Identity is your perimeter.
Specialist IAM consultancy focused exclusively on Microsoft Entra ID. Conditional access, MFA, SSO, passwordless, identity governance, privileged access management, and Zero Trust readiness. UK-wide.
What we do.
Identity and access management, end to end. Strategy, implementation, governance, and Zero Trust — built on Microsoft Entra ID. Nothing else.
Identity strategy & assessment
Entra ID tenant review, security posture audit, gap analysis, and IAM roadmap. Understand your current identity landscape, identify risks, and plan the path to Zero Trust.
Conditional access & Zero Trust
Risk-based conditional access policies, sign-in risk detection, device compliance signals, and least-privilege access. The identity foundation of Zero Trust architecture.
Identity governance
Access reviews, privileged identity management (PIM), lifecycle workflows (joiner-mover-leaver), role-based access control, and quarterly governance reporting. Delivered as a monthly managed service.
Authentication modernisation
MFA rollout, SSO configuration, passwordless adoption (FIDO2, Windows Hello, Authenticator), B2B and B2C identity setup, and legacy auth decommissioning.
Tenant migrations & consolidations
Entra ID tenant-to-tenant migration, domain consolidation, AD-to-Entra ID sync modernisation, and group policy translation to conditional access. Fixed fee, documented runbook.
Compliance & reporting
UK GDPR Article 32 identity controls, audit-ready access documentation, privileged access reporting, and continuous compliance monitoring via Entra ID Governance.
Three ways to engage.
Clear pricing, no hourly billing, no scope creep. Pick the model that fits.
Managed identity governance
Monthly fee. Ongoing access reviews, PIM management, conditional access tuning, lifecycle workflow automation, and quarterly governance reporting. Cancel with 30 days' notice.
Fixed-fee projects
Scoped and quoted before anything starts. Assessments, implementations, migrations, Zero Trust readiness. You know the price and deliverables up front.
Day rate
Ad-hoc consultancy for identity architecture, roadmaps, and specific technical work. Booked by the day, agreed in advance.
Identity specialist, not generalist.
We do one thing: Microsoft Entra ID identity and access management. No device management, no application packaging, no networking, no helpdesk. Pure IAM focus means deeper expertise and faster delivery.
Pure IAM focus
Entra ID is all we do. We are not a generalist MSP that dabbles in identity. Specialist depth, not generalist breadth.
Zero Trust ready
Conditional access, risk-based policies, least-privilege, and identity protection — the foundations of Zero Trust, implemented properly.
Fixed-fee, no surprises
Monthly governance fee, fixed project fees, or day rate. No hourly billing, no scope creep.
Works alongside your IT
We integrate with your existing MSP or in-house team. They keep the infrastructure; we handle identity.
Let's talk.
Tell us about your estate. We reply within 24 hours.
Prefer email? hello@marcean.com
Questions.
What is IAM?
Identity and Access Management — the policies, controls, and technology that determine who can access what, under which conditions. In Microsoft environments, that means Entra ID: conditional access, MFA, SSO, passwordless, governance, privileged identity management, and lifecycle workflows.
Do you only do identity?
Yes. We are a specialist IAM consultancy. We do not do device management, application packaging, networking, or helpdesk. We focus on one thing and do it properly. Your existing MSP or IT team handles the rest.
Can you work alongside our MSP?
Yes. Most clients have an MSP or in-house IT team. We slot in as the identity specialist. Your MSP keeps the servers, networking, and devices. We handle Entra ID, conditional access, governance, and Zero Trust.
How does pricing work?
Three ways: monthly fee for ongoing identity governance (access reviews, PIM, conditional access tuning), fixed-fee for scoped projects (assessments, implementations, migrations), and day rate for ad-hoc consultancy. No hourly billing, no scope creep.
Do you do Zero Trust?
Yes. Zero Trust starts with identity. We implement risk-based conditional access, device compliance signals, sign-in risk policies, and least-privilege access — the identity foundations of a Zero Trust architecture.
What is identity governance?
Ongoing management of who has access to what. Access reviews, privileged identity management (PIM), lifecycle workflows (joiner-mover-leaver), role-based access control, and quarterly governance reporting. Delivered as a monthly managed service.
Do you come on site?
UK-wide, remote-first. Identity work is almost entirely remote — Entra ID is cloud-native. On-site visits for audits and stakeholder workshops on request.
How quickly do you respond?
Within 24 hours for managed identity clients. Urgent access issues same-day. Project work follows an agreed timeline with fixed milestones.