Secure, governed collaboration inside Microsoft 365.
nBold acts on your Microsoft 365 tenant through the Microsoft Graph API — ISO 27001 certified, SOC 2 Type II certified — so your teams collaborate fast without breaking governance.
Ad hoc workspace creation creates risk security teams inherit.
Ad hoc workspace creation can produce unmanaged sharing, inconsistent sensitivity labels, orphaned owners, poor lifecycle, and unclear auditability. Most tools that promise to address this ask you to trust a new system with your collaboration content. nBold takes the opposite approach: it applies governance guardrails within the environment you already secure, at the moment of creation — so the risk never accumulates in the first place.
No new data store
Your content stays in Teams and SharePoint. nBold doesn't replicate it into a separate platform you'd have to assess and secure.
No standing admin keys
nBold acts under a scoped service account you own — not a permanent privileged identity outside your visibility.
No black box
Every action runs through the Microsoft Graph API, the same governed interface Microsoft exposes for administration.
No surprise exposure
Governance applies guardrails at creation time, so workspaces start compliant instead of being remediated after the fact.
How nBold is architected to be trusted.
Four principles define where nBold runs, how it acts, and what it can touch — each one designed to keep your security team in control and your audit trail complete.
Your content stays in Microsoft 365
Your collaboration content lives in Teams, SharePoint and Microsoft 365 Groups. nBold stores no template data — there is no separate data lake.
Through Microsoft Graph
Every action nBold performs goes through the Microsoft Graph API — the same governed, audited interface Microsoft exposes for first-party administration.
Under your control
nBold acts under a service account you provision in your own tenant. You own the credentials, you grant the permissions, and you can revoke access at any time.
Minimal data
nBold stores no template data and processes only the minimum data it needs. Files are copied tenant-side through Microsoft's own endpoints.
What stays in your control, step by step.
Adoption follows your existing Microsoft 365 administration model — you provision the service account, you grant the Graph permissions, nBold operates within them, and you keep the oversight including the off switch.
You provision the service account
nBold acts through a service account created in your own tenant. The identity, its credentials and its permissions belong to you.
You grant scoped Graph permissions
nBold uses the Microsoft Graph API to provision, govern and manage the lifecycle of workspaces. You authorise the Graph scopes required — and can review them at any time.
Actions run through Microsoft Graph
Provisioning, governance, lifecycle and bulk operations all run through the Microsoft Graph API. nBold stores no template data and processes only the minimum data it needs; files are copied tenant-side through Microsoft's own endpoints.
You retain the audit trail and the off switch
Administrative and lifecycle actions are recorded for review, and you can revoke nBold's access through your Microsoft 365 admin tooling whenever you choose.
Least-privilege access, by design.
Role-based access control means routine work — template authoring, integration configuration, bulk cleanup — happens without handing out tenant-wide admin rights. Each role sees only what its job requires, and every privileged action is recorded in the audit trail.
| nBold role | Scope | Typical user |
|---|---|---|
| End-User | Provisions approved workspaces from the catalog | Regular employee |
| Catalog Manager | Builds and maintains workspace templates | Template owner |
| Integration Manager | Configures nFlow and integration settings | RevOps / IT integrator |
| Teams Service Admin | Governance, lifecycle and bulk operations across the estate | IT helpdesk / tenant admin |
| Global Admin | Full administrative control | IT leadership |
Sensitivity labels and naming guardrails are applied through governance templates at provisioning time, so classification and access posture are set when a workspace is created rather than corrected later. ISO 27001 and SOC 2 Type II certified.
Security is the foundation — not a separate module.
Governance, role-based access control, lifecycle management, and audit trails are all built on the same secure foundation — running through the Microsoft Graph API, under controls you own. Explore how each layer fits together.
Governance
Naming, sensitivity labels, membership, approvals, and lifecycle — guardrails applied per template at provisioning time so workspaces start compliant.
Explore GovernanceRole-based access control
Least-privilege roles so each team operates with exactly the access it needs — with privileged actions logged for audit.
Explore Role-based access controlSecurity details & certifications
ISO 27001 and SOC 2 Type II certifications, sub-processors, and the formal security posture for procurement and vendor review.
Explore Security details & certificationsFrequently asked questions
Is nBold ISO 27001 certified?
Yes. nBold is ISO 27001 certified. This attests to an independently audited control environment covering information security management — the standard most enterprise and regulated-industry security reviews require.
Is nBold SOC 2 Type II certified?
Yes. nBold is SOC 2 Type II certified, covering security, availability, and confidentiality. Both certifications are available for review during procurement and vendor assessment.
Does nBold replace Microsoft security controls?
No. nBold helps apply Microsoft 365 governance and security controls consistently as part of workspace provisioning and lifecycle management. It operates through the Microsoft Graph API under permissions you control, inside the same security boundary Microsoft already maintains.
Where does our data live when we use nBold?
Your collaboration content lives in your own Microsoft 365 tenant — Teams, SharePoint, and Microsoft 365 Groups. nBold stores no template data and processes only the minimum data it needs to provision a workspace, reading only what is strictly needed through the Microsoft Graph API. Files are copied directly between sites inside your tenant using Microsoft's own copy endpoints. ISO 27001 certified and SOC 2 Type II certified.
How do we demonstrate control of the collaboration estate to auditors?
nBold records administrative and lifecycle actions in an audit trail, enforces least-privilege access through role-based access control, and applies governance guardrails consistently across the estate — giving you the evidence trail and access controls auditors expect. ISO 27001 certified and SOC 2 Type II certified.
Governance and compliance inside your Microsoft 365 tenant.
See exactly where nBold runs, what it touches, and how it handles your data — ISO 27001 certified, SOC 2 Type II certified, Microsoft 365 native. Walk through it with your security team.