Skip to content

BLOG

Practical guides for lifecycle automation.

Short, operator-grade writing about employee offboarding, SaaS access revocation, audit evidence, and the parts that usually break.

eu cybersecurity compliance deadlines 2026

EU Cybersecurity Compliance Deadlines 2026–2027: NIS2, DORA, CRA, and the AI Act

The EU cybersecurity calendar for 2026–2027: NIS2, DORA, the Cyber Resilience Act, and the AI Act — what applies when, who's in scope, and the access-control angle.

Jun 3, 2026 · 9 min read

Read post

hr driven provisioning

HR-Driven Provisioning: What It Is, Why It Beats IdP-First for the Mid-Market, and How to Set It Up

HR-driven provisioning triggers access from your HR system, not an identity provider. Here's how it works, why it fits the mid-market, and how to set it up.

Jun 3, 2026 · 8 min read

Read post

iso 27001 access control

ISO 27001 Access Control: The Annex A Controls, Mapped to NIS2 and SOC 2

What ISO 27001:2022 requires for access control — Annex A.5.15–5.18 and A.8 — and how those controls map to NIS2 Article 21 and SOC 2 CC6, with audit evidence.

Jun 3, 2026 · 8 min read

Read post

nis2 deadline

NIS2 Deadline by Country: When It Actually Applies to You (2026 Tracker)

There is no single EU NIS2 deadline — there are 27 national ones. Here's when NIS2 actually applies by country in 2026, who's in scope, and what to do now.

Jun 3, 2026 · 8 min read

Read post

cerby alternatives

10 Cerby Alternatives in 2026 for Non-SCIM App Lifecycle Management

Looking for a Cerby alternative? Here are 10 tools for non-SCIM app lifecycle in 2026, ranked by fit for mid-market IT — with public pricing where it exists.

Jun 2, 2026 · 9 min read

Read post

adobe admin console automation deprovisioning

How to Automate Adobe Admin Console Deprovisioning

Adobe's Teams plan has no SCIM, so offboarding is manual. Here's how to automate Adobe Admin Console deprovisioning with browser automation and signed evidence.

Jun 2, 2026 · 7 min read

Read post

nis2 compliance checklist

NIS2 Compliance Checklist: Access Control Evidence and Audit-Readiness

The master NIS2 compliance checklist for access control — clause-by-evidence mapping, recertification cadences, ISO 27001 crosswalk, and 90-day quick-start for GRC teams.

Jun 2, 2026 · 11 min read

Read post

scim tax

The SCIM Tax: Why Automated Provisioning Is Locked Behind Enterprise Pricing

The SCIM tax is what you pay when a SaaS app locks user provisioning behind its enterprise plan. Here's the real math, the worst offenders, and how to avoid it.

Jun 2, 2026 · 8 min read

Read post

nis2 privileged access

NIS2 Privileged Access: CIR 11.3 and 11.4 Requirements Explained

What NIS2 and CIR 2024/2690 require for privileged and admin accounts — separate identities, JIT elevation, vaulting, PAWs, session logging, and audit evidence.

Jun 1, 2026 · 8 min read

Read post

nis2 mfa requirements

NIS2 MFA Requirements: What Article 21(2)(j) and CIR 11.7 Require

What NIS2 requires for MFA — CIR 11.5 identification, 11.6 authentication, 11.7 multi-factor and continuous authentication, phishing-resistant factors, and audit evidence.

May 31, 2026 · 7 min read

Read post

nis2 offboarding requirements

NIS2 Offboarding Requirements: Identity Lifecycle and the JML Obligation

How NIS2 and CIR 2024/2690 govern joiner, mover, and leaver processes — provisioning, deprovisioning, access reviews, HR security clauses, and asset recovery.

May 30, 2026 · 9 min read

Read post

nis2 access control policy

NIS2 Access Control Policy: What CIR 11.1 and 11.2 Actually Require

What a defensible NIS2 access control policy must contain — least privilege, RBAC, SoD, remote access, non-human identities, and the evidence auditors will ask for.

May 29, 2026 · 8 min read

Read post

nis2 article 21

NIS2 Article 21: Governance, Scope, and Risk-Management Measures Explained

A plain-language breakdown of NIS2 Article 21 — the ten risk-management measures, Article 20 board accountability, CIR 2024/2690, enforcement, and penalties.

May 28, 2026 · 10 min read

Read post

nis2 access control

NIS2 Access Control: The Complete Guide for Essential & Important Entities

A clause-by-clause guide to NIS2 access control obligations — Article 21(2)(i) and (j), CIR 2024/2690 Annex sections 10–12, and the evidence auditors expect.

