AI training for Copilot, Claude and OpenAI. Book your slot now 09 974 2379Client PortalRemote Support
Belton IT Nexus
NZ AU
Contact us
01 Run

We become your IT department and own the day-to-day.

Managed IT Your whole environment, owned Managed Devices Endpoints, patched & tracked Microsoft 365 The workplace, managed Cloud & Azure Run properly, costs watched Connectivity Internet & networks that work Business VoIP Phones on any device
02 Protect

Security operations you can verify, and show.

24-Hour CyberSOC Security ops that don't clock off Identity & Access MFA enforced, takeover stopped Email Security Phishing & fraud, stopped Endpoint Protection EDR on every device Backup & Recovery Provably restorable Security Bundles Per-user, no hidden fees
03 Improve

Honest strategy, budgets you can plan around.

IT Advisory & vCIO Honest, predictable plans Compliance & Governance Audit-ready evidence Projects & Consulting Build what you can't buy Procurement Right kit, fair price, visible Licensing Right-sized, never wasted IT Asset Finance Spread the cost, monthly Data Centres & Hosting Sovereign, servers in minutes
04 Build

AI, automation and software, where they genuinely help.

AI & Copilot Rolled out so it sticks AI Training & Implementation Copilot, Claude & ChatGPT Copilot Workshops Hands-on team training Business Automation Hand work to the platform Software Development Custom builds, done properly Client Portal AI-first insights & budgets White-Label Our bench, your brand
Belton · Run / Protect / Improve / BuildView all services ›
Professional Services

Firms that run on trust, time and confidential data.

Accounting Ledgers & client data Legal Privilege & matter files Business Advisory Plans & reporting Mortgage & Finance Loan files & AML/CFT Insurance Claims & client records Insurance Brokers Cover & premiums
Built & Made

Site, studio and floor, where uptime is the product.

Construction Sites & project files Architecture Drawings & large models Quantity Surveyors Cost data & big files Manufacturing Floor & ERP uptime Healthcare Patient data & privacy
Trade, Service & Technology

Fast-moving operations that can't carry downtime.

Logistics Fleet, orders & tracking Retail & Wholesale POS & storefronts Hospitality POS, EFTPOS & guest WiFi Technology Cloud-native teams Distribution Inventory & systems General SMB Don't fit a box? Start here
Belton · Sector-specialised IT & securityAll industries ›
Guides & Frameworks

Plain-English playbooks for the controls that matter.

Essential Eight ASD's eight, explained DIY Cybersecurity Lock down the basics Cyber Standards Guide ISO, SMB1001 & more M365 Selection Guide Pick the right licences
Tools & Assessments

Self-serve checks that map where you stand.

Security Assessment Score your posture Network Assessment Find the weak spots M365 Security Checklist Find the gaps Cyber Insurance Readiness Be claim-ready
Reading & Learning

Get more from the tools you already pay for.

SME Tech Outlook 2026 Where NZ tech heads next Copilot Learning Hands-on with Copilot FAQ Straight answers CEO's Blog Plain-English views
Belton · Knowledge, not gatekeepingResource library ›
The Firm

A senior team with the skills and scale for any project.

About Belton Who we are, plainly How We Work Our delivery process Who We Work With The fit we look for Leadership Jason & Amy Agnew + team
Proof & Partners

The evidence behind the claims, and ways to build with us.

Case Studies Real outcomes, named Accreditations The proof behind the practice Industries Sector-specialised White-label / Partners Our bench, your brand
Connect

Real people, fast, no ticket-queue runaround.

Contact Us Talk to a human, today Book a Session A 90-minute discovery Find Us Newmarket, Auckland Remote Support Get help now
Belton IT Nexus · Est. 2004 · Newmarket, AucklandAbout us ›
Home/ Resources/ Security Assessment

Know where you stand.

A thorough review of your security posture, now including how safely your team uses AI. Honest findings. Practical recommendations. No jargon, no unnecessary alarm, just a clear picture of your real risks.

8review areas Read-onlyremote access Noobligation to engage Yoursthe report, regardless
Book your assessment Try the 2-minute self-check
Check yourself, right now

The 14-question self-assessment.

3 minutes · honest answers

Fourteen questions, the same ones we open every engagement with, now covering AI safety too. Answer honestly, nothing leaves your browser, and you'll get your score and the gaps to close first.

0 of 14 answered

Most businesses know they should care about security. Few know exactly where their vulnerabilities lie. Generic advice only goes so far. You need someone to look at your specific environment, your actual configurations, your real risks, and increasingly, the way your people are already using AI.

Our security assessment does exactly that. We examine your systems, review your policies, test your defences, and check whether AI is being used safely across your business. You receive a clear picture of your current state and a prioritised list of improvements. No jargon. No unnecessary alarm. Just honest findings and practical recommendations.

