What we read & why
Permafrost reads the most sensitive identity data a tenant has — who the privileged admins are and when they sign in. You deserve a frank, specific answer before you consent. Here it is: every category we read, why we need it, how long we keep it, and what we never touch.
Last updated 27 June 2026
What we read, and why
When you connect a tenant, Permafrost reads the following over the read-only scopes you grant. We read it across all of this customer's connected tenants and nowhere else.
| Data category | Why we read it | Retention |
|---|---|---|
| Identities (users, groups, service principals, managed identities, agent identities) | The subjects of entitlement analysis — who and what can act in the tenant. | Current state, replaced on each sync. |
| Directory and ARM role assignments | Map who holds which privileges at which scope — the core of CIEM analysis. | Current state, replaced on each sync. |
| Audit and sign-in activity (Entra ID) | Detect privileged sign-in patterns, dormancy, and risk signals that feed findings. | Per-tier window (see /pricing); see the retention schedule. |
| Activity logs (Azure ARM) | Evidence of how entitlements are actually used at the resource layer. | Per-tier window (see /pricing); see the retention schedule. |
| Permission grants and consent state | Surface over-broad or stale application consents and delegated grants. | Current state, replaced on each sync. |
| Surface inventory metadata (Exchange, SharePoint, Purview, Defender, Power BI, Power Platform, Azure DevOps, Intune, Teams, Viva Engage) | Locate privileged exposure across connected Microsoft cloud surfaces. | Current state, replaced on each sync. |
The exact retention windows live in the retention schedule.
What we never read
The product is read-only and never modifies your tenant. We do not read:
- Mailbox content or email bodies
- Document or file content
- Chat or meeting messages
- Any user-generated content
We read entitlement and identity metadata — who can do what, and the activity signals that show how those privileges are used — not the content people create.
Why this is sensitive, and how we treat it
We are candid about it: privileged-admin identity and sign-in metadata is among the highest-value data in a tenant. An attacker who had it would know exactly whom to target. That is precisely why a CIEM tool needs it — to find the over-privileged accounts and risky sign-in patterns before an attacker does — and why we hold it to a high bar:
- It is never used to train AI or ML models.
- It is never aggregated with another customer's data for any purpose. Tenant data is logically isolated by customer ID at every query boundary.
- Our analysis is decision-support for a human reviewer, never an automated decision with legal or similarly significant effect.
How we authenticate reads
Permafrost authenticates to your connected tenants in one of three ways. In all of them the consent you grant is read-only, and there is no write-capable token to your tenant in our backing store.
- Default — our multi-tenant app, authorized by your admin's consent. Reads run under Permafrost's own multi-tenant application, which your administrator authorizes with read-only consent. The app authenticates with Permafrost's own credential; we hold no secret to your tenant.
- Optional (Pro and above) — a dedicated app registration you own. If you prefer to read through an app registration in your own tenant, its client secret is held encrypted in our secrets vault. This is the one mode in which a per-tenant credential is stored, and it is opt-in.
- On the roadmap — federated, no stored secret. A Workload Identity Federation option for the dedicated app-registration mode is on our roadmap: it presents a short-lived federated token at read time instead of a stored secret, so no standing per-tenant credential is held. It is not yet enabled.
The mechanism is described in plain terms in our security posture and the connecting-your-tenant guide.
Other clouds
Coverage for Amazon Web Services and Google Cloud is in preview — on the roadmap. When those reads ship, their read scopes will be enumerated here with the same candor. Microsoft cloud coverage is available now.