A clear security standard for every customer: SMB1001

We align every customer to the SMB1001 cybersecurity standard so your baseline is clear, measurable, and improves over time. Tier 1 includes Bronze, Tier 2 includes Silver, and Tier 3 includes Gold.

SMB1001 alignment is part of our managed service delivery. It is not a bolt-on project and it is not a sales tactic. We use it to set a minimum security standard and to keep improvement consistent across our customer base.

Four essentials included in every SMB1001-aligned Layer3 plan

Tiered standard

Bronze, Silver, Gold, with a clear uplift path.

Prescriptive controls

Clear requirements, not vague guidance.

Updated regularly

Designed to keep pace as threats change.

Assurance pathway

Supports maturity towards ISO/IEC 27001.

Assurance + tiered security uplift

Layer3 aligns every managed service tier to the SMB1001 cybersecurity standard. It’s a practical, tiered approach that helps small and mid-sized organisations lift security in a structured way, with clear expectations at each level. Because Layer3 is ISO/IEC 27001 certified, we treat this as the baseline standard of care for our customers, not an optional add-on.

SMB1001 alignment, included by default

SMB1001 provides a clear maturity pathway using Bronze, Silver and Gold levels. We build this alignment into every Layer3 plan so customers start with a strong baseline and can step up when their risk profile, compliance obligations, or customer requirements change.

Clear tiered pathway

Bronze, Silver and Gold give you a simple way to understand what “good” looks like today and what improving maturity looks like next.

Governance leaders can use

We translate technical controls into outcomes your leadership team can track, discuss, and use for risk decisions.

Practical controls, not theory

SMB1001 is designed to be achievable for real-world SMB environments, with prescriptive requirements you can actually implement and maintain.

Evidence and assurance ready

We focus on consistency, documentation, and repeatable processes so you can answer customer, insurer, and audit questions with confidence.

Security built into the plan

This uplift is included inside our managed service tiers. It’s part of how we deliver managed IT, not a bolt-on project.

Upgrade when the business demands it

If you take on bigger customers, handle more sensitive data, or your insurer tightens requirements, you can move up a level without rebuilding everything.

What SMB1001 alignment looks like with Layer3

Tiered security baseline (Bronze, Silver, Gold)

A clear maturity pathway aligned to your Layer3 plan, with an upgrade path when your risk changes.

Governance and accountability

Defined security ownership, policies, and decision-making that leadership can understand and maintain.

Identity and access controls

Strong sign-in protections, least-privilege access, and controlled admin rights to reduce compromise risk.

Secure endpoint standards

Managed patching, security baselines, and device controls to keep laptops and desktops consistent and hardened.

Email and collaboration safeguards

Reduced phishing and account takeover risk across Microsoft 365, with practical settings that stick.

Backup and recovery readiness

Backups that are monitored and testable, with clear recovery expectations for critical systems.

Monitoring and response readiness

Clear alerting, triage, and escalation so security events are handled quickly and consistently.

Evidence and continual improvement

Documentation and regular reviews so you can show progress over time and respond to audit or insurer questions.

Case Studies

Frequently asked questions

Layer3 offer full-service IT support, including remote helpdesk, on-site assistance, server and infrastructure support, and proactive monitoring. We support both Windows and macOS environments.

Yes – our core business hours are 8am to 5pm, Monday to Friday, but we offer after-hours and 24/7 support options for clients who require it, especially those with critical systems or on-call needs.

You can contact our helpdesk via phone, email, or through our support portal. Clients also benefit from our remote monitoring tools, which can alert us to issues before you even notice them.

We support businesses across New Zealand. Our team is based in Wellington and Auckland with remote coverage nationwide and satellite offices for regional response.

Yes. We support macOS devices, especially in hybrid environments. We can help manage updates, security, and integration with Microsoft 365.

Absolutely. We often partner with internal teams to provide overflow support, specialised skills, or strategic oversight through our vCIO service.

If we can’t resolve the problem remotely, we’ll dispatch a technician to your site or organise a pickup depending on the issue.

Layer3 Logo
Layer3 is an ISO 27001 certified MSP in Wellington with offices across New Zealand. Get strategy-first IT, security and managed support from Layer3.
Services
Managed IT Co-Managed IT Managed Security Managed Network
ADDRESS
Level 2 CBD Towers 84-90 Main Street Upper Hutt Wellington, 5018 New Zealand
contact information
0508 LAYER3 (0508 529373) Contact Us Service Status Notices
© 2025 Copyright Layer3.
Layer3 is a Silver Microsoft partner as well as an Authorised SPLA partner.
Terms of Business Privacy Policy ISO 27001 Certificate
SMB1001 BronzeSMB1001 SilverSMB1001 GoldISO27001