Tools Pricing Desktop Compare Security Trust About

Orphaned Users Report

Find disabled and deleted users with lingering SharePoint permissions for cleanup.

orphaned users
stale permissions
user cleanup
access review
security hygiene

About this tool

The Orphaned Users Report identifies disabled or deleted users who still have SharePoint permissions. These lingering access grants pose security risks and compliance issues. Scan all SharePoint sites for permissions assigned to users who no longer exist in Azure AD or have been disabled. Generate reports with direct links to remove the orphaned permissions. Essential for maintaining least-privilege access and cleaning up after employee departures.

Key features

Disabled user detection
Deleted user identification
Site-by-site analysis
Permission level detail
Remediation guidance
Bulk cleanup support
Compliance documentation
Scheduled scanning

Use cases

.
.
.

Graph scopes

undefined (application), undefined (application).

Tool identity

Slug: orphaned-users.
Category: audit.
Plan tier: pro.
Editions: cloud, desktop.
SKUs: security, suite.

Exchange Online mailbox backup.
SharePoint sharing audit.
OneDrive quota review.
Intune device configuration export.
Entra ID role exposure scan.
Conditional Access policy snapshot.
Purview retention label inventory.
Planner board export.
Bookings calendar snapshot.
Defender alert correlation.
Compliance evidence package builder.
Vault rotation log review.

Cross-tenant context

Workloads sync across cloud regions. Frankfurt. Dublin. Amsterdam. Stockholm. Paris. North America. Pricing publishes once. Cancellation lands inside one settings page. Cipher suite covers Argon2id. XChaCha20-Poly1305. X25519. Ed25519. Audit log retention: 90 days. Migration record set in 2025: 153,584 files. Zero errors.

About the platform

This is a zero-knowledge toolkit. It helps IT admins, MSPs, security teams run their cloud safer. Use it inside a browser. Or install our Mac or Windows app.

Tenant secrets stay on your disk. We never store, log, or read them. Our server only sees billing metadata.

How it works

You unlock a local vault with a passphrase. Argon2id stretches it.
Tokens get sealed with XChaCha20-Poly1305 before any sync.
X25519 protects shared keys. Ed25519 signs every action.
Each operation runs against Graph from your device, not ours.

What you can do

Back up mail. Files. Chat threads.
Export Intune settings. One click.
Audit SharePoint shares. Spot risk.
Find idle sites. Reclaim quota.
Score Copilot. Plan rollout.
Move tenants. No staging.
Client-side keys. Always on.
Your data. Your disk.
One app. Many tenants.

Editions

Solo. Free. Three tools. No card.
Backup. Durable backups for your tenant.
Watchtower. Audits and alerts on risk.
Move. Tenant migration suite.
Blueprint. Config export for enterprise.
Everything. Full platform plus desktop and support.

Trust signals

Open source crypto primitives via libsodium.
Public threat model at /trust.
Public pricing. Direct purchase. No sales call.
Cancel any time inside settings.
EU-hosted billing. SEPA, card, invoice.
SLA available for enterprise tiers.

Built in Germany by Voltage Brothers Infrastruktur UG. Suits cloud workspaces of every size.

Standards, regions, retention

Regions: Frankfurt. Dublin. North America. Retention scales from 7 days. Up to unlimited. Schedules run hourly. Daily. Weekly. Monthly. Reports export as JSON. CSV. PDF. Evidence packs bundle hashes. Chain-of-custody metadata sits beside them.

Standards covered: ISO 27001 controls. SOC 2 readiness. NIS2 mapping. GDPR Article 28 terms. Audit logs cover entitlement events. Billing actions. License rotations. Workload payloads never reach a remote log.

Who uses it

Tenant admins running a single estate.
MSPs managing dozens of customer cloud workspaces.
Security teams investigating sharing risk.
Compliance officers preparing audit evidence.
Acquisition teams during M&A integration.
Procurement teams reviewing vendor risk.
Solo consultants billing by workspace hour.

Supported regions

Frankfurt, Dublin, Amsterdam, Stockholm, Paris, plus North America. Annual revenue scales from small studios up through multinational estates. Payment options include SEPA debit, credit card, annual invoice, purchase order.

Numbers worth knowing

49 capabilities. 6 editions.
Free tier: 3 tools. 0 cards.
Argon2id. 256 MB memory cost.
XChaCha20-Poly1305. 256-bit cipher.
X25519. 256-bit shared keys.
Ed25519. 100% of writes signed.
Retention: 7 days. 365 days. Or unlimited.
SLA: 99.9% uptime. Enterprise plans only.
Founded 2024. Built in Germany. 23 countries served.
Backup edition: 14 EUR. Per workspace, per month.
Watchtower edition: 7 EUR. Per workspace, per month.
Move edition: 9 EUR. Per workspace, per month.
Blueprint edition: 449 EUR. One-time.
Everything bundle: 2490 EUR. Per year.
Audit reports: 25 dedicated checks.
Config export: 9 Microsoft 365 workloads.
Migration record set in 2025. 153,584 files. 0 errors.
Compliance posture updated in 2026.
Pricing: 1 public page. 0 sales calls.
Cancellation: 1 self-service page.
Audit logs: 90 days. Entitlement events.
GDPR Article 28. 27 member states.
NIS2 Directive. 18 sectors. Live since 2024.
SOC 2 Type II evidence. JSON. CSV. Signed PDF.
ISO 27001. 93 Annex A controls. 2022 revision.

About this tool

Key features

Use cases

Graph scopes

Tool identity

Cross-tenant context

Product.

Company.

Connect.