Connect Microsoft 365 or Google Workspace. Get a posture score, a phased remediation plan, and client-ready proposals. Most scans finish in 2-12 minutes, based on selected mailboxes/files and plan scope. No agent installs. Scope is set per run: Starter scans up to 100 emails and 50 files; paid plans add scan frequency, history, and team features. Actual accessible coverage still depends on plan, provider scopes, and tenant permissions.
Starter: one free scan (up to 100 emails + 50 files).
Prefer a walkthrough first? Try the demo scan.
We request read-only OAuth scopes, encrypt tokens at rest, do not store full email/file content, and you can revoke access anytime from Microsoft or Google. Security details.
Review an anonymised sample report structure first, then decide if you want to run a live scan.
NI numbers, bank details, addresses, medical records - sitting in shared drives and email threads. We scan configured content, triage the results, and give you a roadmap to fix what matters.
No technical knowledge needed. If you can sign into your email, you can do this.
Sign in with Microsoft or Google. We never see your password. Read-only access only.
We check configured emails and files for exposed PII, risky sharing, and phishing signals. Most scans finish in 2-12 minutes depending on selected scope.
Get your posture score, see prioritised findings, and follow plain-English fix steps.
This block uses the same Command Center layout as the live app (Executive / Operations / Audit views, findings sorted by severity). Numbers below are sample data only.
Executive view stays sparse; open Operations or Audit for depth. Evidence lives in findings and exports.
Executive Snapshot
Score 62/100 · 59 open findings · 7 critical · 12 high
Optional file scanning
Email is always scanned. Connect cloud files so we also read OneDrive / SharePoint (Microsoft) or Google Drive — read-only.
Compliance Health (risk posture)
Illustrative score ring — live app updates from your scan.
Financial Risk Exposure
£128,000
Severity-weighted index for prioritisation (not a fine prediction).
Regulatory Triad Status
72%
Sample alignment signal
68%
Sample alignment signal
65%
Sample alignment signal
Review, triage, and action every open finding in one place.
Public file link exposes customer PII
Source: Client_Invoices_2026.xlsx — OneDrive
What was flagged: This file is shared publicly and contains sensitive personal data
Recommended: Revoke public sharing and restrict access to authorised users only.
Regulation: UK GDPR Art. 32 — Security of Processing
Found 3 National Insurance Numbers in email
Source: RE: New Starter Onboarding — Outlook
What was flagged: Found 3 national insurance numbers in this email
Recommended: Delete the NI numbers from the email body and use a secure HR portal instead.
Regulation: UK GDPR Art. 5(1)(f) — Integrity and Confidentiality
Managing multiple clients? See the MSP portfolio / Command Center preview on the partner programme page.
You don't need to be a corporation. The ICO regularly penalises small firms for basic data handling mistakes.
£40,000
Recruitment Agency (7 staff)
CVs with personal data in shared folders without access controls.
£60,000
Law Firm (12 staff)
Client case files emailed to wrong recipients, unencrypted.
£100,000
Financial Adviser (5 staff)
Unencrypted bank details and NI numbers in shared spreadsheets.
Representative scenarios - not specific cases. See real enforcement actions at ico.org.uk/action-weve-taken.
Findings are tagged to the relevant regulation, and where the scan identifies a clear article reference we show it in the finding details.
UK GDPR applies to all businesses handling personal data. NIS2 applies to organisations in critical sectors. DORA applies to regulated financial services firms.
Get one free Starter scan (up to 100 emails + 50 files). Upgrade when you're ready. Cancel anytime.
1 free scan (100 emails + 50 files) · one-time
/mo · Solo practitioners
/mo · Up to 5 users
/mo · Up to 15 users
Try our interactive demo. Pick your industry, see detected risks, and generate a client-ready remediation proposal - no account needed.
Try a Demo ScanConnect. Scan. Get your score and a remediation roadmap. Most scans finish in 2-12 minutes depending on selected scope. Starter includes one free scan (up to 100 emails + 50 files).