there's another way
Blog
Thoughts on software, self-hosting, EU regulation and the straightforward path — straight talk, no buzzwords.
July 3, 2026
Am I Actually Covered by NIS2?
The honest scope test doesn't run on “how big are we”, but on sector and linked enterprises. Many are out — but for the wrong reason.
Read more →July 1, 2026
Team Passwords: Vaultwarden Instead of a US Datacenter
A shared password store belongs inside the company, not in a cloud you don't know. Why "we have MFA" isn't the finish line — and why rotation is dead.
Read more →June 24, 2026
CLOUD Act in the EU region: not sovereignty
The CLOUD Act reaches AWS servers in Frankfurt too: US authorities can access data in any EU region. Why EU servers alone are not sovereignty.
Read more →June 24, 2026
Receiving E-Invoices — Without a New SaaS Subscription
Since 2025 you have to be able to receive e-invoices. That doesn't take a monthly subscription: a mailbox, a free viewer and a clean archive are enough.
Read more →June 17, 2026
Windows 10 Is Dead — Is This the Moment for Linux?
Windows 10 support has ended. When a Linux switch really pays off for a company — and the three cases where it goes wrong.
Read more →June 9, 2026
Local AI for your business: your models, not the cloud
Local AI instead of ChatGPT: when customer data belongs on your own models, what cloud AI may handle, and how data protection stays practical.
Read more →June 3, 2026
GDPR-Compliant AI Is a Process, Not a Place
“Runs in the EU, so it's compliant” is too short. What actually makes AI privacy-compliant — and a simple matrix for which data goes where.
Read more →May 27, 2026
EU Data Act: switching providers without lock-in
The Data Act gives you the right to switch cloud providers more easily. What's in it — and why open source sidesteps the lock-in problem in the first place.
Read more →May 20, 2026
Stop Blaming Your Employees
'Human error' doesn't explain a phishing incident, it hides broken technology. Why the system has to come first, not the person at the screen.
Read more →May 6, 2026
When Cyber Insurance Won't Pay
Whether cyber insurance pays after an incident is decided months earlier, in the application. Why that questionnaire is really your security to-do list.
Read more →April 22, 2026
Test your backup: only the restore counts
Test your backup by actually restoring from it. Why a NAS that saves every night is not a strategy and only the tested restore counts.
Read more →April 8, 2026
NIS2 Now Reaches the SME Sector Too
NIS2 extends cybersecurity obligations to many mid-sized companies. Who's affected, what to do about it — and how managed hosting covers part of it.
Read more →March 11, 2026
Nextcloud isn't your problem. Your operations are.
Nextcloud slow? Almost always it's not Nextcloud but the operations: missing Redis caching, no cron, overloaded budget hosting. What actually fixes it.
Read more →February 24, 2026
Microsoft 365 alternatives: GDPR-compliant options
Nextcloud, Mailcow, Collabora and more: European open-source alternatives to Microsoft 365 — and why German regulators doubt its GDPR-compliant use.
Read more →January 20, 2026
Digital sovereignty has arrived in SMEs in 2026
Dependency on US cloud giants is turning into a risk — legally, financially, strategically. What digital sovereignty means for SMEs and where to start.
Read more →December 20, 2025
Cloud repatriation: when moving back pays off
"Cloud repatriation" is all the rage right now. Honest answer: sometimes spot-on, often nonsense. A decision guide without the ideology.
Read more →December 8, 2025
You want open source — but not the server stress
Open source gives you control over your tools and data. Running it costs time and nerves — unless someone else takes that part over.
Read more →November 15, 2025
there's another way
Why ANDERS IT unites two paths under one roof.
Read more →