SD Tech Solutions logo

Available for new engagements

Hands-on infrastructure, security, automation, and AI integration.
Built for small teams that need it to just work.

SD Tech Solutions helps small and mid-size organizations get the fundamentals right — identity, networking, storage, backup, and automation — and then layers on the modern stuff (on-prem AI, custom APIs, MCP control planes) without the bloat.

Book a free audit See packages & pricing What I do

✓ Real, shipped work — not slides ✓ Lower Mainland BC — on-site when it matters ✓ Privacy-first ✓ Same-day reply

  • Active Directory & Entra ID
  • Networking & VPN
  • Backup & recovery
  • PowerShell & Bash
  • On-prem AI
  • M365 / SharePoint

What I cover

Six practice areas, run end-to-end. From the patch panel to the private LLM.

Infrastructure & Networking Cabling, racks, firewalls, switching, P2P wireless bridges. Cloud & Hybrid Azure, AWS, clustered VMs, hybrid identity, smart workload placement. Security & Access Zero-trust VPN, MFA, hardened baselines, central logging. Software & SaaS Development Custom web apps, internal tools, ERP/CRM integrations. DevOps & Automation IaC, CI/CD, scripted ops, Power Automate, monitoring. AI & Private LLMs On-prem private LLMs, agentic workflows, ERP/CRM-grounded assistants.
Built, not just deployed

I build the AI tools I sell

Most IT shops resell someone else’s AI subscription. I run private large language models on GPU servers I build and manage — and I write the software that drives them. Tower (shown here) is one I use every day: a browser-based workspace that pairs a live terminal with an AI coding assistant, so infrastructure gets operated securely from anywhere. The same private, auditable AI tooling I build for myself is what I build for clients.

  • On-prem GPU servers running open-weight models (Llama, Qwen, DeepSeek) — your data never leaves the LAN.
  • Agentic workflows: Claude Code-style coding agents and MCP control planes wired into real ops.
  • Retrieval-augmented assistants grounded in SharePoint, file shares, and ticket history.
  • Voice input, audit logging, and identity-backed access — production-grade, not a demo.
See packages & free audit Explore private AI Open Tower (beta)

Why teams choose SD Tech Solutions

Six reasons clients keep coming back — one per practice area, each grounded in work I’ve actually shipped.

Hands-on infrastructure

I run the cable, rack the server, and cut over the firewall — not just review someone else’s diagram.

  • Structured cabling, rack builds, patch panels, UPS, and PDU work overseen or done in person.
  • Hardware firewalls (pfSense, WatchGuard, SonicWall) provisioned with sane ACLs, IDS/IPS, and reporting.
  • L2/L3 switching, VLAN segmentation, and inter-VLAN routing with separate networks for servers, users, IoT, and guests.
  • Wireless point-to-point bridges (CPE710-class) for branch links, warehouse extensions, and acquisition stand-ups.
  • Dedicated backup servers and snapshot pipelines with offline copies and tested restore drills.

Cloud & hybrid that pays off

Azure, AWS, and on-prem treated as one estate — workloads placed where the cost and performance math actually works.

  • Azure (VMs, Entra ID, Intune, M365, Purview) and AWS (EC2, S3, IAM, VPC) sized for real load, not just defaults.
  • Clustered virtualization on Hyper-V, VMware, or KVM/Proxmox with HA, live migration, and offsite replication.
  • Hybrid identity: AD DS ↔ Entra ID with SSO, conditional access, and a seamless on-prem/cloud experience.
  • Workload placement decisions backed by cost and performance modelling — not "everything to cloud" by default.
  • Hybrid networking: ExpressRoute, S2S VPN, and split-horizon DNS that survives a cloud outage.

Security that fits the risk

Practical defense-in-depth — built around how your business actually operates, not a generic checklist.

  • Firewall policies tuned to real traffic, with VPN + MFA as the only inbound path to internal resources.
  • Mandatory MFA across VPN, RDP, admin tooling, and cloud sign-ins (Microsoft Authenticator, Duo, hardware tokens).
  • Tier-0 separation for admin accounts, least-privilege identity across AD DS / Entra ID and SaaS.
  • Endpoint hardening with Intune / GPO baselines, full-disk encryption, and least-privilege local accounts.
  • Central logging from firewall, AD, VPN, and SaaS feeding a dashboard the team will actually look at.

Custom software & SaaS for hire

Web apps, internal tools, and SaaS-style products — wired into the ERP / CRM you already run.

  • Custom web apps and internal tools built on PHP / LAMP, Python, and Node — chosen for fit, not fashion.
  • SaaS-style products with auth, per-tenant isolation, billing hooks, and admin surfaces, hosted on-prem or in cloud.
  • ERP / CRM integration: Dynamics, Salesforce, SharePoint, Power Platform — plus self-hosted suites — wired together via APIs and queues.
  • Database design and operations across MySQL/MariaDB, PostgreSQL, and MSSQL with backups and migration discipline.
  • Hardened TLS, CSP, audit logging, and least-privilege service accounts as defaults.

Automation that sticks

Configuration as code, CI/CD pipelines, and scripts that turn long error-prone tasks into one repeatable command.

  • Git-versioned configuration: nginx/Apache vhosts, firewall rules, IaC templates, and ops scripts in source control.
  • CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins) for build, test, deploy, and rollback paths.
  • Bash, PowerShell, and Python automation for backups, health checks, log rotation, certificate renewal, and post-migration cleanup.
  • Power Automate for business workflows — approvals, notifications, document routing, and lifecycle tasks.
  • Onboarding / offboarding flows that drive AD, Entra ID, Intune, Exchange, and SaaS provisioning from one trigger.

Private AI, not $200/seat sprawl

One on-prem GPU server running a private LLM is often cheaper than a stack of $200-per-seat AI subscriptions — and your data never leaves the LAN.

  • Private LLMs on dedicated GPU servers (Ollama, vLLM, llama.cpp) behind hardened reverse proxies and IdP-backed auth.
  • Agentic workflows — Claude Code, MCP servers, and custom orchestrators — wired into ops, code, and back-office tasks.
  • Retrieval-augmented assistants grounded in SharePoint libraries, file shares, ticket history, and internal docs.
  • ERP / CRM integration so AI surfaces sit on top of the systems your business already runs in.
  • Audit logging, rate limits, and access policies aligned with the rest of the security stack.

Book your free AI readiness audit

A no-cost 60-minute review plus a short written report on where private AI (and tighter IT) would actually save you money — yours to keep, no obligation.

  • Real CAPEX-vs-subscription math for your situation
  • What's safe in-house vs. cloud, given your data
  • One quick win you can act on right away

Prefer email? info@sd-techsolutions.com · Same-day reply.

No spam, no sales funnel — it comes straight to me.

Book a free audit →