Data exfiltration — the risk of your data ending up somewhere it doesn’t belong — remains one of the greatest data security concerns. This risk is only worsened by the fact that as companies migrate their data into the cloud, they struggle to maintain the visibility needed to ensure their data remains secure. Cloud data loss prevention (DLP) remains one of the few ways to retain data visibility within SaaS and IaaS systems and put controls in place that greatly limit the occurrence of data exfiltration in these environments.
What is data exfiltration and why does it matter?
Data exfiltration is the act of exfiltrating or exporting data from a target source, be it a physical location, like an office, or in the case of cloud security, a network. For the purposes of many data security regulations like GDPR and HIPAA, most data exfiltration incidents qualify as data breaches, making them extremely costly and important to defend against. This is especially true within cloud systems where data is harder to keep track of and contain, as the IT perimeter is much more loosely defined and traditional security practices and access controls, like plugging ports and installing firewalls, aren’t comprehensive enough.Data exfiltration can happen through any number of means; employees present one of the greatest data exfiltration risks, be it deliberate or through negligence. Consider, for example, an employee who is accidentally given permissions to a file in Google Drive. This employee can then download the file, regardless of the creator’s intentions. It’s important to note that this simple mistake poses an exfiltration risk, regardless of whether or not the employee downloads the file, as it’s possible for their account to be hijacked by a malicious actor who can use the account’s file permissions to download the file in question. Security practitioners considering their data exfiltration risks will have to take such scenarios into account.
How does data loss prevention prevent data exfiltration?
Data loss prevention (DLP) is a security control that can identify where in a system sensitive data lies and whether or not it’s been accessed. A cloud DLP solution, like Nightfall, specifically discovers, classifies, and protects personally identifiable information (PII), protected health information (PHI), other unique identifiers, and credentials and secrets. Nightfall uses machine learning based detectors to identify tokens in a variety of contexts — such as within Slack messages, strings within your codebase, files, etc. Nightfall is an automated solution that is fully capable of alerting security teams when content containing sensitive tokens has been shared in an inappropriate setting or accessed, viewed, or and modified by parties who are unauthorized to do so. With custom workflows you can automatically redact, delete, or quarantine any tokens identified by Nightfall before any irreversible damage is done. This data-centric approach to reducing exfiltration risk has the added benefit of cutting down on cloud data spray by illuminating where in the cloud your most valuable data lives.
What does Nightfall detect?
Nightfall is capable of detecting most common types of PII or PHI as well as industry-specific data such as industry codes like ICD, FDA, SWIFT, IBAN, crypto wallets, and much more. Nightfall has over 100+ machine learning detectors, with each detector being trained to proficiency on a single token type. Plus Nightfall allows teams to detect custom token types as well.
Read how Nightfall helps reduce data exfiltration risk
A number of organizations trust Nightfall to help them catch potential data exfiltration incidents before they have a chance to become breaches. Read how we’ve helped Paidy, a Japanese fintech firm, and Galileo Health, a healthcare company, ensure compliance and protect their data.Learn more about how Nightfall help you address data exfiltration:
- See how Nightfall directly address data exfiltration in collaboration SaaS applications like Slack: https://nightfall.ai/resources/slack-security-detect-pii-prevent-data-exfiltration/
- Read about the most common mistakes that lead to exfiltration risk in the cloud: https://nightfall.ai/resources/accidental-data-leaks/