Services

Services – Making IT Simple, Secure, Reliable

Most small and mid-sized businesses don’t have full IT departments.

You just need your systems to work – securely, efficiently, and without daily firefighting.

That’s where I help.

Basic Service Stack

Core Infrastructure (Mandatory)

  • ShadowForge OS – Custom-hardened Debian base with a minimal attack surface.
  • LUKS-encrypted drives – Full-disk encryption with optional key management.
  • AIDE – File-integrity monitoring with scheduled checksum validation.
  • UFW firewall – Deny-by-default rule set; only explicitly allowed traffic passes.

Advanced Capabilities

  • Synapse – Self-hosted Matrix server enabling end-to-end encrypted communication.
  • BorgBackup – Deduplicated, authenticated backups for local and remote targets.
  • Syncthing – Real-time, peer-to-peer synchronization with no cloud dependency.
  • Ansible + SOPS – Automated provisioning and configuration with encrypted secrets.
  • Auditd – Kernel-level audit system for detailed and tamper-resistant logging.

Summary

This stack provides a hardened operating base with secure communications, verifiable integrity, automated management, and resilient backup-an OPSEC-first infrastructure for serious deployments.

Automation & IT Operations

Stop losing time to manual fixes and repetitive tasks.

I set up automation that keeps your systems running smoothly and consistently.

  • Server setup & configuration management
  • Automated software deployment & updates
  • Backup and recovery processes
  • Monitoring and alerting

Security & Risk Protection

Cybersecurity isn’t just for big companies.

Even small businesses are targets – phishing, ransomware, data theft. I help reduce risks without making IT harder to use.

  • Security reviews of your current systems
  • Practical hardening & patching
  • Firewall and access control setup
  • Secure email & file sharing solutions

Testing & Validation

Better to find weaknesses before someone else does.

I provide testing that shows what works, what doesn’t, and how to fix it.

  • Vulnerability scanning
  • Security and compliance checks
  • Penetration testing (on request)

Consulting & Support

Not sure what you really need? I help translate business goals into IT plans.

  • Infrastructure cleanup & modernization
  • Migration planning (cloud, on-premise, or hybrid)
  • Documentation and knowledge handover so you’re not locked in

Why Work With Me?

  • Straightforward communication – no unnecessary buzzwords.
  • Focus on results, not selling licenses or tools.
  • Flexible scope – from quick fixes to long-term IT strategy.

📩 Contact: tom@tomsitcafe.com

Pricing Overview for SMEs

Service CategoryTypical OfferingPricing (Range)
Automation & IT OperationsServer setup, configuration management, automated deployments, backups, monitoring€1,500 – €4,000 per project
Security & Risk ProtectionSystem security review, hardening, firewall & access control setup, secure email & file sharing€1,200 – €3,000 per project
Vulnerability Scanning & Penetration TestingBasic scans, manual verification, exploit testing, actionable reportsBasic scan: €700–€1,500
Intermediate assessment: €1,500–€3,000
Full penetration test: €3,000–€6,000
Consulting & SupportInfrastructure cleanup, migration planning, documentation, IT strategyHourly: €60–€120 / Retainer: €1,500–€3,000 per month

Notes:

  • Prices are indicative; final quotes depend on your infrastructure and complexity.
  • Bundled projects or long-term support packages can be customized for better value.

Disclaimer

All prices are indicative and for guidance only. Final quotes are tailored to your infrastructure, project complexity, and business requirements. Services are delivered under a clear scope agreement. For security assessments or penetration tests, clients must provide explicit authorization for testing. DeadSwitch / Tom’s IT Café is not liable for system downtime or data loss outside the agreed project scope.