Frequently Asked Questions
A peak behind the Veil
What is Glass Veil Security?Glass Veil Security provides modern storage solutions and security applications built for the decentralized future. We help individuals and organizations take control of their data through transparent, self-managed systems that eliminate third-party dependencies. Our services range from custom NAS infrastructure and private-network applications to AI integration and comprehensive cybersecurity training.
Who do you serve?We work with both enterprise clients and individuals, in central kentucky or worldwide, who value data sovereignty. Our business clients include companies seeking to eliminate cloud dependencies, meet compliance requirements, and build secure private networks. We also serve privacy-conscious individuals who want encrypted communication, secure backups, and local data ownership without surrendering control to third-party platforms.
What makes Glass Veil different from traditional cloud providers?Unlike conventional cloud services, we don't store your data on our servers or anyone else's. We build custom infrastructure that you own and control completely. This means no third-party access, no data mining, no terms-of-service changes that compromise your privacy, and no dependency on external providers who could shut down, get acquired, or suffer breaches.
Do you offer remote services or do you need to be on-site?We offer both. Many of our services, including AI consulting, training, security audits, and application development, can be delivered remotely. For custom NAS and PC builds, we typically require on-site installation and configuration, though we can ship pre-configured systems depending on your location and requirements.
Can you integrate my NAS with my existing network and devices?Absolutely. We design for seamless integration with your current infrastructure. Whether you're using Windows, Mac, Linux, mobile devices, or a mixed environment, we configure access controls, automated backups, file synchronization, and secure remote access protocols that work with your existing workflow.
What's the difference between Workplace and Home Cybersecurity Training?
Workplace training focuses on organizational security culture—phishing awareness, password management, secure file sharing, BYOD policies, incident reporting, and compliance requirements specific to your industry. Home training addresses personal digital security—protecting family devices, securing home networks, privacy settings on social media, safe online banking, recognizing scams, and protecting children online. Both are customized to the audience's technical literacy level.
What types of custom applications do you build?
We specialize in private-network applications that operate within your infrastructure rather than relying on external cloud services. Examples include encrypted peer-to-peer communication tools, secure file sharing platforms, custom dashboards for monitoring your infrastructure, consent-based access control systems, and specialized business process applications. All applications prioritize data sovereignty and transparent security.
Do you offer application maintenance and updates?
Yes. We provide service agreements covering security patches, feature updates, bug fixes, and compatibility maintenance as underlying systems evolve. You can also opt for training to manage applications internally or source code handoff for complete independence.
What's involved in AI Model Fine-Tuning?
Fine-tuning customizes a pre-trained AI model for your specific use case using your own data. For example, a law firm might fine-tune a model on their legal documents to improve contract analysis, or a medical practice might fine-tune for clinical note summarization. We handle data preparation, training infrastructure setup, the fine-tuning process, evaluation, and deployment. The result is an AI that "speaks your language" and understands your domain far better than general-purpose models.
Why is "AI in Business Training" important?
AI enhances business training by delivering personalized, efficient, and scalable learning experiences that align with evolving workforce needs while maintaining important, and often overlooked, secure practices.
How do your solutions help with GDPR, CCPA, and other privacy regulations?
Our self-hosted infrastructure gives you direct control over data location, access, retention, and deletion—all key compliance requirements. We can design systems with built-in consent management, data minimization, encryption at rest and in transit, audit logging, and the ability to quickly respond to data subject requests. Many clients find that owning their infrastructure simplifies compliance compared to navigating multiple cloud provider agreements.
How do you price your services?
Pricing varies by scope and complexity. Infrastructure builds (custom NAS/PC) are typically fixed-price projects based on specifications. Application development can be fixed-price for well-defined projects or time-and-materials for evolving requirements. Training, consulting, and AI services are usually hourly or day-rate based. Security audits and pentesting are quoted per engagement based on scope. We provide detailed estimates before starting any work.
Do you work with clients outside your local area?
Yes. While we prefer on-site presence for hardware installation, we regularly work with remote clients for all our services. We can ship pre-configured hardware, provide remote installation support, and deliver all consulting, training, application and development services virtually.
What if I want to switch from cloud services I'm currently using?
We specialize in cloud migration strategies. This typically involves assessing your current usage, designing equivalent self-hosted infrastructure, planning data migration, testing thoroughly, and executing a phased transition that minimizes disruption. Many clients maintain hybrid approaches initially—keeping some cloud services while moving sensitive data to self-hosted infrastructure.
What is a Custom NAS and why would I need one?A Network Attached Storage (NAS) system is your personal data center. Unlike cloud storage (Dropbox, Google Drive, iCloud), a custom NAS keeps all your data on hardware you own, in a location you control. We design NAS solutions tailored to your specific needs—whether that's family photo backups, business document management, media streaming, or enterprise-grade redundant storage with automated failover.
What happens if my NAS hardware fails?We design redundancy into our systems based on your risk tolerance. This can include RAID configurations (where data is mirrored across multiple drives), automated cloud backups to encrypted storage you control, or hot-swappable components. We also provide maintenance agreements and can configure monitoring that alerts you to potential failures before they become critical.
How current is your training content?
We update our training materials monthly to address emerging threats, new attack techniques, and evolving best practices. Recent additions include training on AI-powered phishing attacks, deepfake awareness, supply chain security, and secure AI tool usage in business contexts.
Can you integrate applications with my existing systems?
Yes. We build with interoperability in mind, using standard APIs and protocols. Whether you need to connect with legacy databases, modern cloud services you still use, or custom applications you've already deployed, we design integration layers that maintain security while enabling smooth data flow.
What is AI Prompt Engineering and why do I need it?
