Troye argues that relying on Microsoft alone to secure your identity infrastructure is a recipe for disaster.

“That is why we are urging South African businesses to adopt Redstor’s Entra ID Backup, a proactive and comprehensive solution designed to safeguard identity data – and recover it in minutes, not weeks,” says Troye CEO Helen Kruger.

Microsoft Entra ID is at the core of modern identity and access management and underpins everything from user authentication to conditional access policies.

However, as experts have warned, Entra ID’s native tools offer limited backup and recovery, with logs retained for only 30 days and no ability to roll back critical changes like permission misconfigurations or deleted roles.

That means a breach, insider threat, misconfiguration, or accidental deletion can cause catastrophic damage – without any reliable way to recover.

Redstor delivers immutable, cloud-native backups of your Entra ID environment, including user accounts, roles, group memberships, admin units, Intune policies, and conditional access configurations.

With unlimited retention, you can restore any deleted or modified object at any time – even if months or years have passed – breaking Microsoft’s 30-day limitation.

Kruger says recovery is granular and fast.

“You can restore individual user objects, specific permissions, or entire policy sets within seconds – or roll back unwanted changes using built-in change comparison tools.”

Redstor’s backing of Entra ID closes the identity recovery gap left by Microsoft. It provides instant restore across core identity components, automated change tracking, and ransomware‑resistant backups stored off‑site with AES‑256 encryption and immutable retention – meeting compliance standards such as ISO 27001, GDPR, SOC 2, and HIPAA.

“For Troye’s clients, this means peace of mind: even if Entra ID is compromised, corrupted, or misconfigured, business continuity is preserved – and recovery is measured in minutes, not days,” she adds.

A recent MSP case study highlighted how a client’s global admin account was compromised, resulting in over 1,800 unauthorised changes across their Entra ID tenant. Without Redstor, remediation took days of manual effort, and relied heavily on incomplete logs. After adoption, automatic restores eliminated that overhead and significantly reduced downtime.

This solution is essential for organisations using Entra ID – or Microsoft 365 – that cannot rely on Microsoft’s limited native recovery tools:

• Enterprises with high compliance or audit requirements
• Businesses vulnerable to insider threats, misconfiguration, or ransomware
• Organisations lacking built-in identity recovery tools
• MSPs and IT teams that want a multi‑tenant, scalable backup solution

As a trusted Redstor partner in South Africa, Troye delivers everything needed to protect Entra ID from identity loss – offering full implementation and seamless integration into your Microsoft 365 and Entra ID environment, along with local support aligned to South African regulatory requirements, and expert training and consultancy to strengthen identity resilience and recovery readiness.

“If you’re still trusting Microsoft to recover your identity configurations, you’re risking everything. We recommend Redstor’s Entra ID Backup as a strategic, insurance-aligned safety net. It ensures that your identity infrastructure is not only protected, but recoverable, swiftly and precisely – because identity data is the backbone of modern IT infrastructure,” Kruger concludes.

However, the intricate nature of these deployments – spanning on-premises, hybrid, and multi-cloud architectures – can lead to configuration drift, performance bottlenecks, security vulnerabilities, and licensing inefficiencies.

Conducting a structured audit is essential to identify and address these challenges, ensuring alignment with industry best practices.

When performed by an independent and experienced Citrix partner like Troye, such audits not only reveal gaps but also provide actionable strategies for optimisation, risk mitigation, and cost reduction.​

Troye, a Citrix Platinum solution advisor, employs a comprehensive audit methodology that encompasses several critical phases:​

1. Planning & Scope Definition: Collaborating with stakeholders to establish business objectives, compliance requirements, and define the audit boundaries, ensuring alignment with organisational goals.​

2. Inventory & Baseline Collection: Compiling detailed data on infrastructure components, configurations, user profiles, and usage patterns to create an accurate and comprehensive inventory.​

3. Configuration & Performance Assessment: Evaluating current settings against Citrix best practices to identify misconfigurations and capacity constraints that may impact performance.​

4. Security & Compliance Review: Analysing access controls, event logs, and vulnerability management protocols to ensure strict adherence to regulatory and organisational policies.​

5. Observability & Monitoring Validation: Assessing the effectiveness of existing monitoring tools in providing end-to-end visibility and proactive issue detection.​

6. Reporting & Recommendations: Delivering a prioritised action plan that includes both immediate improvements and long-term strategic initiatives tailored to the organisation’s needs.​

Helen Kruger, Troye’ CEO says an independent Citrix audit conducted by Troye offers several strategic advantages that can significantly enhance an organisation’s IT infrastructure. “We provide objective assessments, free from internal biases, ensuring a clear and accurate understanding of the current environment.”

