The Nightfall blog is a knowledgebase for cybersecurity professionals with news and insights from the world of cloud security. Each week, we’re publishing new content to help you stay up-to-date on cybersecurity topics and to prepare you for the issues and threats that occur every day on the job.
As we close out 2021, we’re excited to share new Nightfall tools and product updates with you. Nightfall DLP for Jira now includes real-time detection to help you protect data anywhere inside your Jira workspace. Additionally we’re introducing two new tutorials on how to use Nightfall’s S3 Sensitive Data Scanner for Amazon S3 and how to redact sensitive data in 4 lines of code using Nightfall APIs.
We also have new case studies from Prove and Klaviyo, showing how we help protect data throughout each organization’s SaaS ecosystem including Slack, GitHub, Jira, and Confluence. Finally, we’ve included the best content from the past month on cloud DLP best practices for protecting data and meeting compliance requirements in SaaS applications.
Thank you for subscribing to our updates! We send our best holiday wishes to you and your loved ones.
Introducing Nightfall for Jira, with Real-Time Data Loss Prevention
Nightfall DLP for Jira now has real-time detection. We built our Jira integration to address the challenges of sharing and storing data in the platform; as an always-on service, there’s an elevated risk of unintentionally exposing sensitive data. Nightfall allows Jira users to take immediate action on data policy violations to ensure no customer data is exposed via real-time sensitive data detection.
Scan all changes within your Jira instance in real-time and receive detailed alerts on violations that break data security policies as soon as they happen. Get alerts when your internal users add PII, PHI, secrets, credentials, and other business critical data into text fields within Jira or within file attachments. Nightfall can also identify sensitive strings within text or a broad set of file types like PDFs, images, documents, and more.
Read more on Nightfall for Jira with real-time detection.
Scanning Amazon S3 Buckets with Nightfall Data Loss Prevention (DLP)
Learn how to automatically discover and classify sensitive data in your Amazon S3 buckets with Nightfall’s S3 Sensitive Data Scanner. Our tutorial shows the end-to-end process of scanning your Amazon S3 buckets for sensitive data with Nightfall, and by the end of the tutorial, you will have an exported spreadsheet report (CSV) of the sensitive data in your S3 buckets. You can use the findings in the report to remediate and remove sensitive content for better security and privacy, or use it to strengthen your compliance requirements for data protection.
The tutorial is quick to set up and easy to use: it takes only 15 minutes to complete, and you will need access to your AWS Management Console with sufficient permissions to create/edit IAM roles, permission policies, user groups, and if applicable, encryption keys.
You’ll also create a required Nightfall account during the tutorial. Scan up to 3 GB of data per month for free (no credit card required), and you can upgrade at any time to the Usage tier to scan an unlimited amount of data, starting at $3 per GB per month.
For more information on Nightfall’s S3 Sensitive Data Scanner or to get started scanning, read more on our blog.
Redacting sensitive data in 4 lines of code with Nightfall Data Loss Prevention (DLP) API
Redaction is an important component of data loss prevention (DLP). With the Nightfall DLP API, it’s easy to redact sensitive data — all you need to write is just four lines of code. With our latest tutorial, you’ll learn how to add redaction to your apps and get to know various redaction techniques. Plus, see how Nightfall’s data loss prevention (DLP) API works, and review use cases for redaction techniques with this tutorial. Also learn more on when masking, substitution, and encryption options are most appropriate for your DLP processes.
Get started with the tutorial on our blog.
Klaviyo creates a more secure environment for their GitHub repos and strengthens customer trust with Nightfall
Klaviyo is a leading customer data and marketing automation platform dedicated to accelerating revenue and building customer connections for online businesses. Searching for sensitive data in their code repositories eats up time and resources for Klaviyo’s Security Operations team. Nightfall’s automated scans for secrets & credentials in Klaviyo’s GitHub repos streamlines their entire detection and remediation process and reduces resource and bandwidth costs, all in one platform. Klaviyo gets added value from integrating data loss prevention (DLP) into their overall security strategy — plus the associated symbol of trust that comes with DLP.
