Blog
Praktische gidsen over toegangsbeheer, IT-governance, compliance en MKB-administratie, direct bruikbaar, zonder jargon.
★ Pillar-gidsen
Diepgaande overzichten per thema
Access Management for SMBs: The Complete Guide (2026)
From your first access matrix to periodic reviews and directory sync — everything you need to know when your business grows beyond 10 people but you don't have an IT department yet.
ComplianceISO 27001 for SMBs without €50k in consultancy fees
ISO 27001 is manageable once you understand the structure. Here's the minimum work a 30-person SMB needs to pass a Stage 2 audit, what it costs, and where consultants actually add value.
OffboardingWatertight Offboarding in 12 Steps
Someone is leaving. In SMEs, this is where most data breaches begin. Here is a checklist that covers what you actually need to do — with deadlines, owners, and pitfalls.
Access reviewsPeriodic access reviews: process, frequency, and audit evidence
An access review is an audit requirement that nearly every SMB struggles with. Once you set it up properly the first time, the second round won't cost you a whole week.
Microsoft 365 & Entra IDMicrosoft 365 governance for SMBs — pragmatic, not perfectionist
M365 is the largest piece of SaaS in most SMBs. This guide walks through the governance layers — identity, licensing, MFA, Conditional Access, data, retention — covering what's truly essential and what can wait.
Boekhouding & facturatieSMB invoicing from quote to payment: the complete guide
Quote, invoice, reminder, demand letter, bookkeeping, VAT return. The entire chain explained for business owners who handle it themselves or with minimal accountant support.
AVG & privacyGDPR Compliance for SMBs: The Practical Minimum
GDPR doesn't require a €10,000 project or a DPO for most small businesses. Here's what every SMB actually needs — based on what the Dutch DPA really checks for.
Security zonder IT-afdelingSecurity for SMBs without an IT department: what should you do this quarter?
No IT team, but still accountable. This pillar gives you a priority stack: do this first, then that, then the less urgent stuff. Each item links to a deeper guide.
PDF redactiePDF redaction for SMBs: the complete guide
Redacting a PDF means permanently removing sensitive data — not dragging a black box over it, which anyone can undo in 30 seconds. This guide explains the real process.
Tools & checks uitgelegdVIES VAT number check: what it is, why it matters, and how to do it quickly
When you invoice a business in another EU country, you are often legally required to verify their VAT number via VIES. What is VIES, what does it check (and what doesn't it), and how do you maintain a proper audit trail?
Tools & checks uitgelegdChecking an IBAN by name: why banks no longer do it automatically, and how to handle it yourself
Since 2024, Dutch banks no longer automatically verify the account holder's name against an IBAN for every payment. For business finance teams, that's a real risk — here's how to tackle it practically.
Recente artikelen
Onboarding–offboarding parity: the best test for your IAM
If onboarding does something, offboarding should undo it. When that parity breaks down, orphaned accounts pile up — often going unnoticed for years.
PDF redactiePhoto and image redaction: faces, licence plates, signs
Not all sensitive data is text. Faces of bystanders in photos, licence plates in car park scans, whiteboard shots with company names — here's what the rules say and how to handle it.
Access reviewsAccess review scope: what's in, what's out?
Not every user, not every system needs to be included in every review. Here's how to define your scope so it stays manageable — and defensible in an audit.
ToegangsbeheerGiving external parties access without leaving the door wide open
Consultant, accountant, freelance dev, partner company. All people who aren't employees but still need access to something. Here's a pattern that works — without ending up with 47 ghost accounts two years down the line.
OffboardingOffboarding checklist as a process in your tool — not as a Word document
A Word checklist survives about 2 offboardings before the version still in use is stranded on someone's laptop. Build it as a process inside your tool so it can never escape again.
PDF redactieRedaction in the offboarding process: which documents need to be cleaned up?
Ex-employee data must be cleaned up in line with GDPR retention periods. Redaction helps with documents you need to keep — but without personally identifying information.
Security zonder IT-afdelingPatch management for SMBs without MDM muscle
Patches need to go on. But how do you enforce that without Intune or Jamf? Here's the pragmatic minimum setup.
Access reviewsBulk decisions in access reviews: faster without being careless
80% of the rows in a review are routine. You want to handle those in a single click. How do you do that without accidentally missing a critical row?
OffboardingHanding over clients when someone leaves: don't do it by email
A team member who manages clients is leaving. That client has grown alongside this one person for five years. How do you make sure the relationship doesn't walk out the door with them?
Boekhouding & facturatieCash Flow Tips for SMBs: The Invoicing Side of the Story
Cash flow problems in SMBs are rarely a revenue problem — they're usually a collections problem. Seven interventions that deliver immediate results.
ToegangsbeheerShared passwords: how to manage them without the headache
That one admin login for the domain registrar, the social media accounts, the customer portal. Three people know those passwords, sharing them via a spreadsheet is asking for trouble — here's how to do it right.
PDF redactieGDPR: redaction, pseudonymisation and anonymisation — which and when?
These three terms confuse people — and GDPR treats them very differently. Here's what sets them apart and when each one applies.