As a Citrix Platinum Solution Advisor, Troye’s certified architects and engineers apply field-tested methodologies and stay abreast of the latest platform innovations. Utilising pre-built tools, templates, and automation scripts, Troye streamlines the implementation of recommended changes, reducing downtime and enhancing efficiency.

Additionally, the team identifies underutilised resources and licensing inefficiencies, often achieving a return on investment within months by optimising resource allocation.

Early detection of security gaps and performance bottlenecks reduces the likelihood of downtime and potential compliance fines, safeguarding the organisation’s reputation and operational continuity.

Kruger says their expertise has led to significant cost reductions and performance enhancements for clients. “For example, by optimising Citrix Virtual Apps & Desktops and Citrix DaaS, Troye has helped organisations lower the cost and complexity of application, desktop, and infrastructure management by as much as 70%.”

A structured Citrix audit – grounded in proven methodologies and enriched by advanced observability tools – delivers actionable insights that drive performance, security, and cost efficiencies.

“When conducted by an independent and experienced Citrix partner like Troye, the audit’s impartial recommendations and specialised expertise translate into tangible business value, ensuring that your Citrix environment not only meets today’s demands but is also poised for future growth,” she concludes.

With South Africa’s financial sector being one of the country’s most targeted industries, the Joint Standard is designed to mitigate the growing risks posed by cyber threats, protecting both the institutions themselves and the broader financial system from disruptive cyber events.

This will affect organisations including, but not limited to, banks, mutual banks, insurers, retirement funds and fund administrators, and collective investment scheme managers.

Troye, a leading IT solutions provider and Arctic Wolf partner, is committed to helping financial institutions and any other organisation required to comply to meet these demanding cybersecurity standards.

Through their collaboration with Arctic Wolf, Troye offers a range of tailored solutions to not only meet FSCA compliance requirements but also improve institutions’ overall cybersecurity resilience against evolving threats.

According to Helen Kruger, Troye CEO, the Joint Standard details several essential cybersecurity requirements that institutions must meet.

“A foundational requirement is for organisations to develop a comprehensive cybersecurity strategy tailored to their specific risk profile, size, and complexity,” Kruger said.

“This strategy must undergo regular review and updates to ensure continued effectiveness, and robust governance structures with clearly defined roles must be established, making management responsible for collaborating with other stakeholders to ensure cyber resilience.” she explains.

In addition to the strategy and operational aspect of cyber security, financial institutions will be required to implement stringent identity and access management protocols, application and system security policies, network security measures, security awareness training programs, incident response capabilities and more.

Regular testing of cyber resilience is another critical mandate, with institutions required to conduct ongoing vulnerability assessments, penetration testing, and cyber incident simulations to assess their readiness against potential threats.

Significant cybersecurity incidents must be promptly reported to relevant authorities, ensuring transparency and enabling swift regulatory responses.

With the deadline approaching, Kruger cautions that institutions must act decisively to achieve compliance and avoid serious regulatory consequences.

Troye’s partnership with Arctic Wolf offers financial institutions and partners that may also need to comply, a seamless path to meet the FSCA’s rigorous standards. Leveraging Arctic Wolf’s cutting-edge cybersecurity operations and Troye’s local expertise on cyber security solutions and red teaming exercises, institutions can transition smoothly into compliance while enhancing their cyber resilience.

Cyber Resilience Assessment (CRA)

Arctic Wolf provides all customers with a comprehensive CRA, which enables financial institutions to assess their cybersecurity readiness against industry standards such as NIST and CIS, identifying gaps to ensure regulatory compliance.

Managed Detection and Response (MDR)

Troye offers 24/7 MDR services that monitor network, endpoint, and cloud environments in real-time. This proactive threat detection and response capability helps financial institutions mitigate potential cyber threats before they escalate, ultimately covering a large portion of the FSCA requirements from protection to detection, to response and recovery.

Continuous Vulnerability Management

Troye also provides continuous vulnerability management, which identifies and addresses security gaps before they can be exploited. “Our services cover identity infrastructure monitoring and data loss prevention, aligning with FSCA requirements for robust access management and asset protection,” Kruger adds.

Incident Response and Real-Time Remediation

Arctic Wolf’s Incident Response services provide quick action in the event of a cyber incident, minimising disruption and damage. Customers collaborate with Arctic Wolf’s Concierge Security Team to develop pre-incident plans, ensuring that institutions are well-prepared for any cyber event.

“With Arctic Wolf’s Security Journey, Troye provides continuous compliance support to help institutions maintain alignment with the FSCA’s Joint Standard,” Kruger concludes. “This ongoing partnership ensures that businesses not only meet regulatory requirements but also stay ahead of emerging cyber threats through regular updates and best practices.”

