Last month, we hosted a webinar with our CISO, Karim Beldjilali, who was formerly the CISO of Rightway a healthcare startup. Karim shared important security lessons for healthcare organizations leveraging cloud applications across their workforce. We briefly share the highlights below.

Lesson 1 - These are the three areas you must focus on for HIPAA Compliance in Cloud Applications

Drawing upon his experiences at Rightway, Karim discusses the shape his security program took, highlighting the importance of access management, data protection, and transmission security within SaaS platforms. 

Lesson 2 - Fulfilling your Mandate to Enable Rather than Block Business Processes

In this clip, Karim discusses how the function of security has evolved from the “castle-and-moat” perspective of blocking employees from engaging in risking behaviors on prem, to education about proper practices and enablement of safe business processes. Karim also discusses how Nightfall aligned with this philosophy when he was researching which tools to use at Rightway.

Lesson 3 - Takeaways from Rightway’s use of Nightfall before and after

Karim walks through the substantive changes Nightfall provided to his security program within the first 90 days. Key highlights are increased visibility into the riskiest sharing behaviors of employees on SaaS and the ability to intervene with low impact and create “teachable moments” for individuals engaging in such behavior.