BLACK BOTTLE IT ACHIEVES SOC 2 CERTIFICATION

by Paulette Duderstadt | May 11, 2026 | News

Joining the Less Than 1% of Small MSPs to Reach This Elite Security Standard

Black Bottle IT, a managed IT services and security provider headquartered in Wexford, PA, today announced the successful completion of its SOC 2 (System and Organization Controls 2) certification — a rigorous, independent audit confirming the company meets the highest industry standards for security, availability, and confidentiality in the management of client data and systems.

This milestone places Black Bottle IT in an elite tier: fewer than 1% of small managed service providers (MSPs) achieve SOC 2 certification, making this a significant differentiator in an industry where trust and security are paramount.

What Is SOC 2 — and Why Does It Matter?

SOC 2 is a voluntary compliance framework developed by the American Institute of Certified Public Accountants (AICPA). It requires organizations to demonstrate that their systems, processes, and controls meet strict criteria across five Trust Services Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy.

Unlike self-reported certifications, SOC 2 compliance is verified by an independent third-party auditor, making it one of the most credible and demanding security standards available to IT service providers. Earning this certification requires rigorous preparation, internal process redesign, and the implementation of enterprise-grade security controls across every aspect of operations.

What This Means for Black Bottle IT Clients

For businesses that handle sensitive data — including those in finance, healthcare, legal, and professional services — working with a SOC 2-certified MSP is no longer optional. Many clients—no longer only identified by size—insurance providers, and regulatory bodies now require their IT partners to hold SOC 2 certification as a condition of doing business.

By achieving SOC 2, Black Bottle IT clients gain the assurance that:

Their data is protected by independently verified, enterprise-grade security controls.

Black Bottle IT’s internal processes, infrastructure, and vendor relationships meet the highest standards for risk management and confidentiality.

They can demonstrate to their own customers, partners, and regulators that their IT provider has been rigorously vetted.

They are supported by one of the very few small MSPs in the country to achieve this certification — providing enterprise security without sacrificing the responsiveness of a local partner.

SOC 2 certification isn’t just a badge; it’s a promise to every client we serve. It represents our commitment to operating at the highest possible standard of security and accountability. We went through this process because our clients deserve a partner they can trust completely, and because the businesses we serve increasingly need to demonstrate their own vendors meet rigorous compliance requirements,” said John Henberger, president/founder of Black Bottle IT.

About Black Bottle IT

Black Bottle IT is a full-service managed IT and security services provider serving businesses across the greater Pittsburgh region and beyond. With a focus on proactive security, reliable infrastructure, and responsive support, Black Bottle IT delivers enterprise-level technology solutions tailored to the needs of small and mid-sized businesses. The company’s SOC 2 certification reflects its unwavering commitment to protecting client data and operating with the highest standards of integrity and care.

Black Bottle IT Makes First Strategic Aquistion

by Paulette Duderstadt | May 1, 2026 | News

Black Bottle IT Acquires Restart IT, Expanding Regional Managed Services and Cybersecurity Expertise

Wexford-based MSP and Security Firm Strengthens Its Western Pennsylvania Footprint with Strategic Acquisition of Monroeville’s Restart IT

WEXFORD, PA — Black Bottle IT (BlackBottleIT.com), a trusted Managed Service Provider (MSP) and Security Consultancy headquartered in Wexford, PA, today announced the acquisition of Restart IT (callrestart.com), a well-respected IT services firm based in Monroeville, PA. This strategic move deepens Black Bottle IT’s presence across the greater Pittsburgh region and reinforces its commitment to delivering comprehensive, security-first technology support to local businesses.

As part of the acquisition, Restart IT founder Bob DiGioia will join the Black Bottle IT leadership team as Vice President, ensuring a seamless transition for existing Restart IT clients while bringing deep regional relationships and hands-on IT expertise to an already-strong team.

Leadership Perspective

“When we look at what Bob and the Restart IT team have built — the trust, the relationships, the genuine care for their clients — it perfectly mirrors what we stand for at Black Bottle IT. This isn’t just about growth; it’s about bringing together two teams that share the same values and the same mission: keeping businesses protected, productive, and prepared for whatever comes next. Restart IT clients are gaining access to an expanded depth of security expertise and around-the-clock support, and our team is gaining talented IT professionals who truly know this community.”

