Our solutions

Admin by Request

Either your company allows users to maintain local admin rights, or IT has to do countless remote installs. We can solve both issues for you with Admin by Request (ABR).

We have customers who have tried to implement allowlist solutions but have failed and come to us - because even with unlimited resources, it’s impossible to predict what your users need today. Speculating on allowlists in advance takes time and effort, and users will hate you for blocking their workday when you get it wrong.

Instead of relying on speculation, Admin By Request works proactively the other way around. If a user starts to install software, the Admin By Request client intercepts and installs the software with a full audit trail - without the user ever being elevated to administrator. Think of it as a self-checkout at the supermarket.

It is also safer than traditional allowlist solutions; just because an administrator adds a file to an allowlist, that doesn’t mean it is safe. We real-time scan files with more than 35 anti-virus engines before allowing those files to run with administrative privileges.

Nothing needs to be installed or changed on-premises. Users do not need to be re-educated, and no one in IT needs to create endless allowlists or spend hours on remote installs. All you have to do is to deploy the Admin By Request endpoint software.

Run As Administrator (App Elevation)

The number one reason that it is hard to remove admin rights is that users have an occasional need to install or update software and even with unlimited resources, no one can realistically maintain a whitelist of all software any single employee in the company is ever going to use.

Admint takes away admin rights, but the user experience is the same as before. If the user starts to install software, Admin By Request intercepts the operation and sandboxes the execution of the installation – but without the user being administrator and with full audit in the app and the portal for future documentation.

Not only does this solve a major security problem, but it also means that there are no unhappy users, or costly education of users.

Costs: £3.95+VAT per device per month

Device Management (KDM)

In today’s rapidly evolving landscape, implementing a Mobile Device Management (MDM) solution is more crucial than ever to address the needs of both your business and your users. MDM focuses on deploying, securing, monitoring, integrating, and managing workplace devices, ensuring a consistent, secure, and productive environment. It also provides employees with the right tools to perform their tasks effectively.

If left unmanaged, your Apple and Windows workstations will become outdated and insecure, with unpatched operating systems and applications. Users will experience inconsistent settings across different devices, and the lack of management increases security vulnerabilities, making your systems more vulnerable to cyberattacks. Kaizen Device Management is our remote MDM service, created to address the challenges of this constantly evolving landscape. It offers a range of essential features, including:

  • Device consistency – ensures that settings such as VPN, Wi-Fi, login windows, and other essential services are properly and uniformly configured across all devices, guaranteeing that every device is aligned with your business needs, regardless of the user.


  • Patch management – Automates the security patching of operating systems and applications to protect against the latest vulnerabilities. It also ensures that everyone on your team is using the same version of applications, maintaining consistency and security across all devices.


  • Device Encryption – Centrally manage the encryption of all devices to ensure that data remains inaccessible to unauthorised users. Encryption provides an additional layer of security, making it significantly harder for hackers to access sensitive information, even if they bypass other security defences.


  • Local Firewall Activation – Centrally enable the local firewall to block unauthorised users or malicious software from accessing your computer through the internet or network. It acts as a protective barrier against malware, ransomware, and other cyber threats.
  • Remote Wipe – A security feature that allows organisations to erase data on a business device remotely. It is typically used in cases where a device is lost, stolen or compromised to prevent unauthorised access to sensitive information.


  • Restrict Apps – Block untested OS updates until fully tested or Apps considered unproductive such as Messaging Apps.


  • Full Inventory Information – In addition to standard hardware details, gain access to critical data such as administrator accounts, installed applications, change history, and security configurations. This comprehensive overview helps maintain better control and security over your devices and IT environment.


Cost: £5.95 per Device per month with a one-off implementation cost.

Centralised User Management

Leveraging Cloud Directory Login is essential for businesses as it centralises user authentication and access management, improving security, efficiency, and flexibility. Cloud directory services like Microsoft

and Google Workspace offer a unified platform for managing user accounts and access across all applications, simplifying the management of permissions, user roles, and access policies from a single location. These services also support Multi- Factor Authentication (MFA), providing an extra layer of security. Additionally, within Microsoft Tenancies, Conditional Access policies can be implemented for even more control.

To enable these enhanced features, all MacOS deviceswill require the macOS Authentication Plug-in, available at an additional cost of £2.95 per device per month. Please Note: All prices exclude VAT. E&OE.

DMARC Monitoring Service 

DMARC (Domain-based Message Authentication, Reporting & Conformance) is an email authentication protocol designed to give domain owners the ability to protect their domain from unauthorised use, commonly known as email spoofing.

