Skip to content
North Valley AI Security AI Training + Security
Open navigation menu

Services

AI training and secure adoption help that meets local businesses where they are

Services are designed for Chico-area contractors, restaurants, salons, retailers, health and wellness practices, real estate teams, professional offices, nonprofits, solo founders, and local organizations that need clear help using AI safely. Start with owner education, staff training, safe first rollout, or everyday computer/email/AI security habits; the deeper technical work is still available as advanced follow-up.

Not sure where to start?

Pick the situation that sounds closest

No perfect category needed. This is just a softer way to find the most useful first conversation.

I want to understand where AI fits before we roll it out Start with: AI Security Overview for Owners View My owners or employees need practical AI training Start with: AI Safety Training for Owners & Staff View We want help implementing our first approved AI tools Start with: Secure AI Adoption Starter View Staff need better computer, email, and AI-use habits Start with: Everyday Computer, Email & AI Security Training View We already have a specific vendor, automation, or AI workflow Start with: Advanced Vendor & AI Tool Risk Review View I want ongoing help each month instead of one-time advice Start with: Monthly Owner Advisory View

Core packages

First-step AI training and adoption services

These are the most practical first projects for owners and small teams: understand AI, train staff, roll out approved tools carefully, improve everyday security habits, and keep questions moving with monthly guidance.

Best for: Owners who want a safe AI starting point.

AI Security Overview for Owners

Purpose

Give business owners a clear, calm, and technically grounded starting point before AI spreads through staff workflows, customer data, or vendor tools.

Ideal customer

Owners, partners, and managers who know AI matters but want a guided plan before asking employees to use it or paying for new tools.

Pricing guide

$450-$950

Details +

Deliverables

  • Owner-ready AI opportunity and risk summary
  • Safe / caution / do-not-use AI workflow list
  • Sensitive-data handling notes
  • 30-day AI adoption action plan
  • Recommended training, setup, or advanced follow-up

Coverage

  • Current AI use and likely shadow AI
  • Sensitive business and customer data boundaries
  • Roles, workflows, and tasks that may benefit from AI
  • Common AI mistakes, hallucinations, privacy issues, and verification needs
  • Practical first controls before staff rollout

Examples

  • Deciding whether staff can use AI for email drafts, notes, proposals, or customer replies
  • Understanding what should not be pasted into AI tools
  • Creating a safe first-step plan before buying a company AI account

Typical scope

  • Typical scope covers one leadership group and up to three common workflows
  • Best before buying AI tools, asking staff to use AI, or connecting AI to customer data
  • Hands-on setup, policy drafting, or staff training can be added after the overview

Limitations

  • Does not monitor employees or inspect private staff activity
  • Does not provide legal advice or certify compliance
  • Does not include technical implementation unless scoped separately

Best for: Small teams that need practical AI rules and confidence.

AI Safety Training for Owners & Staff

Purpose

Help owners and employees use AI productively while understanding privacy, accuracy, customer-data, and workflow risks that are easy to miss.

Ideal customer

Small teams using AI assistants, office AI features, meeting tools, document tools, chatbots, or built-in automation without shared rules.

Pricing guide

$900-$2,500

Details +

Deliverables

  • AI usage and risk summary
  • Business-specific AI do/don't examples
  • Training deck or staff handout
  • Manager rollout notes
  • Short live or remote training session

Coverage

  • Allowed, restricted, and off-limits AI use
  • Sensitive data, customer information, and confidential business details
  • Prompting safely without oversharing
  • AI hallucinations, source checking, and human approval points
  • Role-specific examples for admin, sales, service, operations, or document work

Examples

  • Training staff not to paste private client notes or internal documents into the wrong AI tool
  • Showing employees how to use AI for drafts while still verifying facts and tone
  • Giving managers language for enforcing AI rules without slowing everyone down

Typical scope

  • Typical scope covers up to 10 staff, one focused training session, and one revision pass
  • Training is tailored to owner, admin, sales, customer-service, document, or operations workflows
  • Larger teams, regulated data, or multi-session rollouts are scoped separately

Limitations

  • Does not monitor employee AI use
  • Does not replace internal management, HR, or legal review
  • Policy language should be revisited as tools and workflows change

Best for: Businesses ready for their first secure AI rollout.

