

What We Found

Critical

Two open inbound ports on the router

Ports 23 (Telnet) and 8080 (HTTP admin) were open to the public internet — both enabled by an old ISP technician and never closed. Either could allow an attacker to attempt to access the router admin panel.

Critical

Router firmware 4 years out of date

The router model had 14 known CVEs (Common Vulnerabilities and Exposures) filed against it in that 4-year window. Three of them were rated 9.8/10 severity.

High

Shared passwords on business-critical tools

Three staff members shared a single login for the agency management system. No individual accountability, and a single compromised credential meant full access for an attacker.

Medium

No MFA on email or cloud storage

Business email and Google Drive had no multi-factor authentication. A phishing attack on any staff member would give full access to five years of client data.

What We Did

Closed both open ports immediately

Accessed the router admin panel, closed ports 23 and 8080, confirmed with a port scan from an external IP.

Updated router firmware

Upgraded from 2021 firmware to the current release. All 14 known CVEs patched. Took 12 minutes.

Migrated agency system to individual logins

Worked with the software vendor to provision individual accounts for each staff member. Shared login deactivated.

Deployed 1Password for the team

Set up a team password manager, migrated existing credentials, and trained staff in a 45-minute lunch session.

Enabled MFA on all critical accounts

Google Workspace, agency management system, and cloud storage all got MFA enforced at the admin level — not optional for anyone.

Delivered a written security summary and quarterly checklist

James has a documented baseline for what was done, what was found, and a simple checklist to maintain security going forward.

The Outcome

The critical vulnerabilities were resolved within three hours of the initial audit — same afternoon we arrived. The firmware update and port closures took less than 20 minutes; the rest of the day was spent on MFA rollout and password manager setup.

James now has a documented security baseline. He knows exactly what his firm's exposure was, what was done to address it, and what the maintenance routine looks like going forward. We check in quarterly.

More importantly: nothing bad happened. That's the point. The best IT security story is one with no incident.

“I had no idea how exposed we were until they ran a security audit. They found two open ports and outdated firmware on our router that we'd had for years. Fixed it same day, no drama.”

James R.

Principal, Santa Rosa Insurance Group

What a Security Audit Includes

Every audit we run covers:

  • ·External port scan — what's exposed to the public internet
  • ·Router and switch firmware version check
  • ·WiFi security configuration (WPA3, network segmentation)
  • ·Access control review — who has access to what, and why
  • ·Password hygiene and password manager assessment
  • ·MFA status across all critical accounts
  • ·Email authentication (SPF, DKIM, DMARC) configuration
  • ·Endpoint protection — antivirus, disk encryption status
  • ·Backup verification — does it actually work?
  • ·Written remediation report with severity ratings

Do you know your exposure?

Book a security audit

Half-day on-site audit for small businesses in Sonoma County. Written report included.

Book a Free Consultation