DMARC builds upon two existing authentication techniques – SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) – to provide a more robust and comprehensive approach to email security. It operates by aligning SPF and DKIM results with the domain found in the email’s ‘From’ header. This in turn generates aggregate and forensic reports that are sent back to the domain owner, providing insights into email authentication performance and potential abuse.

Kaizen’s DMARC Monitoring Service is a specialised solution that helps businesses manage,analyse and act upon data generated by their DMARC implementation. These services simplify the complex process of handling DMARC reports, providing actionable insights to enhance email security and ensure proper email authentication offering numerous advantages including:

  • Expertise and Efficiency: Leverage specialised knowledge and automation to handle complex DMARC data without requiring in-house expertise.


  • Time Savings: Reduce the manual effort involved in collecting, parsing and analysing DMARC reports.


  • Enhanced Security: Quickly identify and respond to unauthorised use of your domain, minimising the risk of phishing and spoofing attacks.


  • Improved Deliverability: Ensure legitimate emails are properly authenticated, enhancing their chances of reaching recipients’ inboxes.


  • Comprehensive Visibility: Gain a clear and comprehensive view of your email ecosystem, including all authorised and unauthorised senders.

Kaizen’s DMARC Monitoring service plays a pivotal role in managing and optimising your email authentication strategy, allowing you to focus on your core business objectives with confidence in your email infrastructure’s integrity.

Cost: £20.00 per month per domain.

Please note: All prices are exclusive of VAT. E&OE.

Backstop 365

While Microsoft 365 guarantees data availability, it lacks sufficient support for data recoverability. Simply put, Microsoft 365 does not provide a backup solution for your email, Teams, OneDrive, and SharePoint assets. Backstop 365 is the ideal solution to safeguard against accidental or malicious file deletions, user errors, or data corruption. Backstop 365 stores backups independently of Microsoft’s servers and allows for granular restoration of files, folders, and applications.


Priced at £3.95 per user per month, it offers a 1TB backup allowance for Mail, Teams, OneDrive, and SharePoint.


Please note: All prices are exclusive of VAT. E & OE.

Download the data sheet

Backstop Family

Businesses face constant risks of data loss or corruption. Organisations of all sizes manage vast amounts of information, making it increasingly challenging to protect this data.

An increasing number of companies are turning to cloud-based platforms for storage and as part of their disaster recovery strategies, attracted by the cost-efficiency, flexibility, and scalability these solutions offer. However, in the creative sector, the large data volumes can make cloud storage seem unsuitable. Yet, when properly designed, organised, and executed, it can become a valuable element of your disaster recovery process.

Kaizen’s Backstop portfolio provides all the essential on-demand tools to ensure that every aspect of data backup, disaster recovery, system state recovery, personal backup, and data archiving is delivered in the most dynamic and cost-effective way possible.

Backstop

The flagship member of the Backstop family, Backstop is Kaizen’s fully managed online backup service, ensuring vital data is available 24/7, even in emergency situations. Managed by Kaizen’s team within our secure UK-based datacentre, Backstop guarantees reliable data access when you need it most.


It seamlessly integrates with today’s leading operating systems and applications, giving you the flexibility to back up anything from a single file to an entire Windows server, as well as VM-Ware or Hyper-V images and data. Backstop uses advanced technologies to deliver the smallest, fastest, and most efficient backups possible. It supports AES 128-bit, AES 256-bit, or 448-bit Blowfish encryption, with version control set to 30 days by default.


With pricing starting at just £50.00 per month, Backstop is the perfect solution for your live data backup needs.

Backstop Rapid DR

Backstop Rapid DR provides the capability to replicate all data from your on-premise storage device to a secondary device housed in our secure UK-based datacentre, with updates occurring nightly or more frequently.

This service is ideal for businesses managing large data volumes that require instant access to their off-site backup in the event of a disaster recovery (DR) situation.


Pricing varies based on bandwidth and storage needs.

myBackstop

Best practices recommend storing files on a central server to ensure they are included in the company’s backup strategy. However, this isn’t always feasible, particularly with a growing mobile workforce that often stores critical business documents locally. Evolving security threats or hardware failures can lead to the permanent loss of locally stored data. Therefore, incorporating personal backup into your business’s disaster recovery (DR) strategy is crucial.


myBackstop automatically performs continuous backups of your data, offering up to 500GB of online storage for just £10.00 per month.

Backstop Archive

Backstop Archive is a highly cost-effective and fast cloud object storage solution, ideal for archiving data. Unlike traditional cloud storage services that come with complex pricing models and hidden fees for egress or API requests, Backstop Archive offers a straightforward, easy-to-implement solution that is exceptionally economical to scale. It also ensures compliance with stringent regulations, providing encryption at every stage and utilising immutable data buckets.


Pricing starts at just £12.00 per terabyte per month.