Secure AI Adoption Starter

Purpose

Help a business choose, configure, document, and introduce its first approved AI tools without leaving data handling or staff habits to chance.

Ideal customer

Businesses that are not using AI yet, or are using it informally and want a safer company-approved approach.

Pricing guide

$1,500-$4,500

Details +

Deliverables

  • Approved AI tool and workflow plan
  • Account and permission setup guidance
  • Starter prompt/workflow templates
  • Acceptable-use rules
  • Owner and staff handoff session

Coverage

  • AI tool selection and business fit
  • Account setup, permissions, and admin ownership
  • Data boundaries and workflow rules
  • Starter prompts, templates, and review steps
  • Training and handoff for owners or a small team

Examples

  • Rolling out a company-approved AI assistant for admin or document work
  • Creating reusable prompt templates for estimates, summaries, or customer-service drafts
  • Setting rules before AI is used with meeting notes, customer details, or internal documents

Typical scope

  • Typical scope covers one team, one approved AI platform, and one or two starting workflows
  • Designed for safe rollout, not a broad automation rebuild
  • Integrations, custom apps, customer-data workflows, or long-term support are scoped separately

Limitations

  • Does not guarantee AI output quality or business results
  • Does not include managed IT administration or 24/7 support
  • Paid AI subscriptions, vendor fees, and legal review are not included

Best for: Teams that need better daily computer, email, and AI habits.

Everyday Computer, Email & AI Security Training

Purpose

Give owners and employees practical security habits for email, files, passwords, MFA, devices, browsers, and AI tools.

Ideal customer

Local businesses that want employees to recognize risky emails, handle files carefully, use AI safely, and avoid weak login habits.

Pricing guide

$650-$1,800

Details +

Deliverables

  • Live or remote staff training session
  • Simple staff checklist
  • Email and AI-use examples
  • Owner follow-up notes
  • Recommended next steps for account or device cleanup

Coverage

  • Email, phishing, attachments, links, invoices, and payment-change scams
  • Password manager and MFA basics
  • Computer, browser, download, and file-sharing habits
  • Safe use of AI tools during normal office work
  • What to do when something feels suspicious

Examples

  • Walking through realistic phishing and business email compromise scenarios
  • Explaining why MFA, recovery codes, and password managers matter
  • Teaching staff when to stop, verify, and ask before using AI or clicking through

Typical scope

  • Typical scope covers one short session for a small team and a practical handout
  • Examples are adjusted for the business's actual tools and common staff mistakes
  • Hands-on account cleanup, device support, or managed IT work is scoped separately

Limitations

  • Does not replace managed IT, endpoint management, or employee monitoring
  • Does not include incident response unless separately agreed
  • Training reduces risk but cannot prevent every mistake or attack

Best for: Owners who want recurring AI and security guidance.

Monthly AI & Security Advisory

Purpose

Provide recurring AI, staff-training, vendor, account-security, and workflow guidance without hiring full-time security staff.

Ideal customer

Businesses that need recurring guidance after an AI overview, staff training, secure rollout, or everyday security training session.

