Secure configuration that passes first time.
Secure configuration is the second Cyber Essentials control. It requires every device and piece of software to be configured securely, with defaults removed and unnecessary features disabled. IP Four audits, hardens, and documents your entire estate.
100%
First-Time Pass Rate
4-6 Wks
Average Certification Time
500+
UK Businesses Certified
5
Controls Covered End-to-End
Secure configuration capabilities for Cyber Essentials compliance.
Default Password Removal
Identify and replace all default credentials on routers, switches, servers, and software across the in-scope environment.
Unnecessary Software Removal
Audit installed applications and remove or disable software that is not required for business operations.
Auto-Run and Auto-Play Disable
Disable auto-run and auto-play features on all in-scope devices to prevent malware execution from removable media.
Operating System Hardening
Apply CIS-aligned hardening baselines to Windows, macOS, and Linux endpoints to reduce the attack surface.
Application Configuration Review
Review configuration of business-critical applications to ensure security features are enabled and unnecessary functions are off.
Configuration Baseline Documentation
Produce a documented configuration baseline for each device type, providing ongoing evidence of compliance.
Our secure configuration process.
Asset Inventory
Catalogue all in-scope devices, operating systems, and applications to establish the full configuration review scope.
Configuration Audit
Assess current device and software configurations against Cyber Essentials secure configuration requirements.
Gap Report
Produce a prioritised list of configuration gaps including default credentials, unnecessary software, and insecure settings.
Hardening Implementation
Apply required configuration changes across all in-scope devices, removing defaults and disabling unnecessary features.
Evidence Collection
Capture configuration screenshots, Group Policy exports, and MDM policy reports as assessor-ready evidence.
Certification Submission
Submit configuration evidence as part of the Cyber Essentials application and support the assessor through review.
Secure configuration delivered across the UK.
Challenge: A 30-person recruitment firm had multiple devices still using manufacturer default passwords and several applications installed that were no longer in use.
Outcome: IP Four audited all 30 devices, removed default credentials, uninstalled redundant software, and produced a configuration baseline. The firm achieved certification within three weeks.
Challenge: A financial services firm needed Cyber Essentials for a new institutional client but had inconsistent configurations across a mix of Windows 10 and Windows 11 devices.
Outcome: IP Four deployed a Group Policy hardening baseline across all devices, documented the configuration standard, and the firm passed Cyber Essentials assessment first time.
Challenge: A logistics company had warehouse devices running outdated software with auto-run enabled and no documented configuration standard.
Outcome: IP Four disabled auto-run across all devices, removed legacy software, and created a device configuration register. Cyber Essentials certification was achieved in five weeks.
Ready to harden your devices and achieve certification?
We start with a free configuration audit to identify exactly what needs to change. No unnecessary work, just a clear and efficient path to Cyber Essentials certification.