Practical protection for teams of 1–50. We start with quick wins that stop common attacks, then help you grow into recognised baselines like Cyber Essentials and align with ISO/IEC 27001 when you’re ready.

What we deliver

• Baseline hardening and Cyber Essentials prep — gap check, remediation plan, evidence pack. See Cyber Essentials.
• Secure configuration and updates — laptops, mobiles, servers; multi-factor authentication where practical. Based on the NCSC Small Business Guide.
• Backups and recovery drills — offline or immutable copy, quarterly test restores, clear recovery objectives in plain English.
• Email and domain security — phishing training; SPF, DKIM and DMARC roadmap.
• Access control and admin lock-down — least privilege, separate admin accounts, joiners-movers-leavers.
• Incident basics — first-hour checklist, isolation steps, reporting route to Action Fraud.
• Policy starter pack — acceptable use, password/MFA, update policy, backups, BYOD.
• Standards alignment — map your controls to ISO/IEC 27001 so you can formalise later.

Top tips for small businesses (start here)

1. Enable multi-factor authentication on email, Microsoft/Google, finance tools, cloud admin and VPN.
2. Automate updates for operating systems, browsers, apps and device firmware (including routers).
3. Back up and test restores — keep one offline or immutable copy; do a real restore every quarter.
4. Harden email — phishing filter, clear “report suspicious” route, short refresher training.
5. Protect your domain — set up SPF, DKIM and DMARC (start with monitoring, then enforce).
6. Use least privilege — remove shared logins; separate admin accounts; quarterly access reviews.
7. Endpoint protection — reputable security software, disk encryption, firewall on, screen-lock policy.
8. Secure configurations — change defaults; close unused ports/services; disable legacy protocols.
9. Remote work safely — SSO plus MFA; avoid exposing remote desktop to the internet; approved devices only.
10. Supplier and service resilience — record critical suppliers, contacts and workarounds if one is down.
11. Logging and monitoring — keep basic auth/admin/email logs; review alerts for high-risk events.
12. Vulnerability scanning — scan public-facing services; fix high/critical issues promptly.
13. Document essentials — short policies people will actually follow.

Typical outcomes in 30–60 days

• MFA rolled out; updates automated; backups verified with a successful test restore.
• Phishing brief completed; DMARC monitoring in place.
• Cyber Essentials application ready or submitted.

Grow your maturity when you’re ready

If something goes wrong

• Isolate the affected device or account; change passwords and enable MFA.
• Preserve basic evidence (timestamps, user, screenshots) before wiping devices.
• Restore from known-good backups; prioritise critical services first.
• Report fraud or cybercrime to Action Fraud (0300 123 2040).
• Follow NCSC response and recovery guidance.

Trusted UK resources

• NCSC Small Business Guide
• Cyber Essentials (overview)
• Incident response and recovery (NCSC)
• Exercise in a Box (free incident exercising)
• Action Fraud (report cybercrime)