Mail Journal

Email ‘Black Box’ Recorder

Mail journalling is an extremely effective method for accessing every email an organisation has sent or received. Each year, the volume of emails continues to grow significantly across nearly all business infrastructures. This includes an increase in the number of emails, the average size of those emails, and their overall importance.

Mail Journal is a flexible, scalable, and high-performance email journalling solution designed to maintain compliance while seamlessly integrating with major mail platforms like Microsoft 365, Google Mail and many others.

GDPR Compliance

The General Data Protection Regulation (GDPR) is a set of regulations that applies to any business operating in or engaging with Europe. A good Email archiving system is essential for GDPR compliance as it helps to ensure that your emails are stored securely, managed appropriately and accessible when needed, all while protecting individuals’ rights and minimising the risk of non-compliance.

Handle PII, support the ‘Right to be forgotten’

Mail Journal ensures that all emails and attachments are securely stored, with strict control over data access. Most importantly, if GDPR requires you to delete an individual’s Personally Identifiable Information (PII), Mail Journal allows you to efficiently locate and remove all associated data from both emails and attachments. Additionally, the system provides auditable proof that you have fulfilled the GDPR requirement, ensuring full compliance with the Right to be Forgotten.

Respond to Subject Access Requests without delay

Under GDPR, your business is required to respond to Subject Access Requests (SARs) promptly. Unlike many systems that rely on databases, Mail Journal stores emails as files organised by date, enabling much faster

searches by narrowing down to more specific datasets. Its intuitive search interface further enhances efficiency, making company-wide searches up to 80% quicker, ensuring you can quickly locate and deliver the required

information, meeting GDPR response time requirements.

Privacy by Design; a Secure, Audited Archive

GDPR mandates the principle of ‘privacy by design’ and Mail Journal perfectly aligns with this philosophy. Emails and data stored in Mail

Journal’s archive are immutable, ensuring that no information can be altered or lost. This guarantees the integrity of your email data, making it admissible in court as evidential quality data. Additionally, any deletion

actions are fully audited, ensuring that proper procedures are followed, providing an added layer of security and compliance for your organisation.

Limitations of Microsoft 365 Email Services

Microsoft 365 (formerly Office 365) can only journal to an external address, which is essential for integrating third-party journaling and archiving solutions. Without a third-party journal archive, several key limitations exist:


  • No Tamper-Evident Emails: Without enabling Litigation Hold permanently on all mailboxes, you cannot ensure that emails are tamper-proof, making it difficult to maintain email integrity.


  • Limited Access During Service Downtime: If Microsoft 365 services experience downtime, you will lose access to emails on Litigation Hold or Live Emails.


  • Inability to Prove Email Authenticity: If you deactivate Litigation Hold or In-Place Hold, you cannot prove that your emails are original and unaltered, unless you have Litigation Hold applied to all mailboxes permanently.


  • Email Retention for Departing Employees: You cannot archive or retain the emails of employees who leave unless you continue to maintain their mailbox, posing a challenge for managing email retention after an employee departs.

To address these limitations and ensure comprehensive email retention and integrity, integrating a third-party archiving solution like Mail Journal is highly recommended.

Costs: The cost of providing this service is just £2.95 per live mail box per month. Please note: All prices are exclusive of VAT. E & OE.

Managed Detection and Response (MDR)

In today’s cyberthreat environment, small to
medium-sized businesses are finding themselves in the crosshairs of cyber criminals. Immunity to cyber threat doesn’t exist, so staying agile an building a proactive defence is critical in protecting your operations.

With the rate of cloud adoption and remote working increasing, the need for robust security tailor-made for cloud technology does so too. Cloud environments are not immune to cyber threats with companies top challenges including data loss, compromised credentials and resources, privacy and compliance issues.

Traditional cyber technologies such as anti-virus or antimalware are not enough. That is why Kaizen have teamed up with cyber security experts Blackpoint Security Operation Centre (SOC). Their 24/7 SOC team is focused on catching breaches and rapidly responding to contain them. Made up of former US intelligence cyber experts with real-world experience, their only mission is to monitor your networks and detain advanced threats before lateral spread compromises your livelihood.

When an attack occurs within your business, detection and response times often determine whether malicious actors succeed in their efforts to execute and install scripts or dangerous software throughout your network and satellite staff.

Designed with MDR objectives and workflows in mind, the Blackpoint ecosystem can detect breaches faster than any other current solution on the market with true 24/7 protection. 

Harnessing metadata around suspicious events, hacker tradecraft, and remote privileged activity.

When an attack occurs within your business, Blackpoint MDR isolates compromised business endpoints, its technology terminates malicious processes and stops the threat from moving laterally into other systems.

