This guide breaks down what's actually in a CyberShield bundle, why the three-tier structure matters, and how to choose the right one for your business without the marketing noise.
Understanding the Three CyberShield Tiers
CyberShield bundles typically come in three layers, each designed for different business sizes and risk profiles. Think of them like insurance policies: the basic tier covers essentials, the middle tier adds critical protections, and the premium tier is built for businesses that can't afford downtime.
Tier 1: Essential Protection (Entry Level)
The Essential tier starts from around R599 for an initial security assessment. This covers endpoint protection on your devices—think antivirus that's actually kept up to date, not the Windows Defender you're vaguely aware of. You get basic identity management, which means users log in with a single set of credentials across your business applications. It sounds simple because it is. But we've found that over 18,000 small businesses in the Gauteng region are still managing passwords in spreadsheets. Moving to even basic identity management stops that nonsense immediately.
Tier 2: Business Standard (Mid-Level)
The Standard tier is where most SMEs land. It adds Zero Trust Network Access (ZTNA) to the endpoint protection you already have. ZTNA is the industry's way of saying: "We don't trust anyone, even people inside your network, unless they prove it every single time." This matters more now that half your team is working from different locations—coffee shops in Johannesburg's northern suburbs, home offices, client sites. ZTNA ensures that someone logging in from a public Wi-Fi isn't automatically trusted just because they have valid credentials.
We also see advanced identity management bundled here, plus threat detection that actually flags unusual behaviour instead of just waiting for malware signatures to update.
Tier 3: Enterprise-Grade (Premium)
The Premium tier is your full-stack defence. Beyond everything in Standard, you get dedicated security operations support, advanced threat hunting (people actively looking for problems), and compliance tools built in. If your business handles client data, payment information, or operates under POPIA requirements (South Africa's Protection of Personal Information Act), this tier handles audit trails and data governance without you needing a separate team.
Why Endpoint Protection Matters More Than You Think
Most business owners think endpoint protection is just "antivirus for your work laptop." It's not. We've supported more than 24,000 devices across Johannesburg businesses, and the difference between outdated protection and current-generation endpoint protection is stark.
Modern endpoint protection watches for behaviour, not just known viruses. If a spreadsheet suddenly tries to connect to a server in Eastern Europe, current protection flags it. If a user's credentials are being used from two different countries simultaneously, it alerts you. If malware tries to hide itself in system files, it detects the unusual system behaviour before the malware even fully activates.
The tools we typically see bundled in CyberShield use real-time analysis and machine learning to do this constantly, without bogging down your devices. You don't need IT staff to understand how it works—it just does its job quietly.
Identity Management and Zero Trust: Why They Work Together
Here's where CyberShield bundles get genuinely useful: they tie identity management and Zero Trust Network Access together. These two pieces create something much stronger than either alone.
Identity management means every user has one set of credentials, managed centrally. No more password resets every week, no more "my login stopped working" support tickets. But it also means you know exactly who accessed what, when, and from where. That's critical for POPIA compliance and for actually responding when something goes wrong.
ZTNA takes that information and uses it to enforce access rules constantly. Even if someone has valid credentials, ZTNA checks: Are they accessing from an expected location? Is this device fully updated and protected? Are they trying to access something their role shouldn't reach? If anything looks off, access is denied—not after a breach happens, but before.
For businesses in Johannesburg managing sensitive information, this combination is the difference between "We have a cyber incident" and "That attack failed before it could do anything."
Warranties and Support: What You're Actually Covered For
CyberShield bundles typically include warranties ranging from one to three years. In our experience, what matters isn't the length—it's what's covered. You want warranties that include:
At ZA Support, we've worked with businesses that had three-year warranties on bundles that didn't include incident response. When an actual breach happened, they had protection but no support team to respond. That's like having an excellent security door but no one to unlock it when you've locked yourself out.
Assessing Your Business: The R599 Starting Point
Most providers, including those we work with in Johannesburg, start with a security assessment around R599. This isn't a marketing gimmick—it's genuinely useful. A proper assessment tells you:
We've completed assessments for more than 15,000 SMEs across the Gauteng region, and almost every one revealed something unexpected. Usually it's data sitting unencrypted, or users with administrative access they don't actually need.
The assessment output becomes the foundation for choosing which tier you need. A five-person accounting firm in Melville might be fine with Essential. A design agency with 40 people accessing client files from different locations definitely needs Standard or Premium.
Making the Right Choice Without Overpaying
Here's the honest bit: many businesses overpay for bundles they don't need, and others underpay and get inadequate protection.
The right approach is: start with an assessment (from R599), understand your actual risk, then pick the tier that matches it. Essential is fine if your business stores minimal sensitive data and everyone works from a secure office. Standard is appropriate for most SMEs with remote workers or client data. Premium makes sense if you're regulated, handle payment information, or operate in a sector where downtime costs serious money.
Don't let vendors upsell you into Premium just because it exists. We've seen businesses spend thousands on protections they don't use because no one explained what the bundles actually do.
If you want to understand what protection is right for your business, book online at zasupport.com/book for a detailed assessment. If you have immediate questions, WhatsApp us on 064 529 5863—we're based in Hyde Park and can often arrange same-day consultations.
For deeper technical reference on threat detection and endpoint security, the Apple Support security resources provide solid foundational information, and iFixit's security guides cover physical device security well.
Frequently Asked Questions
Q: What's the difference between Standard and Premium if we're just a small team?
For a small team with limited sensitive data, Standard is usually sufficient. You get the core protections—endpoint defence, identity management, and ZTNA—which cover 95% of real attack vectors. Premium adds incident response and compliance tools that matter more as you scale or if you handle regulated data.
Q: Do we need three-year warranties or is one year enough?
One year is typically sufficient if you're monitoring the marketplace and can upgrade protections as threats evolve. Three years makes sense if you want stability and don't want to renegotiate terms regularly. What matters more is whether incident response is included, not the warranty length.
Q: Is ZTNA just for large enterprises?
No. ZTNA works at any scale. We've implemented it for teams as small as five people, and it's been valuable immediately. The cost difference between Standard and Essential is usually modest, and ZTNA saves far more in prevented incidents than it costs.
Q: How does this protect us from ransomware specifically?
CyberShield bundles use behaviour analysis to stop ransomware before encryption starts. They monitor for file access patterns changing suddenly, unusual network connections, or system processes trying to modify boot sectors. These happen before ransomware actually encrypts your files.
Q: Are we POPIA-compliant just because we have CyberShield?
CyberShield gives you the tools to be POPIA-compliant—audit trails, access controls, encryption. But you still need policies, training, and documented procedures. Premium bundles usually include compliance guidance, which helps close that gap.
Q: What happens after the warranty period ends?
You typically renew at a renewal price, usually slightly lower than the initial cost. Some providers offer multi-year discounts if you commit upfront. At the end of any term, you're not locked in—you can switch providers or renegotiate terms.
