It’s estimated that more than 27 billion records were exposed in the first half of 2020, despite the decrease in number of reported breach events from 2019. This trend of data breach events is becoming more severe with the average cost and size of a data breach increasing year over year. The severity of modern data breaches presents a serious risk to companies looking to protect the data of stakeholders such as customers and employees. Without security controls like data loss prevention (DLP), the task of discovering and preventing breach events may prove impossible for even the most proactive of security teams.
The true costs of data breaches
The increasing cost and severity of data breaches matters not only because of the increased financial impacts, but also because of associated costs like the reputational harm that comes with such breaches. Security incidents ultimately damage the trust between an organization and its key stakeholders and customers, which can ultimately cause irreparable harm to an organization. In addition to this, a growing number of data security regulations like GDPR and CCPA are explicitly codifying the types of security requirements required to ensure the security of stakeholder data and enforcing steep penalties against organizations that experience data breaches.
How does Cloud DLP like Nightfall help safeguard stakeholder data?
Although more companies appear to understand both the reputational impacts of breaches as well as their legal ramifications, efforts to mitigate the factors that lead to breaches of employee and customer data seem to be lagging. This appears to be in part due to the growing amount of data that organizations now manage as well as the fact that this data is increasingly being stored in the cloud. These two factors greatly increase the attack surface of many organizations, thus increasing breach risk.
This is where cloud data loss prevention comes into play. As a security control, cloud data loss prevention allows security teams to know where their most sensitive data is within their cloud silos and put into place access controls that trigger whenever this data is accessed or shared by unauthorized users. Nightfall specifically discovers, classifies, and detects personal information (PII), protected health information (PHI), other unique identifiers, as well as credentials and secrets. Using machine learning based detectors, Nightfall is able to automatically scan cloud environments for sensitive data with each detector having been specially trained to identify a unique token type. With over 100+ machine learning detectors for all types of personal information, secrets, keys, and credentials, as well as the ability to detect custom token types, Nightfall is a comprehensive data discovery and classification tool. Additionally, Nightfall offers security teams the ability to manually or automatically remediate data leakage incidents in the cloud. The platform can redact, quarantine, and delete text, strings, messages, or files containing sensitive tokens. Nightfall is capable of operating in a variety of SaaS and IaaS environments like Slack, GitHub, Google Drive, AWS, the Atlassian suite and much more, letting you keep your customer and employee data safe no matter where it is.
High-growth Fintech Startup NorthOne ensures customers come first with Nightfall DLP
Nightfall has also proven valuable for both developers managing codebases and cloud infrastructure as well as teams who directly handle customer information. NorthOne is a fast growing financial startup that leverages Nightfall for both use cases. Within Slack, Nightfall ensures that NorthOne’s customer care team provides value to customers without accidental data leakage, and within Jira, Nightfall ensures the DevOps team managers don’t have to worry about the proliferation of secrets and other crucial sensitive information.
“Nightfall’s automated system provides us with strong guardrails,” says NorthOne VP of Engineering Blake Edwards. “Our DLP needs are covered, so our developers can commit their mindshare to focus on delivering new features and solutions for our customers. That’s what really matters to us.”
How do I learn more about securing employee and customer data with Nightfall?
The Nightfall blog contains news and information about cloud security, DLP, and Nightfall products to help infosec leaders level up their orgs’ security posture. Find more information about Nightfall and how DLP can support your efforts to safeguard critical stakeholder data:
- Read our coverage of the CCPA enforcement start date (featured in VentureBeat) and how this legislation will shape organizational efforts to secure customer data: https://nightfall.ai/resources/orgs-struggle-ccpa-compliance/
- See the hows and whys of securing PII within the financial services industry: https://nightfall.ai/resources/fintech-dlp/