— John Hensberger, Founder & President, Black Bottle IT

What This Means for Clients

The combined organization delivers a comprehensive service offering built around five core commitments:

Proactive Protection, Not Reactive Fixes. Black Bottle IT monitors, protects, and advises client organizations around the clock — getting ahead of problems before they impact operations.
Security at the Core. With today’s evolving cyber threat landscape, clients gain access to industry-leading security practices and compliance expertise designed to keep businesses safe and resilient.
Depth of Expertise. A dedicated team of Level 1 and Level 2 support technicians, alongside security and compliance specialists, provides comprehensive, hands-on care for businesses of every size.
Continuity You Can Count On. Restart IT’s client relationships and local familiarity, combined with Black Bottle IT’s proven security capabilities, means clients receive the best of both worlds — familiar faces backed by deeper resources.
A True Strategic Partner. This team is committed to long-term partnership — not just a vendor you call when something breaks, but a forward-thinking ally invested in your business’s future.

About Black Bottle IT

Black Bottle IT is a Wexford, Pennsylvania-based Managed Service Provider and Security Consultancy with deep roots in the western Pennsylvania business community. Founded by John Hensberger, Black Bottle IT delivers proactive IT management, cybersecurity, and compliance solutions to businesses across the region. Learn more at BlackBottleIT.com.

About Restart IT

Restart IT is a Monroeville, Pennsylvania-based IT services company known for its personalized service and trusted client relationships throughout the Pittsburgh metro area. Founded by Bob DiGioia, Restart IT has built a strong reputation for responsive, practical technology support for local businesses. Learn more at callrestart.com.

MEDIA CONTACT

Paulette Duderstadt

Paulette.Duderstadt@BlackBottle.io

The Remote Work Security Gap

by Paulette Duderstadt | Jan 6, 2026 | Cybersecurity, Cybersecurity Awareness

The Remote Work Security Gap No One’s Talking About

Real Talk: Your Hybrid Workforce Is Your Biggest Vulnerability (And Your Competitors Know It)

Remember when “working from home” meant occasionally checking email from your couch? Those days are gone. Your team is now scattered across home offices, coffee shops, co-working spaces, and airport lounges—and cybercriminals are absolutely thrilled about it.

Here’s the truth most IT providers won’t tell you: remote and hybrid work has opened the floodgates for cybercriminals. Every unsecured home network, every public Wi-Fi connection, every personal device accessing company data—it’s all an invitation.

But here’s what we do differently at Black Bottle IT: We slam those floodgates shut.

The Problem: Security Built for Buildings, Not People

Traditional cybersecurity was designed for a world where everyone worked inside a secure office perimeter. Firewalls protected the building. IT controlled the devices. VPNs were occasional exceptions, not the daily rule.

That model is dead. Your security perimeter isn’t a building anymore—it’s wherever your team opens a laptop.

And if you’re still securing your business like everyone sits at a desk on the third floor, you’re leaving the door wide open.

What Real Protection Looks Like in 2026

At Black Bottle IT, we don’t just react to threats—we build comprehensive security strategies around how your team actually works. Here’s what that means:

1. Device-Level Lockdown

Every endpoint—whether it’s a company laptop, a contractor’s tablet, or a smartphone checking email—gets enterprise-grade protection. We’re talking endpoint detection and response (EDR), encryption, patch management, and real-time threat monitoring. If a device connects to your data, we secure it. Period.

2. Cloud Application Security

Your team lives in cloud apps—Microsoft 365, Google Workspace, Salesforce, Slack. Cybercriminals know this. We wrap these applications in layers of protection: multi-factor authentication, conditional access policies, data loss prevention, and continuous monitoring. We make sure your cloud isn’t the storm waiting to happen.

3. Zero Trust, Always

We operate on a simple principle: trust nothing by default. Every user, every device, every access request gets verified. Just because someone logged in from a recognized device yesterday doesn’t mean we trust them today. That’s how we catch compromised credentials before they become breaches.

The Black Bottle IT Difference: Strategy, Not Band-Aids

Here’s where most IT providers fail: they sell you security tools without a strategy. You end up with a patchwork of software that doesn’t talk to each other, policies no one follows, and a false sense of security.

We take a different approach.

Our comprehensive, integrated cybersecurity solution includes:

Assessment: We identify your actual vulnerabilities—not generic checklists, but real risks based on how your business operates
Incident Response Plan: When (not if) something happens, you have a playbook that’s been tested and ready to execute
Risk Management & Implementation: We don’t just tell you what’s broken—we fix it and manage ongoing risk
Cybersecurity Awareness Training: Your employees are your first line of defense. We make them partners, not liabilities
Continuous Monitoring: Threats evolve. We watch for them 24/7 so you don’t have to

Enterprise-Grade Security Without the Enterprise-Grade Bill

You shouldn’t need a Fortune 500 budget to get Fortune 500 protection. We deliver enterprise-level security designed for businesses that don’t have an army of internal IT staff or unlimited budgets.

