SMB1001 - Tier 1 (Bronze)

Cyber Security Essentials

Designed for micro-businesses and early-stage organisations seeking fundamental protection against common cyber threats. This tier includes essential controls such as managed antivirus, firewall configuration, patch management, password policy enforcement, and automated cloud backups.
SMB1001 Tier 1 - Bronze

Service Description

Bronze is our entry-level Cyber Security Essentials bundle, providing the fundamental protections every small organisation needs to defend against common cyber threats. 

It meets all SMB1001 tier 1 requirements, making it an ideal starting point for businesses beginning their cybersecurity journey and seeking SMB1001 certification. This tier delivers core security measures – from managed antivirus and firewalls to automated backups – in a simple, cost-effective plan. With Bronze, you gain peace of mind that your business and customer data are safeguarded by industry best practices without the need for in-house IT staff. 

Benefits

How it Works

Key Controls & Implemented Solutions

To fulfil the SMB1001 Tier1 (Bronze) requirements,
the CyberGrape Bronze package delivers the technologies and services, mapped to each requirement:

Engaged IT Support Specialist (MSP/Vendor)

We provide a dedicated technical support specialist as your managed service provider, offering regular assistance for day-to-day IT security needs (fulfilling control 1.1.0.0). This ensures you have expert help to implement and maintain all Bronze-level measures. (For example, an SLA with 8-hour response for incidents is established per guidelines.)

We install and configure a firewall where your network connects to the internet, and ensure all devices have their host firewalls enabled (addresses 1.2.0.0). Default passwords on firewall devices are changed and configurations are reviewed for security. This reduces unauthorised access and protects your network boundaries.

All organisational devices are equipped with next-generation anti-virus (e.g. Microsoft Defender) with automatic updates enabled (fulfilling 1.3.0.0). We pair this with an EDR agent (Huntress) that monitors for threats; if malware is detected, Microsoft Defender blocks it and the Huntress agent alerts our Security Operations Centre (SOC) for investigation. This protects against malware infections and ensures no threat slips by unnoticed.

We configure automatic installation of tested and approved software updates on all PCs, laptops and devices (fulfilling 1.4.0.0). Using our RMM platform (NinjaOne), systems receive the latest patches promptly, so there are no unpatched vulnerabilities for attackers to exploit. If auto-update isn’t possible for certain systems, our team manually updates them at least every 3 months per policy.

We implement basic access management practices such as ensuring default device passwords are changed and that staff update passwords regularly (fulfilling 2.1.0.0). We help you establish a routine (at least annual) password change schedule and secure passphrase standards for all user and device accounts. This reduces the risk of unauthorised access via credential guessing or reuse

An automated cloud backup solution (e.g. Keepit) is deployed to back up all important digital assets, with at least daily frequency. This satisfies 3.1.0.0, requiring a backup and recovery strategy for critical data. Backups are stored encrypted off-site (with options for NZ/Australia data residency), and we can restore data within minutes in case of ransomware or data loss. This ensures operational resilience – even if files are encrypted by malware, you can recover quickly.

Achieve SMB1001 certification with CyberGrape.

For businesses with a low risk profile, the CyberGrape Cyber Security Essentials (Level 1) package provides a strong foundation for cyber security.

By Implementing this custom SMB1001 package by CyberGrape, it will position your organisation to successfully achieve CyberCert Bronze (SMB1001 Level 1) certification, demonstrating to clients, partners, and insurers that you meet an internationally recognised security standard.

Certification also provides third-party assurance and a publicly verifiable record of your commitment to responsible cyber risk management.

Schedule a discovery call

Don’t Wait for a Breach. Take Control of Your Cyber Risk Now.

Lock down your business with proactive, proven, certified cyber defence

Contact Us

Considering a different Tier of certification?

CyberGrape can support your business in other tiers of the SMB1001 certification

Silver

Gold

Platinum

Diamond