Blog

Emily Heaslip

March 11, 2022

HIPAA compliance requires covered entities and business associates to secure protected health information. Social Security numbers, medical record numbers, health plan beneficiary numbers, account numbers, and names of patients, relatives, or employers all must be secured from unauthorized access.

Emily Heaslip

March 11, 2022

Those who work in the healthcare industry know: HIPAA compliance is often fiercely enforced by the Department of Health and Human Services, and penalties can be steep.

Michael Osakwe

March 10, 2022

The Nightfall blog is a knowledgebase for cybersecurity professionals with news and insights from the world of cloud security. Each week, we’re publishing new content to help you stay up-to-date on cybersecurity topics and to prepare you for the issues and threats that occur every day on the job.

Victor Chen

March 4, 2022

Sensitive data often makes its way into logs. Though most of the time unintentional, these incidents have the potential to do a lot of damage, as they usually involve exposure of API keys, passwords, and customer data that can give attackers access to critical business data or put companies at compliance risk

Michael Osakwe

March 3, 2022

We’re pleased to announce that Nightfall is partnering with Hanzo, a best-in-class enterprise e-discovery and investigations platform.

Evan Fuller

March 2, 2022

The current wave of digital transformation that has brought more and more businesses online has also introduced an unwelcome side effect: the surface area for attacks has ballooned.

Emily Heaslip

February 27, 2022

The Gramm-Leach-Bliley Act, known as the GLBA, was passed in 1999 under President Clinton. The goal of the GLBA was to update and modernize the financial industry. Today, it’s primarily used to protect customer and consumer information, with steep penalties for financial institutions that violate its privacy rules. Here’s what you need to know about the GLBA and its regulations.

Michael Osakwe

February 24, 2022

Our team has been hard at work with continuous updates to improve and streamline the Nightfall DLP platform. We wanted to share with you the latest platform updates guaranteed to improve the speed at which security administrators and teams will be able to remediate incidents.

Michael Osakwe

February 22, 2022

You probably don’t need anyone to tell you that, today, infosec and cybersecurity are challenging and fast-paced endeavors. In the last five years alone, we’ve seen a myriad of industry altering developments — from an ever expanding universe of privacy compliance legislation and the permanent entrenchment of hybrid and remote work, to growth in the size and scope of data breaches — the world of security has proven ever complex and ever-shifting.

Visaal Ambalam

February 18, 2022

At Nightfall, our mission is to detect sensitive data. Today, we detect 50+ types of sensitive data, including social security numbers, API keys, street addresses, and more.

Emily Heaslip

February 16, 2022

As businesses and health organizations seek to strengthen cybersecurity, they’re turning frequently to compliance frameworks to help prioritize, guide, and improve decision-making and implementation. Two of the more popular compliance frameworks are the NIST CSF and the ISO 27001.

Dan Hertz

February 16, 2022

Observability (logs, traces, metrics) is a core tenet to building strong software systems. Logs are used to debug issues and check on system activity, traces provide valuable insights into system performance and architecture, and metrics allow engineering teams to closely track business metrics within their systems.

Emily Heaslip

February 10, 2022

Data exfiltration, quite simply, is the risk of your data ending up somewhere it doesn’t belong. Though this definition might seem simple, understanding this risk is quite complicated — especially as companies migrate their data into the cloud. Companies that work remotely using cloud platforms like Google Drive, AWS, or Jira often struggle to maintain the visibility needed to ensure their data remains secure. This increases the risk of data exfiltration, which can often go undetected for weeks, if not longer.

Emily Heaslip

February 2, 2022

Unstructured data is data that cannot be processed and analyzed using conventional data tools and methods: qualitative data, such as customer feedback or social media posts are considered unstructured data.

Michael Osakwe

January 28, 2022

The sudden shift to remote work in 2020 exposed companies to a variety of new security challenges that haven’t gone away. Review the seven most crucial areas of security for emerging remote-first organizations

Emily Heaslip

January 27, 2022

Data governance is the principled approach to managing data during its life cycle — from the moment you generate or collect data to its disposal. Good data governance ensures that data is kept private, accurate, usable, and most of all: secure.