Pricing guide

Light: $350/month / Standard: $850/month / Priority: $1,500/month

Details +

Deliverables

  • Monthly advisory call
  • Limited async support
  • Policy and training updates
  • Vendor/tool review guidance
  • Roadmap tracking
  • Quarterly priority refresh for standard and priority plans

Coverage

  • Monthly advisory call
  • AI tool, staff, and workflow questions
  • Policy and training updates
  • Vendor and account-security guidance
  • Roadmap tracking
  • Priority planning for follow-up projects

Examples

  • Reviewing a new AI feature before staff use
  • Updating AI-use rules after a workflow changes
  • Checking progress on training, MFA, email, or tool-risk follow-ups
  • Getting a steady place to bring questions before small issues spread

Typical scope

  • Light: one short monthly call and limited async questions
  • Standard: roughly 2 hours/month for AI, staff, vendor, policy, or roadmap guidance
  • Priority: roughly 4 hours/month with faster response expectations defined in writing

Limitations

  • Emergency incident response is not included unless separately agreed
  • Implementation work beyond light guidance is scoped separately
  • Response time and support level are defined in writing

Specialized services

Advanced services for higher-risk tools, accounts, and workflows

These are useful after the first AI or training work, or when the business already knows a specific account, customer-data workflow, vendor decision, document package, or AI build needs deeper review.

Best for: Advanced hardening for email, web, and customer accounts.

Advanced Website, Email & Account Security

Purpose

Improve the safety of the public-facing accounts and tools that local businesses depend on for leads, bookings, reviews, payments, and customer communication.

Ideal customer

Businesses ready to harden a domain, website, business listing profiles, social pages, payment or checkout tools, booking software, email, or customer communication tools.

Pricing guide

$900-$2,500

Details +

Deliverables

  • Provider and account-access map
  • Domain and email security recommendations
  • Customer-account security checklist
  • Owner handoff notes for approved changes

Coverage

  • Domain registrar and DNS security
  • SPF/DKIM/DMARC and email authentication guidance
  • Website security headers and hosting basics
  • Business listing, social, and review-account access
  • Booking, payment, customer-list, and shared admin-account safeguards

Examples

  • Reducing the chance of email spoofing with SPF, DKIM, and DMARC guidance
  • Reviewing who can administer business listings or booking platforms
  • Cleaning up shared owner, manager, and staff access patterns

Typical scope

  • Typical scope covers one primary domain, one email provider, and core public business accounts
  • Approved DNS/email changes are staged carefully because they can affect deliverability
  • Extra domains, brands, complex migrations, or cleanup projects are scoped separately

Limitations

  • DNS and email changes are made only with approval and appropriate authority
  • Changes can affect email delivery and should be staged carefully
  • This work reduces common risk but does not guarantee deliverability or security

Best for: Advanced review for customer-data tools and automation.

Advanced Customer Tools & Automation Review

Purpose

Review customer-facing tools so leads, bookings, forms, reminders, AI features, and follow-up messages do not create avoidable data or access risk.

Ideal customer

Businesses with booking, forms, customer lists, reminders, CRM tools, follow-up automations, or AI features that touch customer information.

Pricing guide

$1,500-$4,000

Details +

Deliverables

  • Workflow and data-flow map
  • Risk-ranked findings
  • Vendor and access recommendations
  • Implementation roadmap
  • Plain-English owner handoff notes

Coverage

  • Lead, booking, intake, and follow-up data flows
  • Customer information and permission boundaries
  • SMS/email automation and opt-in risks
  • Staff access, owner access, and vendor settings
  • Dashboard, handoff, and documentation needs

Examples

  • Reviewing missed-call text-back and quote follow-up automations
  • Checking booking or intake forms before sensitive customer details are collected
  • Mapping which staff and vendors can access customer-list or scheduler data

Typical scope

  • Typical scope covers one customer workflow and up to two connected tools or vendors
  • Best used before adding more automation, campaign logic, AI features, or customer-data collection
  • Hands-on implementation, copywriting, campaign setup, or legal review is scoped separately

Limitations

  • Does not replace legal review of SMS, email, or regulated-data obligations
  • Does not include unauthorized testing of vendor systems
  • Implementation work is scoped separately when needed

Best for: Advanced review for AI and data-handling vendor decisions.

Advanced Vendor & AI Tool Risk Review

Purpose

Help a business decide whether a vendor, AI tool, payment tool, customer-list tool, payroll system, booking tool, or automation platform is appropriate for its work and data.

