Cybersecurity that actually protects your business.
Most cyber incidents aren't sophisticated attacks. They're preventable. The right configuration, the right tools, and a team that checks — before something goes wrong.
What you get with WikiTech
Cyber Essentials certification — we handle the whole process, including fixing what you'd fail on first
Microsoft Defender + endpoint protection, email security, and patch management built in
All Windows devices enrolled in Intune — monitored, patched, and compliant
Security defaults or Conditional Access policies configured on every Microsoft 365 tenant
If an email looks suspicious, we can check it safely in a sandbox environment before you open it — no risk to your system
The reality for SMBs
Attacks are getting smarter. The basics still stop most of them.
Phishing emails have changed. Modern social engineering attacks are well-written, contextually relevant, and designed to bypass even well-configured anti-phishing systems. If something looks off, don't click it — send it to us and we'll check it safely in a sandbox environment before it touches your system.
The businesses that stay protected aren't the ones spending the most. They're the ones who have the fundamentals properly configured — MFA, patching, device management, email hardening — and a team keeping an eye on things.
If the worst does happen, speed matters. Our 3.3-minute average first response means we're on it fast. We follow a clear incident procedure: immediate account lockout and recovery, followed by a full investigation into how it happened and a written report explaining what occurred, why, and exactly what needs to change to prevent it happening again.
What we cover
Cybersecurity services for Kent businesses
Security is built into our managed IT support — not bolted on as an afterthought. Our Premium plan at £55/user/month includes email security, cloud backup, on-site support, and Cyber Essentials as a complete package. Standalone security products are also available for businesses on the Standard plan.
Microsoft 365 Security
Multi-factor authentication, Conditional Access policies, and Microsoft Defender configured properly across your entire M365 tenant. For clients without Business Premium, we enable Security Defaults as a minimum — something most MSPs skip because it creates extra work for them.
Endpoint Protection & EDR
Microsoft Defender for Business or Bitdefender deployed across all devices. Real-time threat detection, behavioural analysis, and automatic response. Not just antivirus — endpoint detection and response that catches what signatures miss.
Email Security
Anti-phishing and anti-spoofing policies, DMARC/DKIM/SPF records correctly configured, and impersonation protection. Email is how most attacks arrive. We make sure yours is hardened.
Device Management (Intune MDM)
All Windows devices enrolled in Microsoft Intune. Compliance policies enforced — if a device isn't compliant, it doesn't get access to company data. Conditional Access ties it all together for clients on Business Premium or P1 licences.
Patch Management & Vulnerability Scanning
OS and application patches deployed automatically via our RMM platform. Vulnerability management identifies exposure before attackers do. Asset inventory keeps track of every device in your environment — so nothing falls through the cracks.
Cyber Essentials Certification
We take clients through the full certification process — audit, remediation, submission, and assessor liaison. We fix what you'd fail on before submitting. Cyber Essentials Plus and ISO 27001/9001 gap analysis also available.
Cyber Essentials certification
We don't just submit your answers. We make sure you pass.
Most businesses approach Cyber Essentials as a form-filling exercise. We approach it as a genuine security improvement — and fix the gaps before your assessor ever sees them.
Pre-submission audit
We review your environment against the Cyber Essentials requirements before anything is submitted. We document exactly what you'd fail on — end-of-life hardware, missing MDM, firewall configuration, access controls — and produce a clear remediation plan.
Remediation
We fix the gaps. This might mean replacing an end-of-life firewall or router, implementing Intune for device management, configuring Conditional Access and compliance policies, or creating missing policies and procedures like joiners/leavers guides and new user forms.
Submission
We complete and submit the questionnaire on your behalf. We know what the assessors look for and how to present your environment accurately and in the best light. No guessing, no back-and-forth.
Certification & ongoing maintenance
Once certified, we manage your annual renewal and keep your environment maintained to the standard throughout the year — so renewal isn't a scramble, it's a formality. Cyber Essentials Plus and ISO 27001/9001 gap analysis available for clients who need to go further.
Why this matters for your business: Cyber Essentials is now required to bid for UK government contracts. Many insurance providers offer lower premiums to certified businesses. And increasingly, larger clients and procurement teams ask for it as a baseline requirement before onboarding suppliers.
Cyber Essentials certification pricing
IASME certification fees are fixed by organisation size. Our time for scoping, remediation, and submission varies depending on the current state of your security — a business already close to the standard needs far less work than one starting from scratch.
All prices + VAT.
The range reflects the reality — a business that already has MDM, MFA, and a current firewall needs far less remediation than one starting from scratch. We'll assess your environment, tell you exactly where you stand, and give you a fixed-price proposal before any work begins.
Get a Cyber Essentials quoteFree security assessment
The WikiTech 12-point security check
Our free security assessment covers 12 areas that determine how exposed your business really is. We check each one, document what we find, and give you a clear written summary — no jargon, no sales pitch.
Multi-factor authentication
Is MFA enforced for all users? Are admin accounts separately protected? Most account compromises are preventable with MFA alone.