Monitor - Blackpoint hunts proactively for evolving threats 24/7, maintaining full visibility of yourentire network. The experienced team leverages leading- edge, proprietary technology to monitor for indicators of compromise, malicious behaviour and open risks.

Detect - Every second counts when it comes to detecting the first signs of breach. Blackpoint detects and isolates developing threats before they can spread laterally. We investigate suspicious activity on your behalf and eliminate alert fatigue and time spent on false positives.

Respond - The fastest response times seen by the industry, Blackpoint isolates and stops malicious processes. We take action to neutralise threats in real-time rather than sending you instructions to action yourself. Get alerted after the risk is eliminated and we’ve secured your environment.

  • Realtime threat detection with active 24/7/365 SOC (Security Operations Centre)


  • Cross platform Managed Detection and Response (MDR) application


  • Contextually aware breach detection and response


  • Cross platform Managed EDR (Endpoint Protection and Response) integration with Windows Defender for Endpoint, SentinelOne, BitDefender and others


  • Cloud Response for M365 and Google cloud platforms - account isolation and compromise protection

Cost: £8.95 per endpoint per month.

PhishSafe

Turning your team into human firewalls

PhishSafe delivers behaviour driven security awareness training that transforms your colleague into a human firewall creating the strongest line of defence against the most common cyber threats. Thus forming a necessary part of layered cyber defence.

Cybercriminals know that people are the weakest link rather than the technology so they target your staff with increasingly more sophisticated phishing and ransomware attacks because they are seen making more

mistakes than the machines do.

So with PhishSafe you can empower your staff to be your greatest security asset by creating a network of human sensors to protect against peoplecentric cyber-threats.

Cost Effective

PhishSafe is one of the most cost-effective and proactive cybersecurity measures an organisation can make. It’s a simulation tool focused on creating phishing campaigns using similar tactics as cybercriminals in

order to educate employees about the subtle and sophisticated methods used by cybercriminals when attempting to hack into a company.


Costs are only £2.00 per user per month on a 12 month campaign commitment with £250.00 setup and configuration fee.

ROI

The advanced reporting of Phishsafe shows us how susceptible staff are to phishing emails. Through implementing Phishsafe, here are the following results of its effectiveness in training employees through its campaign

based structure.


  • Susceptibility of staff targeted across all sectors = 33.33%


  • Results after 30-days of SAT & phishing testing = 9.33%


  • Results after 90-days of SAT & phishing testing = 2.56%


  • Average after 90 days of using Phishsafe = 92.44%


Communication and consistency are vital elements in building a security first

culture in an organisation.


Prevention is far superior and more affordable than responding to a security breach. Harnessing the value of security awareness training is critical to organisations in all sectors.

How does it all happen?

The Kaizen consultancy team will discuss with you and help to set up the program across a 12 month campaign of one per month, the results of which will be reviewed regularly with your account manager.

Key features

  • Recreate any phishing attack including ransomware, BEC, wire fraud, CEO fraud, advanced phishing attempts.


  • Phishing attacks with links, attachments and fake log in pages.


  • Simulate phishing attacks impersonating internal email addresses.


  • Avoid users tipping each other off by using burst mode which sends multiple templates in one campaign.


  • Comprehensive library of cybersecurity training videos, quizzes and courses.


  • Short quizzes minimise impact to employee productivity while gamifcation keeps them engaged and maximises uptake.


  • Phishing tests that auto-enrol user in training.


  • Every user interaction fully recorded for reporting.


  • Identify repeat offenders, high-risk departments or locations.


  • Identify geo-location, operating system and browser edition.


  • Raise staff awareness of Smishing by sending customisable phishing text messages directly to their mobile phones.


  • Delivering contextual training in real-time.


  • PhishSafe delivers a real time response to user behaviour - Train employees exactly when they display risky behaviour.


  • Unlimited Phishing Simulations.


  • Unlimited Cyber Knowledge Assessment Quizzes.


  • Risk and Compliance Reporting Suite.


  • Tracks behaviour to allow behavioural change to be tracked over time.


  • Allows IT to provide senior management with demonstratable ROI metrics.


  • Customisable real-time alerts.


  • SaaS platform - NO clients/agents required.


  • Offering seamless integration with AD / AAD for SSO.


  • Dedicated MS Teams App.


  • PhishHuk Outlook Email Client Plugin.


  • Automatically send training content, policy reminders, data regulations and compliance standards to staff when they engage in risky cyber behaviour.


  • Send relevant snippets from company policy documents tied to the specific user activity in real time.


  • Maximise ROI on your technical defences. Reduce admin overhead by delivering repeatable and consistent training content.


  • Compliant with GDPR privacy and other regulations.