Your team gets to work from wherever they’re most productive. We make sure they can do it safely.

The Stakes Are Higher Than Ever

A single breach can cost you:

Six figures (or more) in remediation costs
Customer trust that took years to build
Regulatory penalties if you handle sensitive data
Weeks or months of operational disruption

And here’s the kicker: most breaches are preventable with the right security strategy in place.

Ready for Real Talk?

If you’re reading this and thinking “I’m not sure how secure we actually are right now”—that’s the right instinct.

We offer comprehensive cyber risk assessments that show you exactly where your vulnerabilities are and what it takes to close them. No scare tactics. No overselling. Just honest evaluation and actionable recommendations.

Because securing remote and hybrid work isn’t about buying more software. It’s about having a partner who understands the threats you face and builds protection around how your business actually operates.

That’s what real protection looks like.

Schedule a Cyber Risk Assessment | Talk With an Expert

About Black Bottle IT
We develop cybersecurity strategies specifically around evolving threats and how to defend your business. Our comprehensive, integrated approach means we join your team at any stage of your cybersecurity journey—whether you’re starting from scratch or hardening existing defenses. Based in Wexford, PA, we protect businesses across the region with enterprise-grade security that actually fits their reality.

We’re Joining the IPPA Spring Summit

by Paulette Duderstadt | Mar 5, 2025 | News

Join Black Bottle IT at IPPA Spring Summit in Vegas!

We’re packing our bags and heading to the City of Lights! Black Bottle IT will be at the #IPPA2025 Spring Summit at Paris Las Vegas in just a few days, and we couldn’t be more excited to connect with payroll professionals like you.

Is your cybersecurity as lucky as finding a four-leaf clover? Or could your protection use a little more than luck? Either way, we’d love to chat about keeping your sensitive payroll data secure in today’s challenging threat landscape.

Visit us at Booth 112 where we’ll be handing out some lucky swag and sharing our expertise in cybersecurity solutions tailored specifically for payroll companies.

Don’t leave your security to chance! Take our 10-Question Quiz to find our your rate your cyber posture – below average, average, about average.

Stop by our booth to learn how Black Bottle IT can help protect your most valuable assets. We’d be “lucky” to connect with you and learn more about your business needs.

See you in Vegas! 🍀

Try Your Luck at our Cyber Quiz

Make it Harder for Hackers to Intrude

by Paulette Duderstadt | Sep 8, 2024 | Cybersecurity, Cybersecurity Awareness

Implementing strong password policies is crucial for protecting business systems. If you think this best practice does not apply to your business, what would you say and do if your employees’ and customers’ personal information were stolen?

Here’s a more detailed breakdown on the best practices to fight modern-day intrusions.

Require complex passwords:

Set minimum length requirements (e.g., at least 12 characters)
Mandate a mix of uppercase and lowercase letters, numbers, and special characters
Prohibit common words, phrases, or easily guessable information (like birthdates)
Consider using passphrases instead of single words

Implement multi-factor authentication (MFA):

Require a second form of verification beyond passwords

Options include:

SMS codes (though less secure than other methods)
Authenticator apps (like Google Authenticator or Authy)
Hardware tokens (such as YubiKeys)
Biometric verification (fingerprints, facial recognition)

Apply MFA to all critical systems and accounts, especially those with administrative access

Use password managers:

Encourage or require employees to use reputable password management tools
These tools generate and store strong, unique passwords for each account
Reduces the risk of password reuse across multiple accounts
Some options include LastPass, 1Password, or Bitwarden

Implement password rotation policies:

Require password changes at regular intervals (e.g., every 90 days)
Prevent reuse of recent passwords
Monitor for compromised credentials:
Use services that check if employee email addresses or passwords have been exposed in known data breaches
Require immediate password changes if compromised credentials are detected

Implement account lockout policies:

Lock accounts after a certain number of failed login attempts
This helps prevent brute-force attacks

Use single sign-on (SSO) for multiple applications:

Reduces the number of passwords employees need to remember
Allows for centralized control and monitoring of access

By implementing these robust password policies, businesses can significantly reduce the risk of unauthorized access to their systems, making it much harder for hackers to intrude when you are at work and away!

Black Bottle IT would love to learn more about your work environment and provide an assessment for a modern-day cybersecurity solution. Contact us today!

« Older Entries