Microsoft Insight Assessment Usage Guidelines

By granting us read-only access, here is what Marco Technologies LLC and Insights Cloud will and will not be able to do:

We Won’t Be Able To: 

• Read emails, Teams chats, or file contents
• Make modifications to configurations or policies within your environment beyond the API scope
• Impersonate users or use delegated access beyond the API scope
• Access or collect browser history, keystrokes, or personal usage data
• Access or collect sensitive data (e.g. SSNs, health records, or financials)

We Will Be Able To:

• Read Microsoft 365 tenant configuration and security settings
• Read Entra ID objects such as users, devices, and groups
• Access device and software inventory, operating system versions, compliance and security posture information, etc.
• Read Microsoft Intune configuration profiles, policies, and deployment settings
• Read Microsoft Defender for endpoint configurations
• Read Microsoft 365 licensing details and service usage metadata
• Read conditional access policies, MFA status, and identity protection posture
• Access high-level usage metadata (not file contents)
• Read administrative and audit logs

Remember, you can revoke our access at any time through your Microsoft account.