DEFENCE IN DEPTH · ALWAYS ON

0.0min avg response to an incident
0%of tenants MFA / Security-Defaults enforced
0day patch window, deployed via RMM
0-ptfree security check, written report in 24h
The reality for SMEs

Attacks are getting smarter. The basics still stop most of them.

Modern phishing is well-written, contextual and built to bypass even good filters. If something looks off, don’t click it. Send it to us and we’ll detonate it safely in a sandbox before it touches your system.

The businesses that stay protected aren’t the ones spending the most. They’re the ones with the fundamentals configured properly: MFA, patching, device management, email hardening. And a team keeping watch.

If the worst happens, speed matters. Our 3.3-minute average first response means we’re on it fast: immediate lockout and recovery, then a full investigation and a written report on what happened, why, and exactly what needs to change.

94% of malware is delivered by email
82% of breaches involve a human element: phishing, stolen credentials
43% of cyber attacks target small businesses
£3,230 average cost of a cyber incident for a UK small business (NCSC)
What we cover

Cyber security built into your IT support

Security is part of managed support, not bolted on. Our Premium plan (£55/user) bundles email security, cloud backup, on-site support and Cyber Essentials. Standalone products are available for Standard-plan clients too.

01

Microsoft 365 Security

MFA, Conditional Access and Microsoft Defender configured properly across your whole tenant. No Business Premium? We enable Security Defaults as a minimum. It’s the step most MSPs skip.

02

Endpoint Protection & EDR

Microsoft Defender for Business or Bitdefender on every device. Real-time detection, behavioural analysis and automatic response. Not just antivirus, but EDR that catches what signatures miss.

03

Email Security

Anti-phishing and anti-spoofing policies, DMARC/DKIM/SPF configured correctly, and impersonation protection. Email is how most attacks arrive, so yours gets hardened.

04

Device Management (Intune)

Every Windows device enrolled in Intune with compliance policies enforced. Non-compliant device? It doesn’t get company data. Conditional Access ties it together.

05

Patch & Vulnerability Management

OS and application patches deployed automatically via our RMM. Vulnerability scanning finds exposure before attackers do, and asset inventory means nothing falls through the cracks.

06

Cyber Essentials Certification

The full process: audit, remediation, submission and assessor liaison. We fix what you’d fail on before submitting. Cyber Essentials Plus and ISO 27001/9001 gap analysis available too.

Cyber Essentials certification

We don’t just submit your answers. We make sure you pass.

Most businesses treat Cyber Essentials as form-filling. We treat it as a genuine security improvement, and we fix the gaps before your assessor ever sees them.

01

Pre-submission audit

We review your environment against the requirements first and document exactly what you’d fail on: end-of-life hardware, missing MDM, firewall config, access controls. You get a clear remediation plan.

02

Remediation

We fix the gaps: replace an end-of-life firewall, roll out Intune, configure Conditional Access and compliance policies, and create the missing joiners/leavers and new-user processes.

03

Submission

We complete and submit the questionnaire for you. We know what assessors look for and how to present your environment accurately. No guessing, no back-and-forth.

04

Certification & upkeep

We manage annual renewal and keep you at the standard year-round, so renewal is a formality. Cyber Essentials Plus and ISO 27001/9001 gap analysis available.

Why it matters: Cyber Essentials is now required to bid for many UK government contracts, earns lower premiums from some insurers, and is increasingly a baseline procurement teams demand before onboarding suppliers.

Cyber Essentials pricing

IASME fees are fixed by organisation size; our time varies with the state of your security. All prices + VAT.

Micro
0–9 employees
IASME fee£320
Our time£750–£1,500
Typical total£1,050–£1,800
Small
10–49 employees
IASME fee£440
Our time£1,000–£2,500
Typical total£1,450–£2,950
Medium
50–249 employees
IASME fee£500
Our time£2,500–£7,500
Typical total£3,000–£8,000
Get a Cyber Essentials quote
Free security assessment

The WikiTech 12-point security check

Twelve areas that decide how exposed you really are. We check each, document what we find, and give you a plain-English written summary within 24 hours. No jargon, no sales pitch.

01

Multi-factor authentication

Is MFA enforced for all users? Are admin accounts separately protected? Most account compromises are preventable with MFA alone.

02

Email security

Are anti-phishing and anti-spoofing policies active? Are your DMARC, DKIM and SPF records configured to prevent impersonation?

03

Conditional Access & baseline

Business Premium / P1: are Conditional Access policies enforced and legacy auth blocked? Otherwise: are Security Defaults enabled? Most MSPs don’t bother.

04

Endpoint protection

Is EDR/antivirus active and current on every device, including personal devices used for work? Are detections reviewed?

05

Patch & vulnerability management

Are OS and app patches applied within 14 days? Is there an asset inventory? Any end-of-life software still in use?

