Breaking
FOUNDED 2010 in Redmond, WA $3M SEED led by Gula Tech Adventures (2022) + $500K interest-free loan from Microsoft 500+ active customers 98% gross retention MICROSOFT US Partner of the Year 2023 INC. 5000 four years running SOC 2 TYPE 2 certified since 2023 100% REMOTE for over a decade FOUNDED 2010 in Redmond, WA $3M SEED led by Gula Tech Adventures (2022) + $500K interest-free loan from Microsoft 500+ active customers 98% gross retention MICROSOFT US Partner of the Year 2023 INC. 5000 four years running SOC 2 TYPE 2 certified since 2023 100% REMOTE for over a decade
BEMO company logo
Company Profile Managed Security Microsoft Cloud

BEMO.

The managed IT and security shop built, by ex-Microsoft engineers, for the businesses too small to hire a CISO.

Redmond, Washington. A navy-blue mark on a white square, sitting nine miles from the Microsoft campus whose cloud it defends. The whole company fits inside one email attachment and 500-plus contracts.

2010
Founded
500+
Active Customers
98%
Gross Retention
$3.2M
Total Funding
01

The Boring Business Nobody Else Wanted

Here is a thing that is true and slightly annoying: almost every small business in America runs on Microsoft 365, and almost none of them have anyone whose actual job is to keep it from getting hacked. This is a gap. Gaps in security are, from the point of view of the person exploiting them, opportunities. From the point of view of the person running a 30-employee dental practice, they are the reason you wake up at 3 a.m.

BEMO exists in that gap. It is a managed IT and security provider in Redmond, Washington, which is to say it sits about nine miles from the Microsoft campus and builds its entire business on top of the Microsoft security stack. That is either a very clever place to build a company or a slightly nervous one, depending on how you feel about depending on a $3-trillion landlord. BEMO seems to feel fine about it. Microsoft, for its part, gave BEMO a $500,000 interest-free loan, which is the corporate equivalent of a landlord slipping you the rent money.

The pitch is unglamorous, which is the point. Small and mid-sized businesses - roughly 10 to 500 employees - need cybersecurity, and they increasingly need compliance: SOC 2 so they can sell to bigger customers, HIPAA if they touch health data, CMMC if they want to bid on defense contracts. Each of these is an alphabet-soup ordeal involving auditors, questionnaires, and a great deal of documentation nobody enjoys producing. BEMO does the ordeal for you, on a monthly subscription, and hands you the certificate at the end.

The genius, to the extent there is one, is that anxiety recurs. A SOC 2 report expires. CMMC keeps adding levels. AI showed up at work and now there is an ISO standard for governing that, too. The compliance treadmill never stops, and a company that runs alongside you on it forever is a company with very durable revenue. BEMO has made the Inc. 5000 four years in a row, which is the kind of quiet compounding that boring problems reliably produce.

02

The Microsoft Alumni Who Left to Sell Microsoft

BEMO was founded in 2010 by two people who knew the platform from the inside, then walked out to serve everyone using it who couldn't afford to understand it.

Bruno Lecoq

Co-Founder · CEO & CISO

Spent roughly 17 years at Microsoft across multiple divisions and product teams before starting BEMO. His diagnosis was simple: the SMB market had enterprise-grade tools and hobbyist-grade security, and nobody was packaging the two together for operators. He now runs the company and, tidily, also serves as its Chief Information Security Officer.

Joel Lachance

Co-Founder · CFO

Brings more than 25 years in regulatory compliance and has built compliance programs across a range of companies. If Lecoq is the security half of the thesis, Lachance is the compliance half - the person who turns a terrifying audit checklist into something a small business can actually finish.

“Digital threat actors increasingly target SMBs. BEMO is developing a SaaS product to quickly improve and maintain the cybersecurity posture.” Bruno Lecoq, Co-Founder, CEO & CISO
03

What You Actually Buy

BEMO packages its work into four lanes, then tiers them so a small clinic and a defense subcontractor can buy from the same menu.

