South West office · UK-wide Mon–Fri 9–6 · 24/7 emergency
hello@unity-tech.co.uk 0330 024 8222
Service 2 of 4

Lock the doors. Test the locks.

Endpoints, identity, email and backups, set up the way they should be. MFA enforced. Phishing tested on real staff. Cyber Essentials Plus passed in six weeks for our last three clients who asked.

Book a security review Call 0330 024 8222
Cyber security operations
Where most SMEs lose ground

Most breaches we see are still old-school.

Someone clicks a dodgy link in an email. An admin account doesn't have a second login step set up. A backup hasn't been tested in eight months and turns out to have been failing silently. Nobody got hit by a clever new attack, they got hit by basic hygiene gaps.

Our job is to close those gaps and keep them closed. Anti-virus that catches new threats on every laptop (SentinelOne). Login rules that block strangers from getting in (Conditional Access and MFA). Backups we actually test by restoring them (Acronis). Pretend phishing emails sent to the team on rotation, so they learn to spot the real ones.

If you're chasing Cyber Essentials Plus or filling in a security questionnaire from a big customer, we'll handle the paperwork too. We've done over 40 of them.

Threat protection

Advanced security monitoring

Compliance support

Cyber Essentials & GDPR ready

User training

Security awareness programmes

24/7 monitoring

Always watching for threats

How a security engagement runs

Three jobs we keep doing.

Step 01

Find the gaps

Posture review against Cyber Essentials, an external scan, an account audit. You get a written list ranked by what's most likely to bite first.

Step 02

Fix the gaps

SentinelOne onto every endpoint, MFA on every account that doesn't have it, conditional access policies that block the obvious nonsense, backups proven by actual test-restore.

Step 03

Keep watching

Out-of-hours alerts handled by an on-call engineer. Phishing tests on a quarterly rotation. Patch reports you can actually read. If something hits, we're already in.

What's in scope

Four areas, one bill.

Device & Endpoint Security

Devices & email

  • Block viruses, ransomware and dodgy software on every deviceSentinelOne XDR endpoint protection across Windows, Mac, iOS and Android
  • Filter dangerous emails before they reach the inboxMicrosoft Defender for Office 365, anti-phishing, attachment sandboxing and link rewriting
  • Manage company phones and tablets centrallyMicrosoft Intune mobile device management with security policies and app control
  • Encrypt laptops so a thief can't read your dataBitLocker / FileVault disk encryption enforced via policy
  • Wipe a lost laptop or phone remotely from the officeRemote wipe and selective wipe via Intune for lost or stolen devices
Security Consultancy

Reviews & advice

  • A clear list of where you're exposed todaySecurity risk assessments and posture review against Cyber Essentials
  • Written rules so staff know what's expectedAcceptable use, password and incident response policy authoring
  • Test the locks by trying to break inExternal vulnerability scans and pen-testing arranged through specialist partners
  • A plan for when (not if) something goes wrongIncident response runbooks and tabletop exercises
  • A second pair of eyes on a planned projectSecurity architecture review and design sign-off
User Awareness Training

Training the team

  • Test staff with realistic fake phishing emailsQuarterly phishing simulations with click-through reporting per user
  • Short training that isn't a 90-minute lectureBite-sized security best-practice e-learning, refreshed quarterly
  • Help everyone use a password manager and 2-step loginKeeper password vault rollout and MFA enrolment support
  • Spot the tricks scammers use on the phone tooSocial engineering and vishing awareness workshops
  • Heads-up emails when a real scam is doing the roundsThreat-intel briefs sent to all clients when something is actively in the wild
Cyber Essentials & Plus

Pass the cert first time

  • Walk through the questionnaire with youCyber Essentials self-assessment preparation
  • Fix the gaps before the auditor sees themPre-audit remediation list ranked by likelihood of failing
  • Sit alongside you on the Plus audit dayCyber Essentials Plus on-site/remote audit support with our specialist partner
  • Keep the cert valid year on yearAnnual renewal management and evidence collection
  • Use the badge to win contractsLogo, certificate and supporting documentation for tender responses
ISO 27001 & GDPR

Bigger frameworks, no Big Four bill

  • Be honest with customers about how you handle their dataGDPR compliance assessment, ROPA, DPIA and policy implementation
  • Get ready for ISO 27001 without breaking the bankISO 27001 gap analysis, ISMS documentation and pre-audit support
  • Answer the security questionnaire from a big customerVendor questionnaire response support (SIG, CAIQ, custom)
  • Handle a data breach properly if one happensICO breach notification process and incident-response runbooks
  • Stay compliant once you've passedOngoing evidence collection, monthly compliance reports and renewal management
Bespoke security

Worried about something specific?

If you're not sure where you stand, or you've been asked a security question by an insurer, an investor or a customer, drop us a line. We'll spend a couple of hours looking at your setup and tell you, in writing, what's actually risky.

Free, no follow-up sales call unless you ask for one.

Book a security review
What do these security terms actually mean? Quick plain-English glossary.
Endpoint
Any device a person uses, laptop, desktop, phone, tablet.
Phishing
Fake emails or messages designed to trick someone into clicking a link or handing over a password.
MFA / 2FA
"Multi-factor" or "two-factor" login. After your password, you also confirm with a code from your phone or an app.
Conditional Access
Microsoft's rule engine for logins. E.g. block sign-ins from countries you don't operate in.
Ransomware
Malicious software that locks all your files and demands payment to unlock them.
SentinelOne
The next-generation antivirus we install on every device. Catches threats traditional antivirus misses.
Cyber Essentials
UK government-backed certification proving you have basic security in place. Often required to win contracts.
Cyber Essentials Plus
Same as above, but an auditor actually tests your systems rather than just reviewing a questionnaire.
ISO 27001
An international security standard. More work than Cyber Essentials, often asked for by enterprise customers.
GDPR
UK and EU data protection law, covers how you store and handle customer or staff personal data.
Last quarter, in numbers

What our security stack catches.

0%

Threat detection rate (SentinelOne)

0min

Incident first-response

0/3

Recent Cyber Essentials Plus audits passed first time

0%

Avg. phishing click-rate after training

A client

Financial services firm, 25 staff.

"We needed Cyber Essentials Plus to keep a contract. Unity got us through the audit on the first attempt in six weeks, then ran a phishing campaign that caught half of us. Six months later, click-rate's down to 3%."

James ThompsonManaging Director, financial services firm (25 staff)
Roll-out

Roughly four weeks from kick-off.

Week 1

Posture review

External scan, account audit, backup test, written report ranking what to fix first.

Week 2–4

Deploy & train

Endpoints hardened, MFA enforced everywhere, conditional access policies live, first phishing campaign run.

Ongoing

Watch & test

Out-of-hours alerts via on-call engineer. Quarterly phishing tests. Monthly report. External pen-test arranged through a specialist partner when you need one.

Have us look at your setup.

We'll spend a couple of hours reviewing your current posture and write up what's most likely to bite first. Free, no obligation.

Book a security review