06

Device management (MDM)

Are all Windows devices enrolled in Intune with active compliance policies? Unmanaged devices can’t be monitored, patched or wiped.

07

Firewall & network security

Is your firewall current and not end-of-life? Is guest Wi-Fi separated from your corporate network? A core Cyber Essentials requirement.

08

User access & admin separation

Are admin accounts used only for admin tasks? Is access least-privilege? Any shared accounts? Privileged access is heavily exploited.

09

Backup & recovery

Are backups running, restore-tested, and stored separately from the systems they protect? When did someone last verify a restore worked?

10

Joiner / leaver process

Is onboarding and offboarding documented? Are accounts disabled the day someone leaves? Are access rights reviewed on role change?

11

Security awareness training

Have all staff completed phishing awareness training in the last 12 months? Human error causes most incidents. Training is the cheapest control.

12

Incident response plan

Is there a written plan? Do the right people know who to call, what to isolate and what not to do if breached? A plan written after the event is too late.

We run all 12 points with you in a free 1-hour assessment. Written report within 24 hours.

Book your free security assessment
Our approach

Cloud-first security. Built on Microsoft.

We build security around the Microsoft stack (Defender, Intune, Entra ID, Conditional Access) rather than bolting on expensive hardware that adds complexity without adding protection.

Got on-site infrastructure? We’ll support it, and give you an honest picture of what moving to the cloud would mean for security and cost. No pressure, just a straight technical view from your TAM.

  • No unnecessary hardware. We recommend what fits, not what earns the biggest margin.
  • Tools you already have, configured properly.
  • Quarterly security reviews from your Technical Account Manager, not just when something breaks.
  • Custom automation where it removes manual risk and human error.

Our security stack

Tools we deploy and configure for clients

Microsoft Defender for BusinessEDR + AV
BitdefenderEmail + AV
Microsoft IntuneMDM + Compliance
Microsoft Entra IDIdentity + Access
Conditional AccessBP / P1
Security DefaultsAll tenants (min)
RMM · Patch & Vuln MgmtAll clients
What Kent clients say

Security that has already paid for itself.

“WikiTech spotted and blocked a live phishing attack before a single penny left the business.”

UK Pool Store · E-commerce & Retail · Kent

“The switch from our old provider was seamless. WikiTech handled everything. We barely noticed the changeover was happening.”

Commercial Leisure Services · Kent

“We save around £800 a month since WikiTech moved us to Azure Virtual Desktop. But honestly the bigger win is having IT that just works.”

So Clean · Facilities & Services · Kent
The team behind the tickets

A real team behind every ticket.

WikiTech is not a helpdesk of anonymous agents. It is a team of senior engineers based in Maidstone, led by our CTO on security, who know your business and your systems.

When something looks wrong, you reach people who already know the context. No scripted responses, no bouncing between departments, and no re-explaining your setup every time.

Meet the team
Watch: three minutes inside WikiTech
Common questions

Cyber security questions

Security is built into managed IT support, not sold separately. The Standard plan (£40/user) includes Microsoft Defender configuration, Intune MDM, patch management and Microsoft 365 hardening. The Premium plan (£55/user) adds email security, cloud backup, on-site support and Cyber Essentials support, with no separate per-product billing. Certification itself is quoted separately, as cost depends on your organisation size and the remediation required.

Business Premium unlocks Conditional Access and the full Defender for Business suite, and we recommend it where budget allows. But we don’t leave clients on lower licences exposed: we enable Microsoft Security Defaults on every tenant we manage, which most MSPs skip because it creates more support tickets. We do it anyway.

Typically 4–8 weeks from initial assessment to certification, depending on remediation needed. We complete the pre-audit, fix everything that would cause a failure, then submit and liaise with the assessor directly. You’re not left form-filling.

Usually security and IT support are too intertwined to separate cleanly: patching, device management and access controls touch everything. The honest answer is it works better as part of a full managed relationship. Book a conversation and we’ll give you a straight answer for your situation.

We move fast. First step is immediate lockout: password reset, session revocation and MFA re-enrolment to cut off access. Then we investigate how they got in and what was accessed, handle any ICO reporting if personal data was involved, and give you a full written report: what happened, why, and what needs to change to prevent it.

Ask them for a written summary of your security configuration: MFA status, patch compliance, Intune enrolment rates, firewall model and firmware. If they can’t produce that within a day, that’s your answer. Our free 12-point security check tells you exactly where you stand.

Find out where you actually stand.

The free 12-point security check takes an hour. You get a written report in 24 hours: plain English, no jargon, no sales pitch.

Most calls answered within 4 rings  ·  ENQUIRIES 020 3822 0899  ·  SUPPORT 01622 586 001