Compliance Management

Certificates, Handled

Audit-ready programs for SOC 2, ISO 27001, CMMC Levels 1 & 2, NIST 800-171, and AI compliance (ISO 42001) - coordinated with GRC platforms and third-party auditors so you finish, not just start.

Managed Cybersecurity

Silver · Diamond · Platinum

Three tiers on the Microsoft security stack: Silver for fundamental protection, Diamond for a Zero Trust foundation, Platinum for compliance-readiness. Threat detection and monitoring included.

AI Managed Services

Watching the Copilots

Shadow AI monitoring and Microsoft Copilot security, because employees started using generative AI whether or not IT approved it, and someone has to govern that new door.

IT Operations

The Whole Help Desk

Managed helpdesk, managed Azure, Microsoft 365 migrations, and device management and procurement - the unglamorous plumbing that keeps a small team running.

04

Follow the Money

In May 2022 BEMO closed a $3 million seed round to turn its services into software - and got a rare vote of confidence from the platform it builds on.

RoundAmountDateLead / Backers
Seed$3.0MMay 2022Gula Tech Adventures (lead), Revolution's Rise of the Rest, SaaS Venture Capital, Pleiade Venture
Microsoft loan$500KMay 2022Microsoft (0% interest)
“Automation of updates is critical to reducing the time that individuals and businesses are vulnerable.” Ron Gula, Gula Tech Adventures
05

The Short History

2010

Bruno Lecoq and Joel Lachance, both ex-Microsoft, found BEMO to secure SMBs on the Microsoft cloud.

May 2022

Closes a $3M seed round led by Gula Tech Adventures, plus a $500K interest-free loan from Microsoft.

July 2023

Wins Microsoft US Partner of the Year in the Social Impact and Community Response category.

Sept 2023

Achieves SOC 2 Type 2 compliance; sets targets for ISO 27001 and CMMC 2.0 Level 2.

2022 – 2025

Named to the Inc. 5000 four consecutive years (No. 1430, 1178, 1604, 2376).

06

The Company It Keeps

MicrosoftSolutions Partner and repeat US Partner of the Year. The entire practice is built on Microsoft 365 and Azure.
DrataGRC / compliance-automation platform for continuous monitoring of client controls.
VantaGRC platform supporting SOC 2 and ISO 27001 automation.
KnowBe4 · RipplingSecurity-awareness training and identity/HR-IT tooling woven into managed onboarding.
07

On the Trophy Shelf

Microsoft US Partner of the Year 2023 - Social Impact & Community Response
Inc. 5000 · four consecutive years (2022 – 2025)
SOC 2 Type 2 compliant (2023)
Microsoft Security certified partner for 10+ years
08

Five Things Worth Knowing

09

Watch & Read

Interviews, product walk-throughs, and the cybersecurity blog where the team argues about acronyms in public.

10

Find BEMO

Quick facts: BEMO

BEMO is a Redmond, Washington-based managed IT and security service provider built specifically for small and mid-sized businesses that run on Microsoft 365 and Azure. Founded in 2010 by ex-Microsoft veterans Bruno Lecoq and Joel Lachance, the fully remote company bundles cybersecurity, compliance (SOC 2, ISO 27001, CMMC, NIST 800-171), managed helpdesk, and AI/Copilot security into packaged tiers so 10-to-500-person organizations can meet audit requirements without hiring an in-house security team. BEMO is a repeat Microsoft US Partner of the Year and a four-time Inc. 5000 honoree.

Founded
2010
Headquarters
Redmond, Washington, United States
Founders
Bruno Lecoq (Co-Founder, CEO & CISO), Joel Lachance (Co-Founder, CFO)
Team size
~47 employees (100% remote)
Products
Compliance Management, Managed Cybersecurity, AI Managed Services, IT Operations
Notable
Microsoft US Partner of the Year 2023 (Social Impact and Community Response category); Modern Workplace for SMB finalist, Four consecutive years on the Inc. 5000 (No. 1430 in 2022, No. 1178 in 2023, No. 1604 in 2024, No. 2376 in 2025), Achieved SOC 2 Type 2 compliance in September 2023

Last updated: