Helping you to keep your data secure and prevent cyber security issues, we provide managed cyber security services to clients in London & Surrey.


At GoodChoice IT, we’ve been keeping customers secure since 2006, providing IT security and cyber security services to clients in London and Surrey, keeping ahead of the latest cyber threats before they affect your businesses 

It’s a question of when and not if your business will be impacted by hackers, hence using a managed IT security service provides your business with the tools and expertise to prevent cyber attacks and keep your data safe.  

All businesses need a cyber risk strategy and a managed cyber security service to manage this substantial and growing risk. The potential GDPR fines and recovery costs are huge, whilst recovering from a ransomware attack can cause large financial losses and can even dent your business’s reputation and your customers’ or users’ trust.

We offer fully managed cyber security as a standalone product (MSSP) or as an add-on to our IT managed service packages. Speak to our team today to find out how we can protect your business from the growing threat of cyber attacks.



Prevent hackers from gaining access to your employees’ emails with multi-factor authentication.


We’ll detect in real-time if your business credentials have been exposed on the dark web.

Compliance for Cyber Security Insurance

We can conduct an IT audit & ongoing support to help ensure you are not misrepresenting your IT. This can lead to the risk of a claim being declined. We can help you meet and exceed Industry standards such as CyberEssentials or NIST (we are not able to offer legal advice)


Protect your emails and computer systems from ransomware attacks from hackers by utilising endpoint protection.


Carrying out a penetration test on your IT systems exposes vulnerabilities that may be exploited by hackers.


Analysing weaknesses in your IT system that may put your company and company data at risk to hackers.


Ensuring the way your data is stored to ensure compliance with all data regulations and GDPR laws.


We train your staff to help them to better recognise phishing and scam emails helping them to protect company data.


We provide a layered security approach that combines specialised security systems and best practice processes to ensure your business can survive a breach. Without these in place, it’s very unlikely your business would survive a successful cyber attack.

Our processes are designed to reduce the risks as far as possible, but we have to balance cost with benefits. The good news is better security can go hand-in-hand with increased productivity! We also provide cyber security awareness training to help keep you and your employees safe from phishing attacks and ransomware.


Our beginner cyber security package is suitable for small-sized businesses and enterprises.


  • All accounts have multifactor authentication enforced (also called MFA 2FA or 2-factor authentication) 
  • System updates including 3rd party updates applied at least daily 
  • Users are not local administrators 
  • Malware Prevention & Detection 
  • IT is possibly still seen as a cost centre and not a business enabler 

You should look at our Managed IT Services and Endpoint Management to take care of the basics first.



  • Risk planning  
  • User Training 
  • Best Practice Assessments 
  • Scenario Planning 
  • User Tools Investment (eg Password & Authentication Management) 
  • Tickbox Standards such as Cyber Essentials /CyberEssentials Plus or NIST (Including remediation plan!)  

Our Managed IT Security Service will enable your business to reduce the risks, for a cost-effective fixed monthly fee without pointless exercises, which fail to improve security as they are not implemented as too complicated or expensive. Fancy tools are of little benefit if the basics are not resolved first! 



  • 3rd party Penetration Testing & Vulnerability scanning service 
  • Security Operations Center  (SOC)
  • SIEM service for 24-7 SOC network monitoring (For high-risk firms) 
  • Compliance Management (ISO GDPR PCI etc.) 
  • Cyber Insurance Risk Review 

If your business is high-risk when it comes to cyber security or your data is attractive to hackers, you will need to invest significantly in regular assessments and a clear IT security roadmap that is aligned to your IT and overall business strategy. This bespoke solution will ensure your business can survive and prosper whilst avoiding threats.


If your business is high-risk when it comes to cybersecurity or your data is attractive to hackers, you will need to invest significantly in regular assessments and a clear IT security roadmap which is aligned to your IT and overall business strategy.

Our Managed IT Security Service will enable your business to reduce the risks, for a cost-effective fixed monthly fee without pointless exercises or magic software, which fail to actually improve security. Fancy tools are of little benefit if the basics are not resolved first! Our roadmap will move you to a zero-trust model over time.

Password Management System
Just remember one password, share and ensure each system has a strong unique password - no more post-its!
Privilege Escalation Management
Ensure users can install printers and software quickly but do not have any admin access
Dark Web Monitoring
Monitor for email’s and passwords that have leaked on the internet
Simulated Phishing Attack
Find out what your staff skills are like with recognising the latest scams
Phishing Training
Train your staff to avoid phishing scams
Vulnerability Scan / Penetration Test
Test your network security is good enough with a pen test
External Audit (from)
A full audit will ensure that nothing major has been missed
Managed Multi-Factor Authentication
All systems should support and use MFA or be decommissioned
Daily updates inc. 3rd party
Managed and applied updates for Windows, Office and other common applications
User Escalation Manangement*
Ensure users can install printers and software quickly but do not have any admin access
Malware Prevention & Detection
Software to try and detect malware and prevent its spread
Application Whitelisting
Zero trust is needed nowadays, we deploy software which locks down devices so only trusted actions can take place. This makes it vastly more difficult for ransomware etc to be deployed, users can quickly request blocked actions and the system intelligently learns normal behaviour. Its only very recently been possible to do this in very small environments, due to the high complexity of this process.
Risk planning
All the major IT risk mitigations planned out with a schedule based on the Risk Matrix
User Training
Ensure your team understand the current threats and can avoid or take action
Video Only
Best Practice Assessments
Make sure your systems follow best industry practice as it evolves
Incident Response Scenario Planning
Try and identify unknown risks and plan out the mitigation of an attack
Password & Authentication Management
Password changes and configuring MFA support issues
Cyber Essentials/Plus/NIST Tickbox filling
We will complete the various tick box exercises and make sure you know the items that need addressing if any
Remediation planning Document
Plan out what will happen in the event of an attack along with detailed documentation
Security Operations Center (SOC)
24-7 monitoring of your IT systems
SIEM service 24/7 SOC network monitoring
24-7 monitoring of your IT systems logs
Compliance Management ISO/GDPR/PCI
Completing these time consuming assessments on your behalf
Cyber Insurance Risk Review 
Dealing with cyber insurers questions and looking at the exclusions technical requirements (Some Insurers policies requirements cannot be met, this is not insurance or legal advice!)

*Allows users to, for example, install Printers and Sage updates without contacting IT support

**Please note: The above pricing structure is intended as a guide only, to give you a rough estimate of our cyber security costs. Some of the features above are included in our managed IT service packages, and hence if you take out a full managed IT service contract with us and would also like to use our full IT security services, a discount will be applied to the cost to counteract this.


Many business leaders claim to care about IT security but fail to take basic steps to keep their network secure.

At GoodChoice IT, we follow the least privilege and zero trust principles, which follows the ideology of granting minimum access for users and giving zero trust for anything both internally or externally from your network in order to minimise cyber security risks.

The risk of ransomware attacks is continuously growing, with many industries suffering at the hands of cyber criminals, especially those that are heavily reliant on IT but not necessarily in the technology or IT industry. For example, the manufacturing industry has seen ransomware attacks triple over the past year, and it’s not just production lines that can be targetted, even the energy sector’s power and energy sources can be targetted, potentially leaving populations and essential services such as hospitals, vulnerable to power cuts and energy disruption.

As IT is critical to your business it’s important to invest in good security. Our bespoke security services include high security, programmable email and web filtering, to prevent viruses and malware from infiltrating your system. Businesses who accidentally encrypt all of their files have become targets for crypto-ransomware malware, meaning cyber security is more important than ever. We can provide a tailored security solution for you to ensure your business is fully protected.