What Permissions Does Kawach.AI Take and Why?

Kawach.AI follows a minimal and purpose-driven access model across integrations such as Google Workspace, Microsoft Entra ID etc, ensuring effective compliance monitoring without impacting operations.

• User Data Access (Read-Only):
  Reads user information to verify that only authorized users have access and to support identity validation.
• Security Settings Access (Read-Only):
  Reviews security configurations such as MFA, recovery options, and account protection to assess compliance and detect gaps.
• Domain Information Access (Read-Only):
  Accesses domain details to validate domain governance and ensure proper configuration across the organization.
• Role and Access Control Visibility (Read-Only):
  Analyzes roles and role assignments to ensure proper access governance and enforcement of role-based controls.
• Purpose of Access:
  These permissions enable Kawach.AI to continuously monitor risks, detect misconfigurations, enforce compliance policies, and maintain audit readiness.
• Non-Intrusive Operation:
  All access is strictly read-only, ensuring that no users, domains, or configurations are modified, and your environment remains fully under your control.

Your Data is Safe

Kawach.AI is built with a strong focus on data security, privacy, and controlled access. All integrations operate strictly in read-only mode, meaning the platform never creates, modifies, or deletes any users, domains, or configurations. It functions purely as a monitoring layer, continuously identifying risks, detecting compliance gaps, and supporting governance efforts.

This ensures that your data remains secure and fully under your control at all times, while Kawach.AI provides actionable insights to strengthen security, enforce policies, and maintain continuous compliance.