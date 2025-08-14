Skip to Content

Cold storage, hot insights – Managing data efficiently with Sentinel’s new storage tiers

Mona Ghadiri
Aug 14, 2025

As security data volumes continue to grow, organizations face the dual challenge of retaining data for long periods while managing storage costs. Microsoft Sentinel Data Lake addresses this with the introduction of a new cold storage tier – an innovation that brings flexibility, scalability, and cost-efficiency to security data management.

Understanding the cold storage tier

The cold storage tier is designed for long-term retention of infrequently accessed data. It complements the existing hot and warm tiers, enabling organizations to implement a tiered storage strategy that aligns with their operational and compliance needs. With seamless transitions between tiers, security teams can access historical data when needed without incurring high costs.

This is particularly valuable for industries with stringent regulatory requirements or those conducting forensic investigations. Cold storage ensures that data remains accessible and secure, even years after it was collected.

Benefits for security operations

The new storage tier offers several advantages:

  • Significant cost savings for long-term data retention
  • Simplified compliance with data governance policies
  • On-demand access to archived data for threat hunting and analysis.

By optimizing storage costs, organizations can allocate more resources to proactive security measures and advanced analytics.

Capgemini’s MXDR services: Maximizing storage efficiency


Capgemini’s MXDR services are uniquely positioned to take advantage of Sentinel’s new storage capabilities. Through its Cyber Defense Centers, Capgemini helps clients implement intelligent data retention strategies that balance performance and cost.
With the cold storage tier, Capgemini can:

  • Store historical telemetry for extended periods without budget strain
  • Enable retrospective threat analysis and compliance audits over longer periods of time
  • Integrate storage policies with real-time monitoring and response workflows.

This holistic approach ensures that clients not only meet regulatory requirements but also enhance their overall security posture.

Strategic value for the future


The addition of cold storage to Microsoft Sentinel Data Lake is more than a technical upgrade – it’s a strategic enabler. It empowers organizations to retain valuable data, derive insights from it, and respond to threats with greater agility. When combined with Capgemini’s MXDR expertise, the result is a powerful, cost-effective solution for modern security operations.

About the author

Mona Ghadiri

Vice President – Cybersecurity Portfolio, Cloud Infrastructure Services
Mona is a three-time Microsoft Security MVP, recognized for her expertise in SIEM, XDR, and most recently, Security Copilot—where she was one of only 26 global awardees and the first woman to receive the honor. She brings deep product leadership experience from roles at Raytheon/Forcepoint, Trustwave, and BlueVoyant, where she led the development of Microsoft-based cyber services. Before entering cybersecurity, Mona worked as a process engineer in the automotive and food & beverage industries. A passionate advocate for SOC transformation, pragmatic AI in security operations, and talent development, Mona speaks globally at conferences and webinars. Her recent focus includes advancing women in AI and cybersecurity and sharing insights on securing AI systems. She serves on the boards of several Microsoft learning communities, including Zero to Hero, Team Copilot, and MSFarsi. Mona holds a BA from Grinnell College and an MBA from the University of Illinois Urbana-Champaign, along with a certification in Lean Tools Implementation.