Nīkau is a boutique security consultancy with a Franco-Kiwi background, based in Aotearoa / New Zealand. Its positioning is very clear: it provides platform, information security, and operational security support for NGOs, impact-driven organizations, grassroots movements, and high-risk individuals. It is not a traditional general-purpose enterprise security vendor; instead, it focuses on “mission-aligned infrastructure,” helping organizations reduce reliance on big tech platforms while improving data sovereignty and operational safety.
In terms of protection areas, Nīkau covers practical scenarios such as operational security, threat modeling, counter-surveillance, mitigation of social engineering and penetration risks, device lockdown, data-sharing hygiene, and planning for situations before and after arrest. For security audits, it supports white-box, gray-box, and black-box approaches, covering web applications, organizational and client devices, mobile devices, network equipment, IoT, data storage, physical security, authentication credentials, supply-chain interfaces, and more. On deployment, it emphasizes migration away from big tech toward self-hosted, sovereign, free and open-source infrastructure, with deployment available in green data centers in Switzerland, Germany, Iceland, and New Zealand. Its training services are aimed at both technical teams and people with limited technical backgrounds, and it also offers a train-the-trainer model.
The main site does not publish pricing, packages, or payment methods, so the service is likely priced on a custom project basis. Its delivery model leans toward in-depth consulting and long-term relationships rather than online self-service purchasing. The website also stresses that it works with only a small number of clients at a time, one by one. This can help sensitive organizations receive more context-specific support, but it also means scheduling, delivery speed, and scalability may be uncertain.
The main advantage is Nīkau’s deep understanding of the security needs of NGOs, activists, and organizations operating in hostile environments. Its services cover the full chain from pre-action safety and technical audits to migration, deployment, and training enablement. It also emphasizes NDAs, end-to-end encrypted self-hosted document servers, and AES-XTS file-system encryption. The drawbacks are the lack of publicly listed compliance certifications, SLAs, pricing, and standardized service descriptions. Its mission-based screening also means it is not a good fit for ordinary commercial enterprises looking to procure general-purpose outsourced security services.
Nīkau is best suited to environmental, human rights, nonprofit, and social movement organizations, especially teams looking to move away from large SaaS platforms and build open-source, self-hosted collaboration environments. The main site does not provide information on accessibility from mainland China, and payment methods are also unknown. If access or communication is limited, alternatives may include local penetration testing firms, providers that deploy open-source collaboration platforms, or international nonprofit security support resources such as Access Now and Tactical Tech.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on nikau.io official site.
nikau.io is an New Zealand Cybersecurity provider. TG4G tracks its product information, an overall rating of 6.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach nikau.io directly.