Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
SOLVED

Azure ATP: Which data is transferred to the cloud?

Copper Contributor

I'm looking for information about which personal data is transferred to the cloud.
I need the privacy relevant information for certifications according to TISAX or ISO 27001 and the European GDPR.

For example, which fields of an AD object (username, address...) transferred?

Is there more detailed information than this?
https://docs.microsoft.com/de-de/azure-advanced-threat-protection/atp-technical-faq

Thank you very much,

Best Regards,
Ralf

3 Replies

@Eli Ofek 

Thanks for your reply.

Are passwords or hashes also transferred to Azure ATP?
I couldn't find any information about this.

Best Regards,
Ralf

best response confirmed by Ralfxyz (Copper Contributor)
Solution

@Ralfxyz , no, we do not sync passwords or hashes of AD entities.

The only passwords we keep are for the read only account/accounts you supply in the portal configuration page, so we can connect to AD to read info etc.

Those passwords are of course kept secure, yet we still recommend to use read only low privileged accounts for this.

1 best response

Accepted Solutions
best response confirmed by Ralfxyz (Copper Contributor)
Solution

@Ralfxyz , no, we do not sync passwords or hashes of AD entities.

The only passwords we keep are for the read only account/accounts you supply in the portal configuration page, so we can connect to AD to read info etc.

Those passwords are of course kept secure, yet we still recommend to use read only low privileged accounts for this.

View solution in original post