Date of last update: 31/03/2025

There is no one-size fits all for equipment, but we have several best-practice options we recommend to ensure your environment is supportable and reliable. This is a general list, but your business may have more stringent requirements that we will bring up with you over time. In addition to the guidelines below, we recommend that all equipment either has an active next-business-day replacement or better warranty or a spare is kept on-site at all times.

While not a strict requirement for service, failure to meet these baseline standards may result in security, stability or suitability issues for your business, which may incur additional charges or lost productivity.

We recommend laptops and desktops with the following minimum specifications and an active warranty from the manufacturer.

• Dell hardware preferred but not essential
• Intel Core i5 or i7 Processor (Minimum 8th Gen)
• 8GB RAM (memory), 16GB Preferred
• 256GB Solid State Drive (SSD) for storage
• 2x 24 inch+ Monitors
• Windows Professional, Business or Enterprise Operating System with active vendor support with Microsoft. Home editions of windows are strictly unsupported
• All hardware must be less than 5 years old

Servers should be selected to be suitable for the customer’s business needs and software requirements. We recommend redundancy such as dual power, RAID storage, and hardware remote management such as iDRAC/iLO. Servers should run an operating system and applications currently under vendor support and should have active next-business-day warranties. All hardware must be less than 5 years old

Backups should be fully automated and back up copies should be retained on site. In addition, backups should be stored off site, either via frequently rotated removable storage devices, or via encrypted cloud based backup remote storage. We recommend a minimum 6 months, 4 weeks and 7 days backup data is retained on site, and 1 week off site. Backups should protect servers and cloud based storage/applications.

Our preferred firewall manufacturer is Draytek or Ubiquiti, sized appropriately for the requirement. Exceptions may be made on a case-by-case basis where a legacy appliance is already in place.

Ethernet switching fabrics should be designed for the environment. Where appropriate, quality unmanaged switches may be acceptable but we highly recommend fully managed switches for all environments. We recommend consistent models and brands when possible to reduce the number of unusual support issues. Our preferred brands of switches are Zyxel and Ubiquiti. Switches should ideally be Power over Ethernet and at least 1Gbit minimum across all ports.

Switches should terminate in appropriately secured comms cabinets. Adhoc switches under desks etc are discouraged.

To a greater extent than even switching, wireless needs to be designed for the environment. In all cases, we do not recommend using any wireless provided by an ISP modem or other equipment. Our preferred brands of wireless equipment is Ubiquiti

We recommend at bare minimum a business-class broadband Internet connection, but this may not be suitable for all purposes. If Internet is required for primary business operations, we recommend at minimum redundant broadband services (ideally with 5G backup) or a dedicated fibre circuit.

We recommend all servers and critical network infrastructure have appropriately sized battery backups that are regularly tested and maintained.

We recommend all authentication used in the business comply with the following

• Use multi-factor authentication when available. This may require users installing an MFA app on their smart phone where a company device is not supplied.
• Use different passwords on different systems and accounts.
• Don’t use passwords that are based on personal information that can be easily accessed or guessed.
• Use the longest password or passphrase permissible by each password system.
• Don’t use words that can be found in any dictionary of any languages
• Use an encrypted password vault/manager to store credentials

We recommend the use of account lockouts, separate accounts per user, secure password storage, audit logging and the timely disablement of disused accounts. When access outside of the office or over a VPN is not required, we recommend locking down access.

We also insist that users do not have administrative permissions to any laptops. desktops, servers or cloud management portals, and lockdown/security policies and application whitelisting is applied.

We recommend periodic security awareness training for anyone who has access to critical business systems.

Cyber Essentials or Cyber Essentials Plus certification is strongly recommended (or ISO27001 in some circumstances)

The following listed software or solutions stack is approved for use by us, provided that technical support is provisioned by the software vendor, and that the software is fully up to date and patched. This is a none exhaustive list of tested software approved for use. Other software may be available and can be supported in most cases.

• Any Microsoft Windows  operating system which is not end of life
• Any Apple operating system which is not end of life
• Microsoft 365 Cloud
• Microsoft Office
• Windows Defender Antivirus
• ConnectWise Control
• Acronis Cyber Protect
• Sage Accounts
• Sage Payroll
• Adobe Reader
• Adobe Acrobat
• Adobe Creative Cloud
• Microsoft Edge
• Google Chrome
• Mozilla Firefox
• Apple Safari
• LastPass
• Zoom
• Microsoft Teams
• Cisco Webex
• PuTTY
• FileZila
• 7-Zip
• Dropbox
• VLC Media PLayer
• Any industry specific line of business software with vendor support