As the FSCA’s Joint Standard on Cybersecurity and Cyber Resilience comes into force in 2025, financial institutions must prioritise compliance.

In today’s digital landscape, organisations face a constant barrage of cyber threats. Traditional perimeter-based security measures are no longer sufficient in safeguarding sensitive data and critical assets. As businesses continue to evolve and adopt cloud-based technologies, a proactive and comprehensive approach to cybersecurity becomes imperative.

Enter the Zero Trust strategy – a security framework that has gained significant traction in recent years. Let’s explore the key elements of a Zero Trust strategy and provide insights into better implementing it to fortify your organisation’s defences against ever-evolving cyber threats.

Zero Trust is a security philosophy that assumes no implicit trust in any user, device, or network within an organisation. It requires organisations to verify and validate every user and device attempting to access resources, regardless of their location or network connection.

Unlike the traditional perimeter-based approach, where once inside the network, users have relatively free access, Zero Trust embraces the concept of ‘never trust, always verify’.

Implementing a Zero Trust strategy should include the following elements:

Identity and Access Management (IAM)

Implementing robust IAM practices is at the core of a Zero Trust strategy. By leveraging multi-factor authentication, strong password policies, and role-based access controls, organisations can ensure that only authorised individuals gain access to sensitive resources.

Micro-segmentation

Micro-segmentation involves dividing the network into smaller, isolated segments, making it harder for attackers to move laterally if they gain access. By limiting access between segments and applying strict access controls, organisations can minimise the potential impact of a security breach.

Continuous Monitoring

Effective monitoring and visibility are crucial for detecting and mitigating potential security incidents promptly. Implementing real-time threat detection and response capabilities, along with security information and event management (SIEM) solutions, can provide organisations with the necessary visibility into network activities and enable proactive threat hunting.

Least Privilege

Adopting the principle of least privilege ensures that users and devices have only the minimum access necessary to perform their roles and responsibilities. This mitigates the risk of unauthorised access and limits the potential damage caused by compromised credentials.

Secure Remote Access

With the rise of remote work, organisations must establish secure remote access mechanisms. Zero Trust principles can help by requiring strong authentication, device health checks, and encrypted connections for remote users.

Choosing MDR over MSSP or SIEM?

The cybersecurity landscape is constantly evolving, and businesses are faced with the challenge of protecting their sensitive data and systems from ever-increasing threats. In this digital age, organisations need robust security measures in place to safeguard against cyberattacks. When it comes to Managed Detection and Response (MDR) versus Managed Security Service Provider (MSSP) with Security Information and Event Management (SIEM) solutions, the choice is crucial.

MDR offers a proactive approach to cybersecurity, leveraging advanced technology and expert analysts to detect and respond to threats in real-time. Unlike MSSPs that rely heavily on SIEM tools, MDR combines cutting-edge technology with human expertise, ensuring a more comprehensive and effective defence strategy.

With MDR, businesses can gain the upper hand in the battle against cyber threats by leveraging continuous monitoring, threat hunting, incident response, and remediation services, all tailored to their specific needs. By choosing MDR over MSSP with SIEM, organisations can achieve a higher level of security, enhanced threat detection, and a faster response to mitigate potential risks.

Arctic Wolf’s Security Operations go above and beyond traditional Managed Detection and Response (MDR) services, offering a range of additional capabilities. One notable feature is the provision of a dedicated Concierge Security Team (CST) for each customer account.

These highly skilled engineers serve as trusted security advisors and seamlessly integrate with the customers’ IT staff. The CST leverages a Hybrid AI approach, combining human expertise with machine learning, resulting in 10 times better threat detection and five times fewer false positives.

Arctic Wolf’s security optimised data architecture dynamically scales to handle and analyse unlimited amounts of log data, ensuring comprehensive visibility. Their customisable rules engine empowers Concierge Security Engineers to tailor their services to meet specific customer needs.

Furthermore, Arctic Wolf extends their monitoring capabilities to include cloud environments such as infrastructure-as-a-service (IaaS), software-as-a-service (SaaS), and security-as-a-service (SecaaS). With predictable pricing based on the company’s size and network infrastructure, Arctic Wolf provides continuous coverage, expert security operations, and personalised recommendations to enhance overall security posture.

Conclusion

As cyber threats continue to evolve, organisations must adapt their security strategies accordingly. Implementing a Zero Trust strategy is a proactive and effective approach to strengthen cybersecurity defences.

By embracing the principles of verification, segmentation, continuous monitoring, least privilege, and secure remote access, organisations can build a robust security posture.

Leveraging MDR can further enhance the effectiveness of a Zero Trust strategy. With a comprehensive and well-executed Zero Trust approach, organisations can better protect their critical assets, mitigate risks, and safeguard against the ever-changing threat landscape.