How long does the Cloud Security Foundation Blueprint take? +
The Blueprint typically runs about 5 to 7 weeks end-to-end across four structured phases: Discovery
& Alignment, Architecture & Strategy Design, Roadmap & Guidelines, and Executive Delivery.
We hold the timeline tightly — that's the entire reason the engagement is fixed-scope.
Do you need access to our cloud environment? +
No. Every Praesidium engagement is zero-access by design. We work from architecture documents,
structured discovery, and existing diagrams — never from console credentials. Your security
posture should not get worse during a security engagement.
Will you implement the recommendations for us? +
We are an architecture and advisory firm — we design, not deploy. The Blueprint is shaped so your
engineering team (or a trusted implementation partner) can execute on it directly. This is a
deliberate boundary: it keeps incentives clean and the strategy honest.
How async is the engagement, really? +
Very. Most engagements involve a small number of structured working sessions plus async questionnaires,
documentation review, and written deliverables. We're built to fit alongside your team's existing
cadence — not to colonize their calendars.
What if we're multi-cloud or considering a second cloud provider? +
Multi-cloud is a core area of focus. The Blueprint can be scoped to AWS, GCP, or both — and the
secondary Multi-Cloud IAM Strategy engagement (typically 4–5 weeks) is designed specifically for
organizations operating across providers.
How is this different from a compliance audit or pen test? +
Compliance audits measure you against a checklist. Pen tests look for what's already broken.
Praesidium designs the architecture that makes both of those activities easier — and a lot less
painful — when they happen. We're upstream of audit, not parallel to it.
