Note-to-self: free download of interesting guides for SME from

Jean-Luc Allard pointed out to a #free#download of interesting guides for #SME on implementing the #informationsecurity basics we all need:

Freshly published: Essential controls for SMEs to protect user’s #privacy and data and ensure #GDPR compliance (based on new #ISO27002)

Direct download of PDF:

And also: The #ISO27001 standard made easy for SMEs:
Direct PDF access:

And there is more on the website of European DIGITAL SME Alliance (website:


Note-to-self:’s IT security certifications guide

From: (you need to register to free access).

“This special report offers a comprehensive review of information security industry certifications, highlighting which ones can best help you achieve goals specific to your information security career path”

I assume this report will get an 2014 update, but still the 2013 version is a valuable resource for planning security certification.

“License to CAL” – Licensing FIM 2010

[EDIT: There has been an important change on the FIM licensing, see here:#FIM2010 licensing model is changing as of 1st of april 2015]

Licensing FIM 2010 seems easy, but it’s not the first time (and probably not the last ) that this kind of discussion with the customer ends with more questions than answers.

Also, on the FIM 2010 TechNet forum, the topic has been discussed from the early start of FIM (euurrrh, correction ILM “2”, yes yes).

  • “Why do I need a FIM Client Access License? It did work without before.”
    (ILM customers must get used to the CAL based licensing model.)
  • ”I only wish to view data in the FIM portal, not changing it.”
  • “What if I manage (only) external users with FIM?”
  • … and other kind of variations

IMHO, this question on the FIM forum is the key to each customers situation:“As per my scenario, how to license MS FIM 2010 ?

While looking for information on FIM licensing you must have come across different sources:

In short, you had to assemble the information from different places to get specific answers. Or use the Microsoft Product Licensing Advisor. And in ultimate despair, pick up the phone and call Microsoft Licensing department.

Just recently I found out there is a Microsoft FIM 2010 Licensing guide.
In short, you need
– a server license for each server on which FIM components are installed
– a CAL for each user for whom the software issues or manages identity information. (inlc. smart card & digital certs)
– a CAL for administrator using FIM portal & services.
– no CAL needed if you only use the sync service
– no device CALs needed
– you can use ILM 2007 with your FIM license

Besides the licensing methods, the guide also provides some interesting examples which in lots of cases can be mapped to the practical environment for which FIM will provide its services.

The document also explains how the External Connector license (ECL) is related (or not) to the CAL. (Is it “ECL or CAL” or is it “ECL AND CAL” ??)

If you want to read it off-line, download it here.

Happy licensing!

I wikified this (slightly adapted) post on the MS Technet Wiki > Licensing FIM 2010 , so if you think you’ve interesting stuff to add, please do so. (Thanks Brian for contributing and approving the consistency big time!)
“Contribute boldly, edit gently and assume good intent.”