Partners • Integration / security lane
Integration partners that make evidence defensible.
This lane is for teams who can wire up identity, audit logs, DLP, and controls so governance artefacts are backed by a reliable evidence trail.
Non-confidential intake only. Links or sanitized descriptions — no client names, credentials, or private documents.
What we look for
Clean, repeatable implementation with proof discipline.
Identity
SSO/IdP implementations (Entra ID, Okta, etc.) with clear ownership and admin boundaries.
Audit logs
Export + retention, normalization, and traceability for material actions and changes.
DLP & labels
Classification, protection, and policy enforcement (Purview/MIP or equivalent).
Controls
Conditional access, MFA, device compliance, role separation, change control, and drift prevention.
Typical scopes
You do not need to cover everything — but you must be able to ship a clean control package and show proof.
- SSO rollout + conditional access baseline (with documented exceptions)
- Audit log pipeline + retention policy + evidence extraction
- DLP + classification labels + enforcement patterns
- M365/Workspace hardening, admin role separation, and change control
- Acceptance report: what changed, what proofs exist, and how to re-verify later