This document outlines an approach to security at a startup taken by Beamly. It involves outsourcing commodity services like hosting and monitoring to providers like AWS and Dataloop.io. It advocates setting up a single secure point of truth using LDAP to manage all user accounts and integrate with services. Beamly implemented security "unit" tests as Python scripts to regularly audit third party services and alert the team of any issues. The approach emphasizes enabling two-factor authentication wherever possible and regularly backing up data and configurations.