All products

Hardened Identity Management

PIM, Conditional Access, MFA enforcement, and Entra access reviews. Ends standing privilege without breaking legacy apps. Standalone, or a component of E8 or application modernisation.


Options

Three fixed-price tiers.

Deploy our hardened baseline, have us complete the whole job tuned to your tenant, or scope it to your estate and classification.

Opinionated
Custom
Fixed price
$6,500
GST exclusive

Our hardened identity baseline, deployed. Maximum opinionation: PIM, Conditional Access, and MFA to our defaults.

What's included
  • PIM for privileged roles
  • Baseline Conditional Access policies
  • MFA enforcement
  • Break-glass accounts
  • Handover documentation
Talk to us about Deploy
Fixed price
$6,500
GST exclusive
Talk to us

Fixed, published price.

Fixed price
$12,000
GST exclusive

The whole identity-hardening job, tuned to your tenant. The anchor: policies that hold up without breaking the apps people rely on.

What's included
  • Everything in Deploy
  • Conditional Access that does not break legacy apps
  • Scheduled Entra access reviews
  • A privileged role model
  • Reporting and evidence
Talk to us about Complete
Fixed price
$12,000
GST exclusive
Talk to us

Fixed, published price.

From
$20,000
GST exclusive

Scoped to your estate and classification, with the assurance evidence to match.

What's included
  • Bespoke policy set for your tenant
  • PROTECTED-aware access model
  • Assurance evidence pack
  • Integration with existing identity estate
  • Dedicated engineer
Talk to us about Assured
Scoped to your estate

Priced from $20,000 plus a fixed scoping fee. Tell us your tenant and estate.

Talk to us
The work

End standing privilege, safely.

Identity hardening that satisfies both the E8 admin control and app modernisation identity needs.

Just-in-time admin (PIM)

Privileged access granted on request, time-boxed and logged. No standing admin.

Conditional Access

Policies enforcing device, location, and risk, without locking out the business.

MFA enforcement

MFA enforced across the tenant, with a plan for the apps that resist it.

Entra access reviews

Scheduled reviews of privileged roles, so access does not quietly accumulate.

Break-glass & role model

Emergency access and a role model that survives an audit.

Legacy-app-safe policies

Conditional Access tuned so older apps keep working.


Architecture

How we build it

Three deep dives into the real problems behind hardened identity.

Just-in-time admin access with PIM, ending standing privilege Moving from standing admin rights to on-request, time-boxed access. Conditional Access policies that don’t break legacy apps Getting strong access control without locking out the apps that resist it. Entra access reviews for privileged roles at scale Keeping privileged access honest when there are a lot of roles to review.

End standing privilege without breaking anything.

Tell us about your tenant and we will confirm a fixed price.