Prepare your organisation for the new European cybersecurity standard

NIS2 & Identity and Access Management (IAM)

Employees from your HR system, automatically in your IT environment

The NIS2 Directive is the new European legislation¹⁶ that sharpens the cybersecurity obligations for thousands of organisations. From strong access security to incident management and risk governance. Identity & Access Management (IAM) forms the foundation: you must be able to demonstrate who has access, why, and how it is securely arranged.

Joinly helps you set up your Microsoft Entra ID and IAM processes to be NIS2-compliant. With automatic lifecycle management, role-based access, and demonstrable compliance.

*https://www.ncsc.nl/identity-and-access-management/how-to-organize-identity-and-access

What is NIS2?

Simplify IT management with lifecycle notifications

More and more organisations encounter the same problem:
you must work digitally secure, but no one knows exactly if it is “good enough”.

NIS2 is a new European law that aims to end this.
The law essentially states: you can no longer gamble on security, you must be able to show that you have it well organised.

That means you must:

✅ know who has access to your systems

✅ prevent former employees from retaining access

✅ report cyber issues quickly

✅ and be able to prove that your security is in order

For many companies, this feels like additional pressure on an already full IT agenda.

When an employee is created in your HR package, Joinly ensures that they are automatically created in your identity provider. Then, as an IT or HR team and as an employee, you receive automated messages about your changes. This way, IT is always in control, HR can track whether employees are successfully onboarded, and employees get immediate access to the company software they need.

*https://www.ncsc.nl/identity-and-access-management/how-to-organize-identity-and-access

Why IAM is essential for NIS2 compliance

Simplify IT management with lifecycle notifications

NIS2 is about demonstrable control over digital access.
That is why Identity & Access Management (IAM) is central in the legislation.

Organisations must be able to demonstrate that they:

Use strong authentication
Such as MFA and smart access rules to prevent unauthorised access.
Restrict access according to least privilege
Employees only receive the permissions they truly need.
Log and monitor activities
Login attempts, changes in rights, and provisioning must be visible for audits and incident response.
Automate lifecycle processes
Accounts must be automatically created, updated, and deactivated during personnel changes.
Demonstrate compliance
Reports must show who had access, when, and why.

In short: without well-structured IAM processes, NIS2 compliance becomes practically unattainable.

Who is NIS2 applicable to?

What does an HR integration via Joinly deliver?

NIS2 applies to many more organisations than before. You are likely subject to the legislation if you are active in one of these categories:

From HR data to ready-to-use accounts.

Critical sectors

Organisations active in vital sectors such as energy, healthcare, transport, water, government, and industry.

Cloud & IT service providers

Companies providing IT services such as: SaaS platforms, Managed Service Providers, Cloud hosting, and Integration platforms

Essential business processes

Organisations that manage systems crucial for: Business continuity, Operational processes, and Production environments

Medium & large organisations

NIS2 is primarily focused on organisations with: - 50+ employees - Or significant revenue - Or important societal impact

How Joinly helps you become NIS2 compliant

This is what control over Microsoft Entra looks like

Joinly serves as the control and automation layer on top of Microsoft Entra ID for Identity & Access Management:

Where organisations often get stuck

HR-driven provisioning

We connect your HR source to Entra ID so that:

accounts are automatically created upon start
accounts are instantly blocked upon termination
role changes automatically lead to adjusted access

This ensures consistent, demonstrable lifecycle management.

manual provisioning and offboarding

Role and Access Governance

Roles are linked to access profiles
Transparent mapping of role to rights

no central RBAC / role structure

Logging & Compliance Reporting

Joinly collects and structures:

provisioning logs
access audit trails
exception reports

limited logging capabilities

SCIM & application integrations

We link users to your business applications, so that:

Entitlements are automatically synchronised
No silos are created outside Entra
End-to-end IAM compliance is possible

no integration with HR or authorisation processes

What you achieve with NIS2-compliant IAM

What does an HR integration via Joinly deliver?

Prepare your IAM environment today for audits and future legislation.

From HR data to ready-to-use accounts.

Faster NIS2 audit preparation

Your IAM structure is pre-configured to meet compliance requirements, reducing audit time and the need for corrective work.

Less manual management work

Automated compliance without additional operational pressure on IT teams.

Automatic lifecycle governance

Onboarding, role changes, and offboarding are automatically processed in Entra and connected applications. No manual actions required.

Security maturity

Your IAM grows with Zero Trust and modern security standards, without added complexity.

Free NIS2 IAM Readiness Scan

Do you want to know:

✅ how compliant your IAM landscape currently is

✅ where the biggest risks are

✅ concrete next steps to become NIS2-proof

Do you want to know:
✅ how compliant your IAM landscape currently is
✅ where the biggest risks are
✅ concrete next steps to become NIS2-proof

Schedule a FREE NIS2 IAM Scan with our experts