Prompt engineering is the skill of communicating effectively with AI systems to get reliable, accurate, and useful results. Poor prompts lead to hallucinations, biased outputs, and wasted time. We teach your team how to structure prompts for different AI tools, chain prompts for complex tasks, validate AI outputs, and integrate AI into workflows safely. This dramatically improves ROI on AI tools and reduces risks from AI-generated errors.
Is fine-tuning expensive?
It depends on scale. Fine-tuning smaller open-source models for specific tasks can be quite affordable, often costing less than ongoing cloud AI subscriptions. Larger models or massive datasets require more compute resources. We provide cost estimates upfront and can architect solutions that balance performance with budget—sometimes a well-prompted smaller model beats an expensive large model.
Can AI really run locally with good performance?
Absolutely. Recent advances in open-source models mean you can run surprisingly capable AI on modern hardware. A workstation with a good GPU can run models that rival cloud services for many tasks. For more demanding applications, we can design dedicated AI infrastructure. The performance gap between local and cloud AI is shrinking rapidly while the privacy and cost benefits of local AI are growing.
What data do you collect from your clients?
We operate on a need-to-know basis. For services delivered, we collect only the technical information necessary to design and implement your solutions. We don't use analytics, telemetry, or tracking on applications we build unless you explicitly configure it. We can provide data processing agreements and sign NDAs as needed.
Do you offer consultations to discuss my needs?
Yes. We offer complimentary initial consultations to understand your requirements and determine if we're a good fit. This is a no-pressure conversation about your goals, challenges, and how our services might help. Contact us at opsec@glassveilsecurity.com to schedule.
What operating systems do you support?
We work across the full spectrum—Linux (our preference for servers due to security and flexibility), Windows, macOS, and BSD variants. For NAS systems, we typically use enterprise Linux distributions or specialized NAS operating systems like TrueNAS. We can also deploy hardened configurations of any major OS based on your preferences.
Do your solutions work for small businesses or just enterprises?
Both. Our services scale from individual users wanting privacy to small businesses establishing their first real infrastructure to enterprises requiring complex multi-site deployments. We believe data sovereignty matters regardless of organization size and design solutions appropriate to your scale and budget.
What's included in a Custom PC build?Our custom PC builds are designed for your specific use case—whether that's AI development workstations, secure business systems, penetration testing rigs, or high-performance personal machines. We handle hardware selection, assembly, operating system hardening, security configuration, and can integrate specialized tools for your workflow. Unlike off-the-shelf systems, you get exactly the performance and security features you need without bloatware or unnecessary vulnerabilities.
What does a Penetration Test and Security Audit involve?Our pentesting service simulates real-world attacks against your systems to identify vulnerabilities before malicious actors do. We test network perimeter security, web applications, wireless networks, physical security, and social engineering susceptibility. The security audit includes comprehensive review of your security policies, access controls, encryption practices, and compliance posture. You receive a detailed report with prioritized remediation steps and can opt for ongoing support to implement fixes.
Do you provide ongoing security support or just one-time audits?
Both. We offer one-time assessments for organizations wanting a security snapshot, and ongoing managed security services including quarterly audits, continuous monitoring, incident response planning, and security awareness training programs. Many clients start with an audit and transition to ongoing support as their security maturity grows.
What's your approach to application security?
We follow secure development lifecycle practices including threat modeling during design, secure coding standards, regular security testing, and ongoing vulnerability management. All code is peer-reviewed, and we can provide source code audits for transparency. We don't use third-party analytics, tracking, or telemetry unless you explicitly request and configure it.
What does Local AI Integration mean?
Instead of sending your data to ChatGPT, Claude, or other cloud AI services (where it may be stored, logged, or used for training), we help you run AI models on your own hardware. This could be a powerful workstation, your custom NAS, or dedicated AI servers. Your data never leaves your infrastructure, you control the model completely, there are no usage limits, and you maintain total privacy. We handle model selection, hardware requirements, deployment, and integration with your existing tools.
What does "AI in Business Training" cover?
This training helps teams understand where AI adds value versus where it creates risk. Topics include evaluating AI use cases, data privacy considerations, prompt engineering basics, validating AI outputs, managing AI-generated content, avoiding AI hallucinations in critical workflows, and establishing AI governance policies. The goal is confident, safe adoption rather than either blind enthusiasm or fearful rejection.
Which AI models do you work with?
We work with the full spectrum of open-source AI models (Llama, Mistral, Stable Diffusion, Whisper, and many others), our own fine tuned MODELS, as well as providing secure integration with cloud AI services when that's appropriate for your use case. We're model-agnostic—we choose based on your requirements, not vendor partnerships.
Can your systems support zero-trust architecture?
Yes. Our applications can integrate with zero-trust frameworks including identity verification, device posture checking, micro-segmentation, and least-privilege access controls. We design assuming no implicit trust—even internal network traffic can be encrypted and authenticated.
What's the typical timeline for a project?
Custom NAS builds typically take 2-4 weeks from specification to deployment. Custom PC builds are 1-2 weeks. Application development ranges from weeks to months depending on complexity. Training can be scheduled within days. Security audits are usually 1-2 weeks for scoping, execution, and reporting. AI integration projects vary widely based on complexity but often span 4-12 weeks.
Can I manage the systems you build myself, or do I need ongoing support?
Our philosophy is empowerment—we build systems you can manage independently and provide comprehensive documentation. That said, many clients appreciate ongoing support agreements for peace of mind, especially for critical infrastructure. We offer flexible arrangements from on-demand support to fully managed services.
Still have questions, or want more info? Send an email to opsec@glassveilsecurity.com
or
Send us a DM on X @Glass_Veil