Products Services Pricing Book a call
Google Workspace Security

Stop data leaving your organisation before it happens

Cirraw helps fintech and regulated businesses lock down Google Workspace — with tools that actually work and experts who configure them right.

Book a free scoping call Try an interactive demo →
What we do

Google Workspace security, built for compliance

We build, configure and manage the controls that keep your data inside your organisation — and keep auditors happy.

01
CheckPost
Stop emails reaching
the wrong person

CheckPost intercepts outbound Gmail at the moment of send — flagging unrecognised recipients and giving staff one clear moment to confirm before the email leaves your organisation.

  • Confirm external recipients
  • Confirm attachments
  • Custom rules per domain
  • Native Gmail — no new tools to learn
See how it works
02
Four Eyes
Human review controls for sensitive outbound emails — route communications to a compliance reviewer before they send.
03
Security Audit
Full Workspace configuration review with a prioritised red/amber/green findings report delivered in three days.
04
AI Training
Gemini and AI workflow adoption workshops for your whole team.
The problem

The breach that ends careers isn't a hack.
It's a reply-all.

Most data breaches at regulated businesses aren't caused by attackers. They're caused by the wrong name in the To field. The ICO data is unambiguous.

#1
Misdirected email is the single most common data breach type reported to the ICO — above phishing, ransomware, and lost devices.
ICO Data Security Incident Trends, 2023–2024
16%
of all ICO breach reports in 2023 were caused by data emailed to the wrong recipient — more than one in six incidents.
ICO Annual Breach Analysis, 2023
72hrs
is the window you have to notify the ICO once a breach is discovered. 42% of organisations miss it — adding a regulatory failure on top of a data failure.
ICO GDPR Article 33 reporting data, 2023

A realistic scenario for a 50-person fintech: A relationship manager sends a client summary to the wrong contact — a typo-matched address in Gmail autocomplete. The email contains personal financial data. Under UK GDPR, that is a notifiable breach. Your DPO has 72 hours to file with the ICO. The client finds out. The regulator opens a file. None of this required a hacker. It required one moment without a check.

Product 01
CheckPost

One moment of confirmation. Zero misdirected emails.

CheckPost intercepts outbound Gmail at the moment of send — flagging unrecognised or external recipients and giving staff a clear, frictionless review before the email leaves your organisation. No new tools. No workflow changes. Just a safety net built into Gmail.

  • Real-time recipient validation against your domain rules
  • Custom flagging rules per team, department, or domain
  • Full audit log of every flagged and confirmed send
  • Native Gmail integration — no new tools for staff to learn
  • Deployed via Google Admin Console — no individual installs
01
Staff hits Send
CheckPost intercepts the email before it dispatches — invisibly, in the background.
02
Recipients are checked
Each address is validated against your rules. External or unrecognised addresses are flagged immediately.
03
One-click confirm or cancel
The sender confirms, edits, or cancels — the whole interaction takes under five seconds.
Try an interactive demo → Deploy CheckPost for your team
Product 02
Four Eyes

No sensitive email leaves without a second set of eyes

Four Eyes routes specific outbound emails into a review queue before they send — giving your compliance team visibility and control over sensitive communications leaving the organisation.

  • Rule-based email interception
  • Dedicated reviewer mailbox in Gmail
  • Approve, reject or edit before send
  • Full compliance audit trail
Book a call about Four Eyes
compliance@yourcompany.io
Four Eyes Review 3 unread
Re: Q3 Financial Statements 09:41
sarah@yourcompany.io → client@lawfirm.co.uk
Fwd: Investment Committee Notes 09:28
james@yourcompany.io → external.fund@partners.com
Client portfolio update — July 08:55
priya@yourcompany.io → client@hedgeco.com
Re: Onboarding docs — new client Tue
tom@yourcompany.io → admin@newclient.co.uk
Fwd: Term sheet draft v2 Mon
sarah@yourcompany.io → legal@counsel.co.uk
Service 01
Security Audit

Know exactly where your Workspace is exposed

A full review of your Google Workspace configuration — DLP policies, sharing settings, admin access, and external exposure — delivered as a prioritised red/amber/green findings report in three days.

  • Full configuration review
  • DLP and sharing policy audit
  • Admin access review
  • Prioritised action plan
Book a Security Audit
audit findings — cirraw report
Critical
3 items
Medium
7 items
Low
12 items
Top critical finding
External Drive sharing enabled org-wide — any file can be shared with any email address without restriction.
Service 02
AI Workflow Training

Get your team actually using Gemini

Most teams pay for Gemini but barely scratch the surface. We run hands-on workshops and build bespoke AI workflows that fit how your team actually works — turning AI from a line item into a genuine productivity multiplier.

  • Half-day and full-day workshops
  • Bespoke Gemini use cases per team
  • Custom workflow automation builds
  • Ongoing AI adoption support
Book a workshop
workshop formats
Half day
Team intro to Gemini
Up to 20 people
Full day
Deep workflow build
Up to 12 people
Bespoke implementation
Custom AI workflows built specifically for your organisation and team processes
Pricing

Simple, transparent pricing

Fixed prices based on your organisation size. Every engagement starts with a free 20-minute scoping call.

CheckPost
Small
Up to 50 users
£1,500 one-off setup
£299 /month
  • Deployment and configuration via Google Admin Console
  • Recipient rules set up for your organisation
  • Staff onboarding and admin training included
  • Compatibility maintained as Google updates Workspace
  • Additional rule changes available on request
  • Email support
Get started
CheckPost · Most popular
Growth
51 – 150 users
£2,500 one-off setup
£599 /month
  • Deployment and configuration via Google Admin Console
  • Recipient rules set up for your organisation
  • Staff onboarding and admin training included
  • Compatibility maintained as Google updates Workspace
  • Additional rule changes available on request
  • Configuration documentation provided
  • Priority email support
Get started
CheckPost
Scale
151 – 350 users
£3,500 one-off setup
£999 /month
  • Deployment and configuration via Google Admin Console
  • Recipient rules set up for your organisation
  • Staff onboarding and admin training included
  • Compatibility maintained as Google updates Workspace
  • Ongoing configuration changes
  • Configuration documentation provided
  • Priority email support
  • Dedicated point of contact for your IT and compliance team
Get started
350+ users Larger organisations and complex multi-team deployments — let's talk about what fits.
Book a call

All plans include CheckPost only. Four Eyes — human review controls for sensitive outbound emails — is available as an add-on. Ask us about bundled deployment on your scoping call.

Not sure where to start?

Book a free 20-minute scoping call — we'll tell you exactly where your Workspace is exposed and what to do about it. No commitment, no sales pitch.

Book a free call →
About us

Built by someone who’s seen what goes wrong

Cirraw was founded to solve a problem that keeps compliance teams up at night — data leaving the organisation through ordinary, everyday mistakes.

RB
Rishi B
Founder, CIRRAW LTD

Regulation shouldn't be a roadblock to your team's best work. I've been helping regulated businesses solve this issue in Google Workspace for the last five years. My mission now is to build guardrails that take the anxiety out of data security, empowering your team to move fast without breaking the rules. Because great systems are designed around the people who actually use them.

Ready to start?

Pick a time below for a free 20-minute scoping call. We will walk you through what you need. No commitment, no sales pitch.

Loading calendar...

Having trouble booking? Email us directly →