Email security
Are anti-phishing and anti-spoofing policies active? Are your DMARC, DKIM, and SPF records correctly configured to prevent impersonation?
Conditional access & security baseline
Clients with Business Premium or P1 licences: are Conditional Access policies enforced and legacy authentication blocked? Without those licences: are Microsoft Security Defaults enabled? (Most MSPs don't enable these — they create more support work.)
Endpoint protection
Is EDR/antivirus active and up to date on every device — including any personal devices used for work? Are detections reviewed regularly?
Patch management & vulnerability scanning
Are OS and application patches applied within 14 days? Is there an asset inventory? Any end-of-life software still in use? Unpatched systems are the most common entry point.
Device management (MDM)
Are all Windows devices enrolled in Intune with active compliance policies? Devices that aren't managed can't be properly monitored, patched, or remotely wiped if lost or stolen.
Firewall & network security
Is your firewall current and not end-of-life? Is guest WiFi properly separated from your corporate network? Firewall configuration is a core Cyber Essentials requirement.
User access control & admin separation
Are admin accounts used only for admin tasks — not day-to-day activity? Is access least-privilege? Are there any shared accounts? Privileged access is one of the most exploited attack paths.
Backup & recovery
Are backups running, tested with real restores, and stored in a separate cloud location — not on the same system they back up? When did someone last verify a restore actually worked?
Joiner/leaver process & access controls
Is there a documented process for onboarding and offboarding? Are accounts disabled the same day someone leaves? Are access rights reviewed when roles change?
Security awareness training
Have all staff completed phishing awareness training in the last 12 months? Is it documented? Human error causes the majority of incidents — training is the cheapest control available.
Incident response plan
Is there a written plan? Do the right people know who to call, what to isolate, and what not to do if you're breached? A plan written after the event is too late.
We run through all 12 points with you in a free 1-hour assessment. You get a written report within 24 hours.
Book your free security assessmentOur approach
Cloud-first security. Built on Microsoft.
We're a cloud-focused MSP. That means we build security around the Microsoft stack — Defender, Intune, Entra ID, Conditional Access — rather than bolting on expensive hardware or legacy tools that add complexity without adding protection.
If you have on-site infrastructure, we're happy to support it. But we'll always show you a clearer picture of what moving to the cloud would look like — and what the security and cost implications are. No pressure. Just an honest technical view from your TAM.
No unnecessary hardware — we recommend what fits your business, not what earns the biggest margin
Microsoft security stack — tools your team already has, configured properly
Your Technical Account Manager reviews your security posture quarterly, not just when something breaks
We develop custom apps and automation where it removes manual risk and human error
Our security stack
Tools we use and configure for clients
Common questions
Frequently asked questions
Is cybersecurity included in the base support price?
Security is built into managed IT support — not sold separately. The Standard plan at £40/user/month includes Microsoft Defender configuration, Intune MDM, patch management, and Microsoft 365 security hardening. The Premium plan at £55/user/month adds email security, cloud backup, on-site support, and Cyber Essentials support — all included, with no separate per-product billing. Cyber Essentials certification itself is quoted separately as the cost depends on the size of the organisation and what remediation work is required beforehand.
Do you need Business Premium to get proper security?
Business Premium unlocks Conditional Access and the full Defender for Business suite — and we recommend it where the budget allows. But we don't leave clients on lower licences without a baseline. We enable Microsoft Security Defaults on every tenant we manage, which most MSPs skip because it creates more support tickets. We do it anyway.
How long does Cyber Essentials certification take?
Typically 4–8 weeks from initial assessment to certification, depending on how much remediation is needed. We complete the pre-audit, fix everything that would cause a failure, then submit. You're not left doing the form-filling yourself — we handle the whole process and liaise with the assessor directly.
We already have an IT company — can you just do the security piece?
In most cases, security and IT support are too intertwined to separate cleanly — patching, device management, and access controls touch everything. The honest answer is it usually works better as part of a full managed IT relationship. Book a conversation and we'll give you a straight answer based on your situation.
What happens if an account gets compromised?
We move fast. Our first step is immediate lockout — password reset, session revocation, MFA re-enrolment — to cut off the attacker's access. Then we investigate: how did they get in, what did they access, what was exfiltrated. We handle any ICO reporting obligations if personal data was involved. Once it's resolved, you get a full written report: what happened, why, and what needs to change to prevent it. Usually that conversation involves a frank discussion about the security products that would have stopped it — not a sales pitch, just the honest answer.
How do we know our current IT company is actually securing us?
Ask them for a written summary of your current security configuration — MFA status, patch compliance, Intune enrolment rates, firewall model and firmware version. If they can't produce that within a day, that's your answer. Our free 12-point security assessment will tell you exactly where you stand.
Find out where you stand. No cost, no commitment.
Our free 12-point security assessment takes 1 hour. You get a written report within 24 hours — plain English, no jargon, no sales pitch.