Identity & Access Management (IAM)

Cloud computing technology and online data storage in innovative perception . Cloud server

Identity is the control plane - when it breaks, recovery becomes reconstruction across Entra ID, Okta, MFA, admin roles, groups, policies and SaaS access.

When Identity Becomes the Attack Path, Recovery Must Restore Control

Microsoft’s Storm-2949 research shows how identity compromise can become a cloud-wide breach across Microsoft 365, Azure resources, Key Vault secrets, storage, SQL databases and virtual machines. This article explains why identity recovery must restore a known-good control state, not just access.

Daniel Smith

May 257 min read

Cinematic illustration of a secure data vault remaining intact while turbulent SaaS cloud systems swirl around it, representing Essential Eight SaaS resilience and independent recovery.

The Essential Eight Reset (2026): Essential Eight SaaS Resilience in a SaaS-First World

Many organisations believe they are operating at Essential Eight ML2 or ML3. In reality, their SaaS resilience sits closer to ML0–ML1. This 2026 briefing explains why - and how Essential Eight must evolve for identity-driven, SaaS-dependent operations.

David Long

Dec 12, 20255 min read

Illustration of a skyscraper labeled Cloud Provider struck by lightning, with both Production and Backup going dark — symbolizing the shared fate risk of SaaS backups in the same cloud.

Microsoft’s Own Report Proves It: SaaS Backup Can’t Live in the Same Cloud

Microsoft’s 2024 Digital Defense Report reveals a hidden truth: when production and backup share the same cloud, they share the same fate. Here’s why independence is the only path to true resilience.

David Long

Aug 19, 20255 min read

When Your Identity Becomes the Attack Surface

David Long

Jul 17, 20254 min read