The BreachWatch capability can be deployed selectively to your organization via Role Enforcements. The Pause BreachWatch on client devices toggle controls whether devices send events for reporting purposes, and whether to pause the service so it will not appear on the user's devices at all. Note that enabling events to the reporting module will send record event metadata (User Email, Record UID, IP Address and Device Type) from Keeper’s backend to any connected SIEM product.