Case Study — Secured Infrastructure for an SMB
Concrete, measurable results after our intervention
1. The Challenge — Initial Situation
A Quebec SMB in the retail sector contacted Axis Solutions Inc. after suffering a ransomware attempt. Their infrastructure relied on an unpatched Windows server with no automated backups or active monitoring.
| Problem | Impact | Risk Level |
|---|---|---|
| No automated backups | Potential loss of all data in case of failure | Critical |
| Server unpatched for 14 months | Active exploitation of known vulnerabilities | Critical |
| SSH access with simple password | Daily intrusion attempts detected in logs | High |
| No real-time monitoring | Incidents detected only after visible impact | High |
2. The Solution — What Axis Put in Place
| Phase | Actions | Service | Duration |
|---|---|---|---|
| Phase 1 | Complete Audit & Diagnostic | Audit & Diagnostic | 1 day |
| Phase 2 | Migration to Ubuntu Server 24.04 LTS + OS hardening (SSH keys, UFW, Fail2Ban) | Infrastructure Package | 2 days |
| Phase 3 | AES-256 encrypted automated backups to two destinations (Cloud S3 + local disk) | Infrastructure Package | 1 day |
| Phase 4 | Zabbix 7.0 deployment — CPU, disk, network monitoring + instant email alerts | High Availability Monitoring | 1 day |
| Phase 5 | OpenVPN for 3 remote employees with individual certificates | Priority Support | 0.5 day |
3. The Results — Concrete, Measurable Impact
| Indicator | Before Axis | After Axis | Improvement |
|---|---|---|---|
| Availability (uptime) | 91% | 99.9% | +8.9% |
| Security incidents | 3 / month | 0 for 6 months | −100% |
| Estimated recovery time | 2–3 days | < 2 hours | −95% |
| Monthly IT cost | ~$380 / month | $150 / month | −61% |
| Law 25 Compliance | Non-compliant | Compliant | ✓ |