Better to discover vulnerabilities through a controlled assessment than through a breach.
A comprehensive examination
§01

What we review

Eight areas that matter
01 / Identity
Identity & access
Who has access to what, how accounts are created and removed. We verify password policies, MFA coverage, and privileged access controls.
02 / Email
Email security
Your most likely attack vector. We review spam filtering, phishing and impersonation defences, and check SPF, DKIM and DMARC configuration.
03 / Endpoints
Endpoint protection
Are your devices adequately protected? We examine antivirus coverage, EDR deployment, and patch status, and verify tools are actually working.
04 / Cloud
Cloud environments
Microsoft 365, Azure, AWS. We review access controls and security settings against best practices and common misconfigurations attackers exploit.
05 / Network
Network security
Firewall rules, segmentation, and VPN configuration. We look at how traffic flows, what is exposed externally, and how a breach would be contained.
06 / Data
Data protection
Where your sensitive data lives, who can access it, and how it is protected in transit and at rest. We assess backups, classification, and recovery.
07 / People
Security awareness
Technology alone cannot protect you. We assess your security policies, training programs, and incident response. Human factors often decide the outcome.
08 / AI safety
AI safety & governance
How your team uses AI tools, what data they expose, and whether usage is sanctioned and monitored. We check training, data readiness, IT oversight, and ongoing review.
New, and moving fast
§02

AI safety, checked properly

The four things that matter

Your team is almost certainly already using AI, whether or not it is sanctioned. That is not a problem to ban, it is a risk to manage. We check four things that decide whether AI helps your business or quietly leaks it.

01 / Training
Your team is trained
Do your people know what is safe to put into an AI tool and what is not? Untrained staff pasting client data, contracts or credentials into public AI is the fastest-growing exposure we see.
02 / Data readiness
Your data is ready
AI is only as safe as the data you point it at. We check whether your information is organised, classified and permissioned well enough that AI tools surface the right things, not the wrong ones.
03 / IT oversight
Checked with your IT company
Has your AI usage been reviewed and signed off by the people who run your IT? Shadow AI, adopted quietly without oversight, bypasses every control you have already paid for.
04 / Monitoring
Monitored regularly
AI tools, permissions and risks change constantly. A one-off approval is not enough. We check that usage is reviewed on a regular basis, so new tools and new risks do not slip through.
How the assessment works
§03

The process

Nothing assumed, everything verified
01
Scope
A scoping conversation to understand your business, your concerns, and your environment, so we examine what matters most to you.
02
Collect
We gather documentation, configuration exports, and system information, mostly remotely with temporary read-only access to your systems.
03
Analyse
We review configurations, test controls, and identify vulnerabilities, examining each area systematically against established security frameworks.
04
Report
We document findings, assess risk levels, and walk you through the results, so you leave with a clear roadmap for improvement.
What you receive
§04

Tangible outputs you can act on

The deliverables

An executive summary gives leadership a high-level overview with key findings, risk ratings, and recommended priorities. The technical report provides detailed findings with evidence, risk assessments, and specific remediation guidance for each issue identified.

We also provide a prioritised roadmap, a recommended sequence of improvements based on risk, cost, and operational impact. Finally, we conduct an interactive presentation session with your team, walking through findings and providing context. No obligation to engage further. The report is yours regardless.

Included in every assessment
  • Executive summary for leadership
  • Technical report with evidence
  • Risk ratings and prioritisation
  • Specific remediation guidance
  • AI safety and readiness findings
  • Prioritised improvement roadmap
  • Interactive presentation session
Book your assessment
§05

Request a security check.

We reply within one business hour
No obligation
The report is yours regardless
There is no commitment to engage us further. You keep the findings either way.
Step 1
Reply within one business hour
A short note back to confirm scope, timing and what read-only access we need.
Step 2
Scoping conversation
So we examine what matters most to you, including how your team is using AI.
Step 3
The assessment and report
Mostly remote, with temporary read-only access. You leave with a clear, prioritised roadmap.

By submitting this form you agree to our Privacy Policy.
Prefer to talk first? Book a 90-minute discovery session directly →  or  contact us →

Discover your risks
before a breach does.

Tell us about your organisation and we'll be in touch to discuss scope and timing. We have assessed organisations across New Zealand, manufacturing, professional services, healthcare, and technology. Each environment is different. The rigour we apply is consistent.

Book your assessment Talk to a human
And relax

Getting started is the easy part.

Onboarding without drama

We do the switch: your current provider, the migration, the handover, all of it. Most teams barely notice the cutover happened.

Everything looked after

On the right plan, compliance, reporting and budgets are handled inside the partnership. You run the business; we run the IT underneath it.

Your QBR writes itself

Quarterly business reviews are generated automatically from your live environment: spend, posture, recommendations and roadmap, ready for the board, reviewed with your account manager.

The honest bit: the full looked-after experience comes with the right plan. We charge fairly for what we take on, and when costs step up it's because you are taking on more, always moving in the right direction.

Get started in 2 minutes Speak to someone
NEW ZEALAND OWNED & OPERATED EST. 2004
Sovereign by design

New Zealand owned and operated.

Sovereign data centres across New Zealand and Australia, with your data kept onshore wherever it's required. Our team understands New Zealand, and our leaders have built, scaled and secured businesses right across the New Zealand landscape.

Sovereign data centres · New Zealand & Australia
  • Auckland
  • Christchurch
  • Sydney
  • Melbourne
  • Brisbane
  • Perth
International data-centre operations
  • Singapore
  • Germany
  • Netherlands
  • USA

Servers available in minutes, not days.

Explore data centres & hosting →
Accredited partners
Microsoft Solutions Partner, Modern Work Fortinet Partner Lenovo Partner HP Partner Apple Partner APC Partner SentinelOne Partner
Book your free discovery & security session