Book a demo

Secure, governed collaboration inside Microsoft 365.

nBold acts on your Microsoft 365 tenant through the Microsoft Graph API — ISO 27001 certified, SOC 2 Type II certified — so your teams collaborate fast without breaking governance.

ISO 27001 certified · SOC 2 Type II certified · Microsoft 365 native · Service account you control

Ad hoc workspace creation creates risk security teams inherit.

Ad hoc workspace creation can produce unmanaged sharing, inconsistent sensitivity labels, orphaned owners, poor lifecycle, and unclear auditability. Most tools that promise to address this ask you to trust a new system with your collaboration content. nBold takes the opposite approach: it applies governance guardrails within the environment you already secure, at the moment of creation — so the risk never accumulates in the first place.

No new data store

Your content stays in Teams and SharePoint. nBold doesn't replicate it into a separate platform you'd have to assess and secure.

No standing admin keys

nBold acts under a scoped service account you own — not a permanent privileged identity outside your visibility.

No black box

Every action runs through the Microsoft Graph API, the same governed interface Microsoft exposes for administration.

No surprise exposure

Governance applies guardrails at creation time, so workspaces start compliant instead of being remediated after the fact.

How nBold is architected to be trusted.

Four principles define where nBold runs, how it acts, and what it can touch — each one designed to keep your security team in control and your audit trail complete.

ISO 27001SOC 2 Type IIMicrosoft Graph APIStores no template dataFiles copied tenant-sideService-account scopedAudit loggingRole-based accessSensitivity labels

Your content stays in Microsoft 365

Your collaboration content lives in Teams, SharePoint and Microsoft 365 Groups. nBold stores no template data — there is no separate data lake.

Through Microsoft Graph

Every action nBold performs goes through the Microsoft Graph API — the same governed, audited interface Microsoft exposes for first-party administration.

Under your control

nBold acts under a service account you provision in your own tenant. You own the credentials, you grant the permissions, and you can revoke access at any time.

Minimal data

nBold stores no template data and processes only the minimum data it needs. Files are copied tenant-side through Microsoft's own endpoints.

What stays in your control, step by step.

Adoption follows your existing Microsoft 365 administration model — you provision the service account, you grant the Graph permissions, nBold operates within them, and you keep the oversight including the off switch.

01

You provision the service account

nBold acts through a service account created in your own tenant. The identity, its credentials and its permissions belong to you.

02

You grant scoped Graph permissions

nBold uses the Microsoft Graph API to provision, govern and manage the lifecycle of workspaces. You authorise the Graph scopes required — and can review them at any time.

03

Actions run through Microsoft Graph

Provisioning, governance, lifecycle and bulk operations all run through the Microsoft Graph API. nBold stores no template data and processes only the minimum data it needs; files are copied tenant-side through Microsoft's own endpoints.

04

You retain the audit trail and the off switch

Administrative and lifecycle actions are recorded for review, and you can revoke nBold's access through your Microsoft 365 admin tooling whenever you choose.

Least-privilege access, by design.

Role-based access control means routine work — template authoring, integration configuration, bulk cleanup — happens without handing out tenant-wide admin rights. Each role sees only what its job requires, and every privileged action is recorded in the audit trail.

nBold roleScopeTypical user
End-UserProvisions approved workspaces from the catalogRegular employee
Catalog ManagerBuilds and maintains workspace templatesTemplate owner
Integration ManagerConfigures nFlow and integration settingsRevOps / IT integrator
Teams Service AdminGovernance, lifecycle and bulk operations across the estateIT helpdesk / tenant admin
Global AdminFull administrative controlIT leadership

Sensitivity labels and naming guardrails are applied through governance templates at provisioning time, so classification and access posture are set when a workspace is created rather than corrected later. ISO 27001 and SOC 2 Type II certified.

Frequently asked questions

Is nBold ISO 27001 certified?

Yes. nBold is ISO 27001 certified. This attests to an independently audited control environment covering information security management — the standard most enterprise and regulated-industry security reviews require.

Is nBold SOC 2 Type II certified?

Yes. nBold is SOC 2 Type II certified, covering security, availability, and confidentiality. Both certifications are available for review during procurement and vendor assessment.

Does nBold replace Microsoft security controls?

No. nBold helps apply Microsoft 365 governance and security controls consistently as part of workspace provisioning and lifecycle management. It operates through the Microsoft Graph API under permissions you control, inside the same security boundary Microsoft already maintains.

Where does our data live when we use nBold?

Your collaboration content lives in your own Microsoft 365 tenant — Teams, SharePoint, and Microsoft 365 Groups. nBold stores no template data and processes only the minimum data it needs to provision a workspace, reading only what is strictly needed through the Microsoft Graph API. Files are copied directly between sites inside your tenant using Microsoft's own copy endpoints. ISO 27001 certified and SOC 2 Type II certified.

How do we demonstrate control of the collaboration estate to auditors?

nBold records administrative and lifecycle actions in an audit trail, enforces least-privilege access through role-based access control, and applies governance guardrails consistently across the estate — giving you the evidence trail and access controls auditors expect. ISO 27001 certified and SOC 2 Type II certified.

Governance and compliance inside your Microsoft 365 tenant.

See exactly where nBold runs, what it touches, and how it handles your data — ISO 27001 certified, SOC 2 Type II certified, Microsoft 365 native. Walk through it with your security team.