The Nightfall blog is a knowledgebase for cybersecurity professionals with news and insights from the world of cloud security. Each week, we’re publishing new content to help you stay up-to-date on cybersecurity topics and to prepare you for the issues and threats that occur every day on the job.
This month, we’re excited to bring you updates on our products with three new announcements: expanded remediation options for Google Drive, a free Zendesk scanner to detect and classify sensitive data that may be hiding within your Zendesk instance, and an ROI calculator to help you demonstrate the value of data loss prevention (DLP) to your organization.
We’re also sharing two new case studies to show how Nightfall DLP supports security and compliance requirements in Slack. Watch our video case study with UserTesting to see how they’re building a DLP program with Nightfall at the center of their security tech stack. In our case study with Mate Fertility, you’ll read how Nightfall provides HIPAA compliance coverage with fully customizable data detection and protection Mate Fertility needs to scale the company effectively.
Our other content highlights from September include blog posts on maintaining HIPAA and FERPA compliance in Slack, how to implement content moderation for your cloud apps with DLP, and a deeper look into what DLP is. Also, catch up with Season 2 of the CISO Insider podcast with our Season 2 recap episode featuring the best quotes and highlights from this past season.
Thank you for subscribing to our updates! As we begin the fall season, we send our best wishes to you and your loved ones.
Nightfall for Google Drive, now with remediation
Nightfall for Google Drive is one of our most popular integrations, helping customers to discover and classify sensitive data across Google Drive. That’s why we added remediation actions for Google Drive violations, so you can fix issues automatically or with just a click.
By immediately restricting Google Drive files with violations, either automatically or manually, security teams can buy time to examine the sensitive findings and reduce the likelihood that sensitive data will proliferate or be exposed. Read more about how we’ve upgraded Nightfall for Google Drive to give our customers more options for remediation in real-time and for historical scans.
How secure is your Zendesk instance? Find out with Nightfall’s Zendesk DLP scanner
When your customers reach out for help, they send messages to your support team that likely contain personal information. Help desk ticketing systems may often harvest personally identifiable information (PII) like email addresses and credit card numbers, while healthcare providers using ticketing systems may request protected health information (PHI) like patient names and health insurance claim numbers or phone numbers. Sending this information over chat or email can be a risk for data loss and exposure.
Protecting customer information in Zendesk is an essential piece of your cybersecurity strategy. Nightfall makes it easy to find the data you must protect with the Zendesk DLP scanner. Read how to get started scanning your Zendesk for sensitive customer information.
Introducing Nightfall’s ROI Calculator
What is the impact of cloud data protection for your organization? Take a look at some stats around data breaches to understand what’s at stake:
- $242 is the average cost of a stolen record
- 80% of data breaches contain customer PII
- 19% of breaches happen due to comprised or stolen credentials
Get a free report customized for your organization’s needs for DLP with the Nightfall ROI Calculator.
UserTesting is building culture of security with their DLP program — and Nightfall
UserTesting is a SaaS-based solution that captures real-time video feedback from people all over the world, giving organizations access to diverse customer perspectives so they can build exceptional digital and real-world experiences. As UserTesting grew to provide valuable insights into consumer experiences for an increasing number of brands, the need to provide a high level of security when handling potentially sensitive data grew too. Nightfall’s API-driven DLP enables UserTesting to meet their customers’ requirements for data security by preventing inadvertent internal sharing or proliferation of PII.
UserTesting sees DLP not just as a box to check—the security team wanted to build a comprehensive DLP program to meet their internal security requirements: protecting customer PII and with a simple and low-friction solution. Nightfall integrated in minutes with UserTesting’s Slack instance and began detecting improper sharing of problematic data right away.
Read how UserTesting uses Nightfall to prove to customers that their vendor relationship includes strict standards for data security.
Mate Fertility maintains HIPAA compliance and scales their telemedicine platform with Nightfall
Mate Fertility is changing fertility treatment medicine to provide wider access to people who may have faced barriers due to high costs or other difficulties with traditional fertility treatment providers. Through their distributed care network of reproductive endocrinology clinics and specialists, Mate Fertility is simplifying the process for patients who want to become parents.
Their vision to connect fertility medicine specialists with patients in underserved areas around the country is centered around instant communication via Slack. To scale the business effectively, Mate Fertility must protect their patient data and maintain HIPAA compliance in Slack for all connected communications. Nightfall simplifies their DLP needs with fast and easy integration directly in Slack.
Read how Nightfall provides Mate Fertility with the compliance coverage they need with fully customizable data detection and protection that can scale up as the company grows.
CISO Insider S2E7 – CISO Insider Season 2 recap
Our season 2 recap episode is a collection of the best quotes and highlights from our second season. We gathered insights, lessons, and other valuable soundbites from CISOs and security leaders at Even Financial, Segment, MongoDB, One Main Financial, and Datadog. Hear from our brilliant guests and make sure to catch their episodes featuring our full interviews for a deep dive into cybersecurity, leadership, and much more.
Listen to the full episode and follow along with the transcript of our Season 2 recap.
Slack security: FERPA and HIPAA compliance
Slack has quickly become integral to companies that work remotely, and even to those who have returned to the office. Many employees have stated that they prefer to use this communication tool long after the pandemic is over. For health and education organizations, this preference requires implementing new measures to protect patient and student data.
Currently, Slack can be configured to comply with two key privacy regimes in the education and healthcare sectors: the Family Educational Rights and Privacy Act (FERPA) and Health Insurance Portability and Accountability Act of 1996 (HIPAA). Read how to ensure your Slack is set up to ensure patient and student data is kept safe.
The essential guide to content moderation
Content moderation refers to a group of policies and practices that cover what should and shouldn’t be shared on company systems. Things like profanity, toxicity, and harassment are commonly covered by content moderation policies. Many companies address instances of internal harassment through training and stronger human resources (HR) policies. In the era of remote work, the expanded use of channels like Slack means expanding the domains where HR policies must be applied. This can complicate both HR policy implementation and enforcement, as well as introduce new forms of harassment.
Content moderation can help HR teams identify and address issues of inappropriate content or harassment. This guide will provide resources and tools to help HR teams protect their coworkers from profanity and harassment efficiently and productively.
What is data loss prevention (DLP) and how does it work
Data loss prevention is a set of tools and technologies that classify, detect, and protect information (data) in three states: data in use, data at rest, and data in motion. The role of a data loss prevention tool is to identify sensitive data that enterprises need to keep safe, and constantly monitor and take action to prevent this information from being leaked or shared inappropriately.
Data loss prevention solutions have evolved significantly in recent years, with cloud DLP providing a cutting-edge solution to protecting sensitive data many companies share over SaaS, IaaS, and PaaS platforms. Here’s what you need to know about data loss prevention and how to implement strict controls in your business.