Insikter om identitets- styrning
Praktiska artiklar om identitetshantering, efterlevnad och att hålla din Entra ID- och Active Directory-miljö under kontroll.
The Hidden Cost of Manual User Provisioning
You won't find "manual provisioning" anywhere in your IT spend. There's no invoice for it. No PO, no SaaS subscription, no consultant retainer.
Orphaned Accounts in Entra ID: Finding Accounts Nobody Owns
You're doing a quarterly review. You spot an account. "[email protected]." Created in 2022. Last sign-in: never. Owner field: empty. Description field: blank.
How to Run an Access Review (Without Drowning in Spreadsheets)
Your auditor mentions access reviews. Your CISO mentions access reviews. Your last security questionnaire from a customer mentions access reviews. Two months later you're sitting in front of a 4,000-row spreadsheet of "User, Application, Permission, Last Used."
IAM, IGA, and PAM: How They Differ and How They Work Together
Short body.
Identity Lifecycle Management: The Complete Guide to JML for Mid-Market IT
It's Monday morning. Three new hires start today. One needs Salesforce. The other two need Jira and a Microsoft 365 E3 license. All three need the marketing-team SharePoint site. Or maybe two of them are in sales, not marketing, and you already half-remember that fact from a S...
Identity and Access Management (IAM): A Practical Guide for Mid-Market IT Teams
Somebody asks you in a meeting what your identity and access management strategy is. You have Entra ID. You have MFA on most accounts. There's a wiki page from 2023 that says new hires get added to three security groups. Is that a strategy? Sort of. Is that IAM? Also sort of.
Why offboarding is the riskiest part of the identity lifecycle
A customer called me last summer. A former employee still had access to their Azure billing console four months after leaving. Nobody had noticed because the account was still inside a security group that nobody owned anymore.
IAM vs IGA: What the Acronyms Actually Mean for Your Company
A vendor sent you a deck last week. Slide 4 says "comprehensive IAM and IGA platform." Slide 7 also says "comprehensive IAM and IGA platform." You sat through the whole call and you still aren't sure which one you actually need. Or whether you need both. Or whether they're the...
Access creep: what it is and how to stop it in Entra ID
Pull up the access list for someone who's been at your company five years. Take a real look. Half those permissions are from projects that ended in 2023. Sites they joined for one meeting. Shared mailboxes they were added to "just in case." This is access creep. The slow accumulation of permissions a person picked up over time and never lost. Nobody designed it. Nobody approved most of it on purpose. It just grew. How it actually happens Somebody joins a new project. Gets added to a SharePoint site, a Teams group, two shared mailboxes, maybe a license bundle. Project ends. Access stays. Then they change roles. They get the new permissions for the new role. The old ones stay too, because nobody owns that cleanup. Then they cover for a colleague on parental leave. Temporary access to a finance group. Colleague comes back. Temporary access is now permanent. Now multiply that by every employee, every project, every leave cover. Add every "can you give me access real quick" Teams message over four years. That's your access list today. Why nobody catches it Manual provisioning is built for adding access, not removing it. When a project ends, there's no Jira ticket that says "remove eight people from this SharePoint site." When someone changes role, the old manager assumes the new manager is cleaning up. The new manager assumes the old one already did. And honestly, for a while it works fine. Nothing breaks. The user has more access than they need, but they're not malicious, so nothing happens. Then somebody quits, or clicks a phishing link, or you get audited. Suddenly the access list everyone ignored is the only thing anyone is looking at. What it actually costs you Three specific things. First, audit findings. Any auditor doing a serious sample of user access in Entra ID will find people with permissions they don't need. ISO 27001 calls that a control failure. You get to write a corrective action plan. Second, breach blast radius. If an account is compromised, the attacker gets everything that user can reach. Picture a finance person. They have access to four old project sites. Two shared mailboxes from a previous role. A Teams group from a vendor onboarding two years ago. That's a much bigger problem than a finance person with finance access. Third, licenses. People collect Entra ID P1, Intune, and app licenses as they move between roles. A 200-person company can easily be paying for 30 to 50 licenses nobody actually uses. Cleaning it up without losing a month Don't try to clean up everything. You'll burn out and quit halfway through. Pick the riskiest 10 percent and start there. That's usually people who changed roles in the last 24 months. People in privileged groups. Shared mailboxes with more than five members. Pull the current access list per user. Show it to their manager. Ask one question. "Is any of this still needed?" Most managers look at the list and say "no, kill half of that." Do this once a quarter for the high-risk group. Once a year for everyone else. Write down what you removed and why. That's your audit trail. The bit nobody mentions: you also need triggers. Role change. Project end. Leave start. Leave end. Contractor end date. If access doesn't get reviewed at those moments, creep just rebuilds itself. A quieter way to do this Full transparency, this is our product, so take it with the appropriate context. Adcyma handles the Entra ID lifecycle triggers and access reviews. No six-month rollout like the enterprise IGA tools want. If you're tired of doing this in spreadsheets, have a look.
