The audit found gaps. The board wants assurance. And your security posture was built for a world that no longer exists.

Identity management, zero trust architecture, E5 security configuration, and Azure hardening — each scoped per engagement, each closing real gaps in your posture.

Scope a security engagement Browse templates

SOC

24/7 managed security operations
via CloudShield

Microsoft Security Partner
certified

engagement templates
identity to zero trust

From £25k

Identity & Access Management
3–12+ weeks

How we do this

We harden your security posture using the Microsoft stack you already own — not by layering on third-party tools that create new attack surfaces. Start with identity and access management as your foundation, configure E5 security properly, harden your Azure environment, then design zero trust architecture across the estate. Every engagement closes specific gaps. Every one connects to CloudShield managed security so the hardening is sustained, not abandoned after project handover.

Microsoft Security Partner Cyber Essentials Plus ISO 27001 G-Cloud 14

Four templates. Harden your posture. Prove compliance.

Pick the template that matches your most urgent gap. Each has a defined scope — from identity foundations through to full zero trust architecture.

Identity & zero trust

CY-001

Identity & Access Management Service

Entra ID deployment, MFA, conditional access, lifecycle automation. Foundation for zero trust.

3–12+ wks £25k–£120k+

View detail CY-002

Zero Trust Design & Implementation

Design and implement zero trust architecture — identity, device, network, application, data.

Scoped per engagement Scoped per engagement

View detail

Security posture

CY-003

E5 Security Services

Configure and optimise Microsoft 365 E5 security stack — Defender, Purview, Compliance.

Scoped per engagement Scoped per engagement

View detail CY-004

Azure Security Services

Harden Azure environments — policies, Defender for Cloud, security baselines.

Scoped per engagement Scoped per engagement

View detail

Identity & access

Identity is the new perimeter. Get Entra ID deployed properly, enforce MFA, automate lifecycle management, and build the foundation everything else depends on.

What you get

Entra ID deployment and configuration
MFA rollout across the organisation
Conditional access policy design
Joiner/mover/leaver lifecycle automation

Timeline

3–12+ weeks

Starts with identity audit, ends with enforced policies and automated provisioning.

Price range

£25k – £120k+

Published on G-Cloud 14. Scope depends on user count, federation complexity, and legacy platform migration.

Security posture

You’re paying for E5 and Azure security features. Make sure they’re actually configured. Most organisations have the licences but haven’t turned on the controls.

What you get

Defender for Endpoint configuration
Defender for Office 365 hardening
Purview compliance policy setup
Security baseline documentation

Timeline

Scoped per engagement

Depends on current configuration maturity and number of workloads.

Price range

Scoped per engagement

Published on G-Cloud 14. We scope based on your current state and priorities.

What you get

Azure Policy configuration
Defender for Cloud deployment
Security baseline implementation
Remediation plan for identified gaps

Timeline

Scoped per engagement

Depends on number of subscriptions and current security posture.

Price range

Scoped per engagement

Published on G-Cloud 14. We scope based on your Azure estate and compliance targets.

Zero trust

Zero trust isn’t a product you buy — it’s an architecture you design. We help you design and implement it across identity, device, network, application, and data layers.

What you get

Zero trust maturity assessment
Architecture design across five pillars
Implementation roadmap and priorities
Policy configuration and enforcement

Timeline

Scoped per engagement

Depends on organisational complexity and current maturity across the five pillars.

Price range

Scoped per engagement

Published on G-Cloud 14. We scope based on your starting position and target architecture.

Proof

CloudShield managed security

Project-based security hardening is only half the picture. CloudShield provides 24/7 SOC, SIEM, and MDR — so the controls you implement are monitored and maintained.

Government Cyber Action Plan

The January 2026 Government Cyber Action Plan sets clear expectations for local authority cyber resilience. Our engagements map directly to its requirements.

Cyber Security & Resilience Bill

Upcoming legislation will expand cyber security obligations across public services. Start hardening now so compliance is a checkpoint, not a scramble.

Is this for you?

An audit found gaps in your security posture

Internal audit or external assessment flagged identity, access, or configuration weaknesses. You need structured remediation, not just a findings report. Start with Identity & Access Management or Azure Security Services.

You’re paying for E5 but haven’t configured it

Defender, Purview, and compliance features are included in your licence but still at default settings. You’re paying for protection you’re not using. Start with E5 Security Services.

The board is asking about zero trust

Zero trust is on the agenda but nobody has a plan. You need architecture, not another strategy deck. Start with Zero Trust Design & Implementation.

Procurement frameworks — G-Cloud 14, TS4, and direct award routes on our Framework Procurement page.

Tell us what’s driving the conversation — an audit finding, a compliance deadline, a breach scare, or just a feeling that you’re exposed. We’ll come back with the right engagement template — security assessment, incident response, or a full security transformation. A team shape and a price, usually within 48 hours.

Or email us directly: info@agilisys.co.uk