Audit and track sensitive data access
Today’s organizations must assume they will be compromised by a bad actor, disgruntled or even a negligent employee. We can no longer solely afford to settle for after the fact detection and user behavior analysis to detect a breach. NC Protect’s real-time data security leverages attribute-based access control (ABAC) policies which take into consideration content and user context, to prevent both negligent and malicious data loss, and audit and track sensitive data access. It provides advanced information protection that’s simple, fast and scalable to protect and audit sensitive information access across the Microsoft 365 collaboration stack.
NC Protect also provides out of the box centralized reporting and auditing capabilities to:
- Report on the number of issues identified by classification level.
- Allow policy officers to review the results and – if needed – rescan, reclassify or reapply permissions.
- Log and track sensitive access, user activities and actions such as producing, editing or deleting data, and general access.
- Track any changes to NC Protect settings and policies, and who made them.
- Ingest user activity and logs collected in NC Protect into Microsoft Sentinel or Splunk.
NC Protect data connector for Microsoft Sentinel
The NC Protect Data Connector for Microsoft Sentinel allows you to easily ingest user activity and protection logs and their associated “events” from NC Protect into Microsoft Sentinel.