How Adcyma Makes Identity Governance Simple
Most identity governance tools were built for enterprises with dedicated IT teams and six-figure budgets. If you run IT at a 100-person company, they were never really built for you.
The Complete Entra ID Offboarding Checklist for IT Teams
Somebody quit on Friday. Or got let go. Either way, it's Monday now and you're not 100% sure their access has been fully revoked. Their Entra ID account is disabled, probably. But what about that shared mailbox? The Teams channels? That Azure resource group they had contributo...
How to Automate User Onboarding in Microsoft Entra ID
Picture this. It's Monday morning. You've got three new hires starting today, and you're staring at a spreadsheet trying to remember which security groups the marketing team needs, what licenses to assign, and whether anyone ever documented the process for setting up a shared ...
Why Most IGA Solutions Are Overkill for Companies Under 500 People
Let me paint a picture you might recognize. Your company is growing. Maybe you're at 150 employees, maybe 300. The manual way of managing user accounts is clearly not cutting it anymore. Someone suggests you need an IGA solution (Identity Governance and Administration), and su...
NIS2 Is Coming: What Nordic Companies Need to Know About Identity Governance
If you work in IT at a Nordic company and haven't heard about NIS2 yet, buckle up. The EU's updated Network and Information Security Directive is already in effect, and the national implementations across Sweden, Denmark, Norway, and Finland are rolling out. For a lot of mid-s...
SOC 2 Access Reviews: A Practical Guide for IT Managers
Your company is going through a SOC 2 audit. Congratulations, sort of. It means you're growing, your customers are asking for it, and now someone has to actually demonstrate that you control who has access to what.
How to Set Up Dynamic Security Groups in Entra ID (Without Losing Your Mind)
Dynamic security groups in Entra ID are one of those features that sound amazing in concept and then make you want to throw your laptop out the window when you actually try to configure them. The idea is simple: instead of manually adding and removing people from groups, you w...
Active Directory and Entra ID: Managing Identities Across Both
You've got on-premises Active Directory. You've also got Microsoft Entra ID (the thing they used to call Azure AD before the rebrand confused everyone). Some of your apps run locally, some are in the cloud, and your user accounts exist in both places.
Adcyma vs SailPoint: What Actually Makes Sense for Your Company Size
If you've been researching identity governance solutions, you've almost certainly come across SailPoint. They're one of the biggest names in the space, and for good reason. They've been doing this since 2005, they're publicly traded, and they serve some of the largest organiza...
Entra ID Licensing Is a Mess (Here Is What You Actually Need)
I have a theory that Microsoft's licensing page for Entra ID was designed by someone who gets paid per confused customer. There is no other explanation for how this got so complicated.
How We Built Identity Governance That Deploys in a Day, Not Six Months
Six months. That's the typical implementation timeline you'll hear from enterprise identity governance vendors. Some are honest and say nine to twelve months. A few particularly brave salespeople will promise "as little as three months" and then quietly extend the project plan...
Testa Adcyma gratis — inget kreditkort behövs
Sätt upp identitetsstyrning för din Entra ID- eller Active Directory-miljö på mindre än en dag.