Identity

The Hidden Control-Plane Problem: SSO, Email, DNS, and File Storage

When organisations list their cloud dependencies, they typically produce a tool inventory: we use Slack for chat, Salesforce for CRM, Jira for project management. Each tool gets its own line item, its own risk rating, its own migration plan.

This approach misses the point. The tools are the visible layer. Underneath them sits a control plane: a small set of services that every tool depends on and that determines who can access what, where data flows, how systems find each other, and where files live. The control plane is the real dependency. And in most European organisations, the entire control plane is operated by one or two US companies.

The Anatomy of a Google Workspace Dependency: What Keeps You Locked to Google

Google Workspace is often seen as the lighter-weight alternative to Microsoft 365. Fewer products, simpler licensing, less enterprise complexity. Organisations that chose Google early tend to believe they could switch to something else in a few weeks if they needed to.

That belief rarely survives contact with reality. Google Workspace creates dependencies that are structurally different from Microsoft’s, but just as deep. Some are harder to escape because they are less visible.

The Anatomy of a Microsoft 365 Dependency: What Actually Locks You In

When organisations talk about replacing Microsoft 365, the conversation usually starts with email and ends with “it’s too hard.” But the difficulty is rarely about email. The real lock-in lives in layers most teams never think about until they try to leave.

This post maps the actual anatomy of a Microsoft 365 dependency: the layers that make migration hard, the ones that make it easy, and the ones nobody documents until it is too late.