Ideal customer

Owners and managers comparing AI tools, meeting assistants, online vendors, booking platforms, payroll systems, customer-list tools, payment tools, or automation platforms.

Pricing guide

$600-$1,800

Details +

Deliverables

  • Vendor comparison notes
  • Risk summary
  • Questions to ask vendors
  • Recommended safeguards
  • Go/no-go guidance

Coverage

  • Intended workflow and data use
  • Vendor security and privacy documentation
  • Retention, training, and data-sharing claims
  • Admin controls and user permissions
  • Practical safeguards and decision criteria

Examples

  • Comparing two AI meeting-note platforms
  • Reviewing whether a scheduler or customer-list tool is appropriate for customer intake
  • Preparing questions to ask before buying payroll, payment, or automation software

Typical scope

  • Typical scope covers one vendor or a focused comparison of two similar vendors
  • Depends on available vendor documentation, settings, and responses
  • Legal, procurement, or compliance certification review is outside the scope

Limitations

  • Depends on available vendor documentation and responses
  • Does not provide legal, procurement, or compliance certification advice
  • Does not include testing vendor systems without written authorization

Best for: Advanced AI workflow ideas that need secure implementation.

Advanced Secure AI Workflow Prototype

Purpose

Design and build a focused AI-enabled workflow that supports a real business task without a heavyweight platform.

Ideal customer

Businesses with a focused workflow that could benefit from a lightweight AI assistant, intake helper, report generator, internal workflow prototype, or secure prompt system.

Pricing guide

Prototype: $3,000-$8,500 / Small production tool: quote after scope

Details +

Deliverables

  • Scope and requirements notes
  • Secure workflow design
  • Prototype build
  • Testing and handoff documentation

Coverage

  • Workflow requirements and user roles
  • Sensitive data boundaries
  • Secure design and maintainability
  • Prototype build
  • Testing, documentation, and handoff

Examples

  • AI-assisted report generator
  • Intake triage helper
  • Secure prompt/workflow templates
  • Small dashboard or automation
  • Prototype business tool

Typical scope

  • Prototype scope should stay narrow, with one primary workflow and limited integrations
  • Production data, secrets, hosting, and ongoing support are not included until explicitly scoped
  • Small production tools are quoted after requirements, deployment, and maintenance expectations are clear

Limitations

  • Final pricing depends on complexity, integrations, deployment, and support needs
  • Hosting, long-term maintenance, and urgent support are scoped separately
  • Production data and secrets are not handled until data handling is explicitly scoped

Best for: Follow-on support for stronger account basics.

Password Manager + MFA Rollout

Purpose

Help a small team adopt stronger login practices without creating owner or staff confusion.

Ideal customer

Small teams with shared accounts, inconsistent MFA, weak password practices, or no clear offboarding process.

Pricing guide

$500-$1,500

Details +

Deliverables

  • Rollout checklist
  • Account priority list
  • Staff handout
  • Recovery and offboarding notes

Coverage

  • Password manager selection guidance
  • MFA rollout planning
  • Owner, manager, and staff account separation
  • Basic offboarding checklist
  • Recovery-code handling guidance

Examples

  • Moving away from shared passwords
  • Helping staff enroll MFA on critical business accounts
  • Creating a simple account offboarding checklist

Typical scope

  • Typical scope covers a small team and the highest-priority business accounts first
  • Password values, recovery codes, and secrets stay with the client
  • Larger identity-management projects or managed IT operations are scoped separately

Limitations

  • Does not store or collect business passwords
  • Does not replace identity-management or managed IT services
  • Changes are made only with appropriate owner authorization

Best for: Advanced limited public-exposure checks.

Open-Source Security & Exposure Review

Purpose

Use lawful, non-invasive, open-source methods to help a business understand what information may be publicly exposed.

Ideal customer

Organizations that want to understand public exposure without authorizing intrusive scans, exploitation, or credential testing.

