Blog
Praktische gidsen over toegangsbeheer, IT-governance, compliance en MKB-administratie, direct bruikbaar, zonder jargon.
★ Pillar-gidsen
Diepgaande overzichten per thema
Access Management for SMBs: The Complete Guide (2026)
From your first access matrix to periodic reviews and directory sync — everything you need to know when your business grows beyond 10 people but you don't have an IT department yet.
ComplianceISO 27001 for SMBs without €50k in consultancy fees
ISO 27001 is manageable once you understand the structure. Here's the minimum work a 30-person SMB needs to pass a Stage 2 audit, what it costs, and where consultants actually add value.
OffboardingWatertight Offboarding in 12 Steps
Someone is leaving. In SMEs, this is where most data breaches begin. Here is a checklist that covers what you actually need to do — with deadlines, owners, and pitfalls.
Access reviewsPeriodic access reviews: process, frequency, and audit evidence
An access review is an audit requirement that nearly every SMB struggles with. Once you set it up properly the first time, the second round won't cost you a whole week.
Microsoft 365 & Entra IDMicrosoft 365 governance for SMBs — pragmatic, not perfectionist
M365 is the largest piece of SaaS in most SMBs. This guide walks through the governance layers — identity, licensing, MFA, Conditional Access, data, retention — covering what's truly essential and what can wait.
Boekhouding & facturatieSMB invoicing from quote to payment: the complete guide
Quote, invoice, reminder, demand letter, bookkeeping, VAT return. The entire chain explained for business owners who handle it themselves or with minimal accountant support.
AVG & privacyGDPR Compliance for SMBs: The Practical Minimum
GDPR doesn't require a €10,000 project or a DPO for most small businesses. Here's what every SMB actually needs — based on what the Dutch DPA really checks for.
Security zonder IT-afdelingSecurity for SMBs without an IT department: what should you do this quarter?
No IT team, but still accountable. This pillar gives you a priority stack: do this first, then that, then the less urgent stuff. Each item links to a deeper guide.
PDF redactiePDF redaction for SMBs: the complete guide
Redacting a PDF means permanently removing sensitive data — not dragging a black box over it, which anyone can undo in 30 seconds. This guide explains the real process.
Tools & checks uitgelegdVIES VAT number check: what it is, why it matters, and how to do it quickly
When you invoice a business in another EU country, you are often legally required to verify their VAT number via VIES. What is VIES, what does it check (and what doesn't it), and how do you maintain a proper audit trail?
Tools & checks uitgelegdChecking an IBAN by name: why banks no longer do it automatically, and how to handle it yourself
Since 2024, Dutch banks no longer automatically verify the account holder's name against an IBAN for every payment. For business finance teams, that's a real risk — here's how to tackle it practically.
Recente artikelen
ISO 27001 costs: from initial gap analysis to certificate
A realistic budget breakdown for a 30-person SMB. Internal hours, external audit, consultancy (kept to a minimum), and annual maintenance. No marketing fluff.
Boekhouding & facturatieBad debts: write off, collections, or one more round?
Customer won't pay, won't respond, and you've sent every reminder in the book. Now what? Here are the three paths: write it off, send it to collections, or take legal action.
PDF redactieDetecting and removing BSNs in documents
A BSN (Dutch citizen service number) can almost never be shared with third parties. In practice it hides in scans, payslips and old contracts. Here's how to find and remove it systematically.
Microsoft 365 & Entra IDIntune basics for SMBs: device management without overengineering
Intune is Microsoft's MDM platform. For SMBs, you only need 20% of its features to get 80% of the value. Here's what you actually configure.
Security zonder IT-afdelingGuest network at the office: how to separate guests from your business network?
Visitors on your WiFi is perfectly normal. Them sitting on the same network broadcast as your NAS is not. Basic segmentation takes just 10 minutes to set up.
Access reviewsQuarterly cadence for access reviews: planning and rhythm
Four reviews a year sounds like a lot. In practice, a well-structured approach takes just 3–4 hours per quarter. Here's the cadence that works for a 40-person SMB.
AVG & privacyData subject rights: access, rectification, erasure — a workable procedure
A customer wants to see their data — or have it deleted. You have 30 days. Here's the procedure that gets it done without each request eating up half a week.
OffboardingWhy You Wait 30 Days Before Deleting an Account
Disabling is immediate. Deletion only happens after 30 days. That's not an arbitrary deadline — here's the reasoning, the risks, and what needs to happen during those 30 days.
ToegangsbeheerBuilding a SaaS inventory: what's actually running in your business?
The average SMB has 47 active SaaS subscriptions. Half of them fly completely under the radar. Without an inventory, access management is impossible — you can't check the doors if you don't know they exist.
ComplianceISO 27001 or SOC 2? Which one fits your Dutch SMB?
ISO 27001 is Europe-oriented, SOC 2 is American. Which one do your clients actually need — and can you combine them? Here's the practical difference for an SMB.
Boekhouding & facturatieInvoicing foreign clients: EU, UK, and US in one overview
B2B EU with reverse charge, B2B UK post-Brexit, B2B US with or without sales tax implications. Three patterns, each with their own rules.
PDF redactiePattern mode: bulk redaction for recurring patterns
If you have 200 documents where BSNs, email addresses or IBANs need to be removed throughout, clicking through each one manually is a nightmare. Pattern mode automates it.