IT Security - BrightCloud Technologies
Happy Users | Better Business

Sales 0370 770 9722
Support 0370 770 4548

IT Security

Increase Your Cyber Resilience

IT security is the number one issue driving decisions at board level. As cyber threats become more prolific and more innovative, businesses need to make sure they are protecting their data, applications and users. And in our post-GDPR and social media world they need to prove that they have adequate cyber resilience to reassure shareholders, customers and suppliers.

IT security postures have changed over the last few years as applications and data have moved into the cloud and users have become much more mobile. Defending the perimeter is no longer a viable strategy when the perimeter no longer exists.

BrightCloud provides guidance and consultancy to help organisations of all sizes assess their vulnerabilities, plug the gaps, and improve their overall cyber resilience.

Three Guiding Principles to Better Security

To help address the risks and frame your cyber defence posture we use three guiding principles:

  1. Cyber Essentials Plus
  2. Zero Trust
  3. SASE

What is Cyber Essentials Plus?

BrightCloud recommends CE+ as the baseline for all organisations. This government certified standard ensures that the risks are fully understood and addressed, it tackles the main Cyber risks with the appropriate response, achieves a certified standard and then continues to manage and monitor for continued improvement.

CE+ is essential for any organisation seeking to do business with Government organisations and will become more and more important in the future; as the standard is adopted more widely.

Cyber Essentials includes the top 11 areas for an adequate security posture

  1. Network security
  2. Malware prevention
  3. User education and awareness
  4. Removable media controls
  5. Secure configuration
  6. User privileges
  7. Incident management
  8. Monitoring
  9. Mobile working
  10. Risk management
  11. Patching

What is Zero Trust?

The main concept behind zero trust is that devices should not be trusted by default, even if they are connected to a managed corporate network such as the corporate LAN and even if they were previously verified. In most modern enterprise environments, corporate networks consist of many interconnected segments, cloud-based services and infrastructure, connections to remote and mobile environments, and increasingly connections to non-conventional IT, home networks are full of IOT devices.

Zero Trust is a security model that requires strict identity and device verification regardless of the user’s location. No single specific technology is associated with Zero Trust architecture; it is a holistic approach to network security that incorporates several different principles and technologies. The main guiding principles of Zero Trust are:

  • Assume you are breached (limit the breach)
  • Verify everything explicitly
  • Use least privileged access
  • Use micro-segmentation
  • Monitor your environment

What is SASE?

Secure Access Service Edge (SASE) is a security approach that is changing the way organizations secure the data, resources, and users present in their networks.

Security is moving from Site-Centric to User-Centric, therefore the requirement is to manage the security profile of a given employee inside or outside the office, no matter their location. Your organisation needs to be able to deliver integrated, sophisticated, security ideas into every corner of the network, including cloud, creating a more manageable/scalable security solution that can be instantly deployed to new departments and employees.

The barrier to this is often the number of technologies already invested in the business, multiple point products addressing different threat vectors are not easy to combine into a scalable SASE solution.

Essentially SASE is built on three things; Zero Trust remote access enabling users to access internal resources, Internet Security for user or branch connections to the Internet and/or SaaS, and finally, branch office to branch office interconnectivity. SASE should include the ability to identify sensitive data or Malware and the ability to decrypt content at line speed with continuous monitoring of sessions for risk and trust levels, which means your SASE shopping list should include:

  • Software Defined Wide Area Network (SD-WAN)
  • Secure Web Gateway (SWG)
  • Cloud Access Security Broker (CASB)
  • Zero Trust Network Access (ZTNA)

Our Services

Cyber Essentials Plus (CE+) is a standard set by the National Cyber Security Centre (NCSC) which is updated frequently to help counter emerging cyber threats. It help guide your businesses security posture and provides evidence that you are defending your organisation and customer data adequately, and that you have the protections in place to meet these evolving threats.

The key challenge for businesses seeking CE+ accreditation is collating and managing all the information needed for the audit. CE+ in a box from BrightCloud uses a proven methodology to get your business Cyber Essentials Plus accredited in the shortest and most cost effective way.

BrightCloud Patch Management as a Service (PMaaS) is designed to remove the burden of managing patching cycles for your virtual or physical server estate, whilst giving you the peace of mind that you are up to date.

BrightCloud PMaaS is powered by Ivanti Patch Management Software.

BrightCloud’s risk-based Vulnerability Assessment and Management focuses on the vulnerabilities and assets that matter most, while deprioritizing the vulnerabilities that attackers are unlikely to exploit.

This proactive, risk-driven approach delivers comprehensive, continuous visibility and informs technical and business decisions. This service will:

  • Assess all your assets for vulnerabilities and misconfigurations continuously
  • Measure the vulnerability’s risk to your business using threat intelligence and asset criticality
  • Predict which vulnerabilities present the most risk to your organization, and remediate them
  • Deliver risk-based information to business owners

This service not only identifies and categorises vulnerabilities but can also remediate them.

Censornet Web and Email Security protects your organisation from web-borne malware, offensive or inappropriate content, and known, unknown and emerging email security threats. Stop large-scale phishing, targeted attacks, CEO fraud and malware in their tracks.

BrightCloud manages and supports your use of Microsoft 365 and included in that support is ensuring that all your users have MFA enabled and their access is managed via by Azure AD with a P1 or P2 license being required for conditional access. For those requiring a more sophisticated login experience BrightCloud also offers a Single Sign On solution (SSO).

Cyber security education addresses the human dimension by testing user awareness and then targeting users with relevant training. Our service includes the delivery of a series of phishing simulation campaigns that are designed to help increase user awareness of phishing emails, and boost confidence in reporting any that by-pass your technical defences.

The training portal includes content that can also be used for other cyber security training sessions without the need for an initial phishing campaign.

Why BrightCloud?

BrightCloud is a IT managed services provider with over 20 years experience dealing with Mid Market and Enterprise customers. Many organisations struggle to find their security baseline, we believe that Cyber Essentials Plus provides that baseline. BrightCloud works with you to understand your security needs, conduct a gap analysis and help you on your journey to strong cyber resilience and CE+.

We work closely with our accredited partners to develop innovative technology strategies and produce the most effective results for our customers.


BrightCloud have proved to be exceptional hosts for the Trust’s system. BrightCloud are fully conversant with the software, which enables their suppo…



BrightCloud part of the Open Reality Group