Pricing guide

$400-$1,500

Details +

Deliverables

  • Exposure summary
  • Risk-ranked observations
  • Cleanup recommendations

Coverage

  • Public website review
  • Public domain/DNS observations
  • Publicly visible business information
  • Public code/configuration exposure where applicable
  • Public AI/data exposure risks

Examples

  • Reviewing public website and domain signals
  • Checking for obvious public configuration or code exposure
  • Summarizing public business information that could create operational risk

Typical scope

  • Typical scope covers one business, its main domains, and clearly identified public profiles
  • Findings are based on lawful public-source observations only
  • Cleanup implementation is scoped separately when needed

Limitations

  • No unauthorized scanning
  • No exploitation
  • No credential attacks
  • No intrusive red teaming
  • No testing third-party systems without written authorization

Best for: Advanced AI workflows with meaningful data or access risk.

LLM Application & Workflow Threat Modeling

Purpose

Review planned or existing AI workflows and identify likely misuse, data leakage, prompt injection, access-control, logging, and vendor risks.

Ideal customer

Teams designing, approving, or revising an AI-enabled workflow that can read, transform, summarize, route, or act on business information.

Pricing guide

$1,500-$5,000+

Details +

Deliverables

  • Threat model
  • Abuse-case list
  • Risk-ranked findings
  • Control recommendations
  • Secure design notes

Coverage

  • Data flows and trust boundaries
  • User roles and access controls
  • Prompt injection and untrusted content risks
  • Logging, retention, and vendor dependencies
  • Output review and human approval points

Examples

  • Reviewing an internal document assistant before staff use
  • Threat modeling an AI intake triage workflow
  • Identifying where a model or automation should not be allowed to take action

Typical scope

  • Typical scope covers one AI workflow, application, or automation design
  • Implementation testing, code review, and remediation are separate unless explicitly included
  • Best for planned or active AI workflows with meaningful data, vendor, or permission risk

Limitations

  • This is not unauthorized testing
  • Any testing must be scoped, documented, and limited to systems the client owns or is authorized to assess
  • Implementation testing and code review are separate scopes unless explicitly included

Best for: Advanced documentation after rules and workflows are clear.

Security Documentation & Client-Ready Policies

Purpose

Create practical documentation that helps small organizations explain and follow their AI, security, and data-handling expectations.

Ideal customer

Small organizations that need AI acceptable-use policies, onboarding checklists, incident checklists, data-handling guidance, or client-ready security documents.

Pricing guide

$350-$1,500 per document package

Details +

Deliverables

  • Editable policy or checklist package
  • Plain-English summary
  • Implementation notes
  • Review cadence recommendation

Coverage

  • Document purpose and audience
  • Current practices and workflow fit
  • Plain-English policy language
  • Review and revision support
  • Editable final handoff

Examples

  • AI acceptable-use policy
  • Password and MFA policy
  • Incident response checklist
  • Data handling guide
  • Vendor review checklist
  • Employee onboarding security checklist

Typical scope

  • Typical package covers one policy/checklist family and one revision pass
  • Client, insurer, or vendor-specific questionnaires may require separate scope
  • Documents are practical business guidance, not legal advice or compliance certification

Limitations

  • Does not provide legal advice
  • Does not certify compliance with a specific framework
  • Documents should be reviewed as tools, vendors, and workflows change

Monthly support is available after the first project

Many businesses benefit from a small recurring advisory relationship: a monthly call, AI and staff questions, policy updates, roadmap tracking, and light implementation guidance. It is a practical way to keep AI and security decisions moving without hiring full-time security staff.

View Monthly Advisory

Security limitations are part of the scope

No unauthorized testing, credential attacks, exploitation, intrusive red teaming, or testing of third-party systems occurs without written authorization. Open-source exposure review is limited, lawful, and non-invasive.

Not sure where to start?

Need help choosing the right service?

Start with the AI question, training need, or staff habit in front of you. A clear first scope keeps the work useful without pretending the details are simple.

Request a Consultation View Services