Magrathean UK

Security & Privacy

Security-first delivery

Every engagement is built on Zero Trust principles, Cyber Essentials+ compliance, and audit-ready documentation. Your data stays secure, your operations stay compliant.

No tracking on this website. No analytics. No third-party scripts.

How I Work Securely

Security and compliance embedded in every engagement.

Zero Trust by Default

  • Conditional Access and MFA enforced across all client systems.
  • Least-privilege access models with regular reviews.
  • Device compliance policies aligned to Cyber Essentials+.

Audit-Ready Documentation

  • Full documentation of configurations and changes.
  • ITIL-aligned change and incident management.
  • Compliance evidence maintained for regulatory review.

Data Protection

  • GDPR-compliant data handling and processing.
  • Client data accessed only with explicit authorization.
  • No data retention beyond engagement requirements.

Secure Communications

  • Encrypted email and file transfers as standard.
  • NDA-safe delivery with confidentiality respected.
  • Secure credential management and handover.

Compliance & Certifications

Proven expertise in security frameworks and standards.

Cyber Essentials Plus

  • Delivered full CE+ readiness programmes for public sector, education, and commercial clients.
  • First-time audit passes achieved within four weeks.
  • Ongoing compliance support and remediation.

Microsoft Security Stack

  • Microsoft Defender for Endpoint tuning and baseline hardening.
  • Entra ID, Conditional Access, and identity governance.
  • Microsoft 365 Compliance Manager and DLP policies.

This Website

Privacy-first, tracking-free, and minimal data collection.

No Tracking

  • No analytics, cookies, or third-party scripts.
  • No ad networks or tracking pixels.
  • Static HTML and CSS only.

Contact Data

  • Email used only to respond to your enquiry.
  • No mailing lists or marketing automation.
  • Data deleted after conversation concludes.

Hosting

  • Static site hosted on Azure Static Web Apps.
  • Server logs limited to availability monitoring.
  • No visitor profiling or behavioral tracking.

Client Engagement Principles

Clear expectations, secure delivery, and accountability.

Confidentiality

  • NDA requirements respected and enforced throughout.
  • Client names or project details never shared publicly without permission.
  • Secure disposal of credentials and sensitive materials post-engagement.

Scope & Accountability

  • Deliverables, timelines, and responsibilities agreed in writing.
  • Change requests scoped and approved before implementation.
  • Direct accountability with clear escalation paths.

Get in Touch

Questions about security, privacy, or how I work? Let's talk.

For all enquiries, including security questions or engagement discussions:

contact@magrathean.uk