Cyber Essentials &
Cyber Essentials Plus
Certification done properly. Security that actually holds up.
Cyber Essentials isn’t just a badge.
It’s a baseline of security controls that every organisation should meet — and a requirement increasingly demanded by customers, insurers, regulators and supply chains.
But achieving Cyber Essentials or Cyber Essentials Plus isn’t about boxticking. It’s about designing environments,
processes and technical controls that are consistent, enforceable, and resilient under realworld conditions.
At Deane Computer Solutions, in partnership with CyberTecSecurity.com, we guide organisations through the entire journey —
from initial assessment to certification, and ongoing compliance. Calmly. Methodically. Properly.
Why Cyber Essentials Matters
Cyber Essentials is the UK's baseline security
standard, designed to protect againstn the most common
cyber threats including:
- Account compromise (Microsoft 365, email, cloud services)
- Malware and ransomware attacks
- Patch failures and configuration drift
- Phishing and social engineering
- Poor device management
- Uncontrolled access to business systems
Passing certification proves that your organisation:
- Has basic controls in place
- Reduces the majority of common cyber attack vectors
- Takes security seriously
- Meets supplier and insurer expectations
Passing Cyber Essentials Plus proves the controls actually work — because
they’re independently validated.
How We Deliver Cyber Essentials Certification
We follow a structured, proven process that removes guesswork, avoids lastminute panic,
and embeds security as a working capability, not a oneoff event.
Your certification journey looks like this:
1) Site & Environment Assessment
We begin with a clear analysis of your environment — not just the paperwork.
This includes:
- Reviewing devices, operating systems and patch status
- Mapping identity, access and authentication
- Network and firewall health checks
- Cloud service configuration (Microsoft 365, email, OneDrive, SharePoint, Teams)
- Reviewing password, MFA and access policies
- Identifying gaps, risks and noncompliant areas
You get a clear, prioritised plan showing:
- What must change
- What must be enforced
- What must be documented
- What must be tested
No guesswork. No vague instructions.
A clear route from where you are to where you must be.
2) Deployment of RMM for Compliance & Updates
Certification requires proven, consistent, monitored device compliance.
We achieve that using Remote Monitoring & Management:
- Automated patching of OS and applications
- Enforcement of security baselines
- Realtime device health and compliance monitoring
- Detection of misconfiguration and drift
- Automated remediation where possible
Most organisations fail Cyber Essentials due to patch drift, inconsistent builds, or unmanaged devices.
Our RMM platform removes that risk entirely.
3) Policies & Process: Documented, Practical, Enforceable
Cyber Essentials requires written policies.
We create them — but more importantly, we make sure they reflect what actually happens in practice.
We build or refine:
- Acceptable use policy
- Password and MFA policy
- Access control policy
- Patch management policy
- Backup & continuity standards
- BYOD / remote access
- Change and configuration control
Policies aren’t templates from Google.
They reflect your environment so you pass and stay compliant afterwards.
4) Intune, Entra & RMM Enforcement
Cyber Essentials is ultimately about control.
We combine:
Microsoft Intune
- Device compliance
- Configuration profiles
- Endpoint protection
- Conditional access
Microsoft Entra (Azure AD)
- MFA enforcement
- Password policies
- Identity governance
- Privileged access controls
RMM
- Patch automation
- Monitoring
- Drift detection
Together, these create a security model where:
- Devices must be healthy to access business systems
- Users must authenticate securely
- Policies are enforced, not optional
- Compliance is continuous, not onceayear
This is the difference between passing a test and operating securely.
Compliance shouldn’t feel like a yearly scramble.
We turn it into a quiet, predictable part of operations.
5) Certification (Cyber Essentials & Cyber Essentials Plus)
Once controls are in place:
Cyber Essentials
We prepare and submit your assessment through our CyberTecSecurity partner,
ensuring:
- All questions answered correctly
- Evidence is accurate
- Scope is defined properly
- Nothing is left to chance
Cyber Essentials Plus
This is where testing becomes handson.
We work with CyberTecSecurity auditors to:
- Provide access to test devices
- Prove patching and configuration compliance
- Demonstrate malware protection
- Validate MFA and password policy
- Evidence firewall and boundary security
6) Management, Monitoring & Continuous Compliance
Cyber Essentials certification lasts 12 months.
Cyber attackers don’t wait 12 months.
We provide optional ongoing support including:
- Continuous monitoring of compliance
- Automated enforcement of device and identity policy
- Monthly reports showing patch status, MFA enforcement, and device health
- Policy updates as requirements evolve
- Prerenewal assessment to ensure next certification is straightforward
Compliance shouldn’t feel like a yearly scramble.
We turn it into a quiet, predictable part of operations.
Why Deane Computer Solutions
Organisations work with us because:
- We combine security, identity, device management and continuity into one aligned strategy.
- We understand what auditors look for — and what fails organisations.
- We don’t just fix symptoms. We design environments that stay compliant.
- We take ownership of configuration, documentation, testing and renewal.
- We partner with CyberTecSecurity.com for fully accredited Cyber Essentials Plus auditing.
- We think ahead, communicate clearly, and remove surprises.
Cyber Essentials is not a checkbox. It’s the foundation of a secure, wellmanaged environment.
Talk to Deane Computer Solutions
To discuss how we can help you protect your business and keep it moving forward