Service Without Silos: Modernising Segregation of Duties

Segregation of Duty Without Silos

How automation enables compliant, high-velocity teams in regulated environments

In Australia’s regulated sectors, the phrase Segregation of Duties (SoD) is a cornerstone of compliance. For CIOs and CTOs, upholding standards like ISO 27001, PCI DSS often leads to a default solution: organisational silos. We create separate teams for development, platform operations, and QA, citing SoD as the reason.

The intention is sound, but the outcome is frequently a drag on performance. This traditional model introduces friction through endless ticket handoffs, context switching, and delays. For lean organisations or leaders championing agile, “two-pizza teams,” building an entire org chart just to tick a compliance box is inefficient and costly.

Continue reading

Save SaaS costs with SCIM

Compliance as a Cost Saver

Why compliance frameworks are your secret weapon against rising IT costs

CIOs and CTOs don’t need reminding: IT budgets are under relentless pressure.
Every new SaaS license, every “per-user/per-month” subscription, every compliance audit adds to the sense that IT is a cost center.

It doesn’t take long before SaaS spend spirals out of control. Creative Cloud here, Salesforce there, a dozen productivity apps everywhere—it all adds up fast. And when compliance gets thrown into the mix, it often feels like just another tax on the business.

Continue reading

Authelia - Open Source IDP

Switching to Authelia:

Advantages and Tradeoffs for Companies Using Cognito, Auth0, or PingID

Identity and access management (IAM) is a critical component for securing applications and user data. Many companies rely on managed services like AWS Cognito, Auth0 (now part of Okta), and PingID (from Ping Identity) for their authentication needs. These platforms offer robust features, but they can come with ongoing costs, potential vendor lock-in, and reliance on third-party infrastructure.

Continue reading