Prevent is designed to protect sensitive information from unauthorized disclosure. An essential aspect of this system is how data is stored and handled. This article provides an overview of the type of data Prevent stores and how it is managed.
The data stored by Prevent falls into two categories:
| System Data | Application Data |
|---|---|
| Request duration | Recipients |
| Request source geography | Sender |
| Uncaught errors | Sent time |
| HTTP response status codes | Message ID |
| Azure host-level metrics | Hashed pattern matches |
| Application level activity: database connections and outbound API calls | Azure AD (Field: isEnabled) |
| Subject line* | |
| Attachment names * |
* This category is optional and can be used to display this information in the Prevent dashboard
Data sources are logically isolated from the Prevent infrastructure, and all activity between the application and its underlying data sources takes place over a secure connection using TLS 1.2.
Each organization's data is isolated by assigning each organization an ID. Authentication and database queries to Prevent are made at an organizational level, ensuring that data cannot be accessed between organizations.