“Reducing our data risk builds customer trust. By preventing sensitive data from reaching our code repositories, we reduce the chances of data exposure. DLP allows us to reduce risk for the company and build customer trust,” says Shaun DeWitt, Director of Security Operations at Klaviyo.
See how Klaviyo is building data security into their GitHub with Nightfall DLP.
Prove secures data in their cloud SaaS apps with Nightfall
Prove is a mobile cloud identity provider that serves businesses in industries such as finance, retail, and healthcare. Companies rely on Prove to accurately and safely authenticate users. Because their internal business operations run almost entirely on SaaS applications, the Prove infosec team must ensure that their customers’ sensitive data is not inadvertently stored in cloud apps. Nightfall’s pre-built integrations secure information in Prove’s apps that contain sensitive data: Slack, GitHub, Jira, and Confluence. With seamless integration into their existing endpoint security solutions and frictionless functionality for end users, Nightfall provides everything Prove needs as a complete DLP solution.
“Nightfall gives us visibility into the types of information that is exchanged in our SaaS apps. It enables us to explain to our employees why they should not post sensitive information. We’re a policy driven organization, and Nightfall helps us enforce our policies,” says Keith Rella, Director of Information Security at Prove.
See how Prove secures critical data across their SaaS ecosystem with Nightfall DLP.
3 Topics that excited us at Slack Frontiers 2021
At Slack Frontiers 2021, we got a glimpse into the future of work and fresh perspectives on how to help refine skills for navigating complex work environments. Over the two day event, Slack Frontiers shared content for everyone from newcomers to Slack to power users — featuring playlists customized for teams including in IT, Engineering, Marketing, Sales, Service, and Government.
We gathered a list of the three things that excited us the most about Slack Frontiers 2021: supporting an evolving company culture, new integrations with Salesforce, and guest speakers advocating for change in the working world.
How to protect sensitive data with cloud DLP
Remote work that requires the use of cloud platforms presents an elevated risk that data could be exposed or accessed inappropriately. The costs of these incidents are astronomical: a recent report from IBM found that data breach costs rose from $3.86 million to $4.24 million in 2021 — the highest average total cost in the 17-year history of the IBM Cost of a Data Breach Report. Beyond the financial impacts, data breaches can cause major losses for businesses, including loss of customer trust or in extreme cases, being forced to shut down completely.
Protecting sensitive customer data in cloud platforms starts with a solid understanding of what information needs to be secured. Here’s what you need to know to find the right cloud DLP tool and help your business stay compliant while protecting data.
6 Cloud data loss prevention best practices & strategies
Cloud DLP is a category of tools and strategies designed to protect data stored in the cloud. Platforms like Google Drive, Slack, and Atlassian use cloud storage to keep businesses running. Cloud data loss prevention is growing in importance: as of 2021, around 50% of all corporate data is stored in the cloud.
Protecting data in the cloud requires strategies and best practices designed for the platforms your organization is using and the types of data you need to protect in the cloud. Read more about cloud data loss prevention best practices and how implementing the right DLP tools can reduce the risk of a data leak or breach from business-critical cloud platforms.
PCI data discovery tools: Keeping sensitive data protected within your organization
The rules set forth by PCI-DSS can seem complicated. With four levels, 12 requirements, multiple credit card issuers to understand, it’s easy to get lost in the details of PCI-DSS requirements. But it’s also extremely important to master these requirements. Merchants who fail to meet the PCI compliance standard face severe consequences for putting their customer data at risk, starting with fines that can range from $5,000 to $100,000 per month.
The goal of PCI compliance is to protect customer financial data. We’ve gathered information on PCI compliance and an action plan for implementing data discovery tools that can help you identify where customer data needs to be protected and act accordingly.
A Definitive list of different cloud compliance standards
Cloud security is not only good for consumers — but it’s also a requirement for businesses in many industries. Understanding compliance regulations, like GDPR, and security frameworks, like NIST, can help IT teams create strong, layered privacy and security controls and data loss prevention using a range of platforms and integrations.
We’re sharing information on the most common and comprehensive security standards that businesses need to know to be cloud compliant. Learn more about compliance standards and regimes like HIPAA, PIPEDA, GLBA, SOC 2, ISO27001, and a lot more.