May 27, 2026 · 7 min read

Read post

zluri pricing

Zluri Pricing 2026: What Buyers Pay + KINT Comparison

Zluri doesn't publish pricing — every contract is a custom quote. Here's how the process works, what drives the price, and how KINT ($3–$5/employee) compares.

May 26, 2026 · 11 min read

Read post

bettercloud pricing

BetterCloud Pricing in 2026: What It Costs + a Transparent Alternative

BetterCloud doesn't publish pricing. Here's what mid-market buyers report paying, what changed after the CoreStack acquisition, and how KINT's published per-employee rates compare.

May 25, 2026 · 10 min read

Read post

lumos alternatives

11 Lumos Alternatives in 2026 for Mid-Market Teams Without an Identity Engineer

An honest comparison of 11 Lumos alternatives for IT teams at 100–500 employee companies. Real pricing where available, setup times, and when each tool wins. Updated May 2026.

May 24, 2026 · 20 min read

Read post

zluri alternatives

10 Zluri Alternatives in 2026 for Mid-Market IT Teams

10 Zluri alternatives ranked for IT teams at 100–500 employees — no identity engineer required. Published pricing, setup times, honest cons.

May 23, 2026 · 16 min read

Read post

bettercloud alternatives

Top 10 BetterCloud Alternatives in 2026 (After the CoreStack Acquisition)

BetterCloud was acquired by CoreStack on March 31, 2026. Here are 10 alternatives for mid-market IT teams — with real pricing, setup times, and honest trade-offs.

May 22, 2026 · 17 min read

Read post

remove ex employee slack access

How to Remove an Ex-Employee's Slack Access

Step-by-step guide to deactivating a former employee's Slack account — manually, via SCIM, or automatically. Covers guest accounts, Slack Connect, and connected apps.

May 21, 2026 · 8 min read

Read post

remove ex employee github access

How to Remove an Ex-Employee's GitHub Access (Step by Step)

The exact steps to remove a departing employee from GitHub — org membership, teams, deploy keys, and PATs. What org removal covers, what it misses, and how to automate it.

May 20, 2026 · 10 min read

Read post

soc 2 cc6 access review checklist

SOC 2 CC6 Access Review Checklist — Operator's Guide (2026)

Step-by-step SOC 2 CC6 access review checklist for IT operators. Covers CC6.1, CC6.2, CC6.3, evidence formats, common gaps, and automation options.

May 19, 2026 · 16 min read

Read post

saas apps without scim

The Non-SCIM SaaS Playbook for IT Operators — 2026

~40% of mid-market SaaS apps don't support SCIM. This playbook shows IT teams how to govern them — manual, API, and browser automation — with a real audit trail.

May 18, 2026 · 15 min read

Read post

saas license waste

SaaS License Waste: How Mid-Market Companies Lose $26K a Year (and Fix It)

Industry research shows companies with 250 employees waste ~$26K/yr on unused SaaS licenses. Here's what causes it, how to audit it, and how to reclaim it.

May 17, 2026 · 15 min read

Read post

offboarding software

Best Offboarding Software in 2026 for Mid-Market IT Teams

An honest 2026 comparison of 8 offboarding software tools for IT teams at 100–500 employee companies. Real pricing, setup expectations, and which tools handle the apps that slip through.

May 16, 2026 · 17 min read

Read post

automated employee offboarding

Automated Employee Offboarding in 2026: How It Works and What to Look For

Automated employee offboarding revokes SaaS access in under 60 seconds when someone leaves — vs. a median 11-day lag manually. Here's how it works and what to look for in a tool.

May 15, 2026 · 13 min read

Read post

revoke SaaS access ex employee

How to Revoke SaaS Access for an Ex-Employee

A practical step-by-step guide for IT operators: how to revoke SaaS access across every app when an employee leaves, including the apps that get missed every time.

May 14, 2026 · 9 min read

Read post

it offboarding checklist

The IT Offboarding Checklist for 2026: Every Access, Every App, Every Time

A complete IT offboarding checklist for revoking employee access across SaaS apps, directories, credentials, and devices. 7 phases, every app type covered, including the ones most IT teams miss.

May 13, 2026 · 17 min read

Read post

employee offboarding checklist

Employee Offboarding Checklist 2026: All 28 Steps, Every App

A complete employee offboarding checklist for IT teams at 100–500 employee companies. All 28 steps, organized by phase, including the apps most teams forget.

May 12, 2026 · 17 min read

Read post

how to offboard an employee

How to Offboard an Employee Across Every SaaS App (2026 Checklist)

A practical 21-step guide for IT operators: how to offboard an employee from every SaaS app, including the apps without APIs or SCIM. Checklist, common gaps, and how to automate it.

May 11, 2026 · 17 min read

Read post