Rain

Customers
/
Rain

Rain Leverages Nightfall to Proactively Secure Data in Zendesk

Rain is an earned wage access provider that empowers employers to give financial stability and wellness to their employees with better and faster access to their earned wages. Rain has helped employers increase employee retention by 10x and job applications by 2x.

Industry
Financial Services | Technology
Integrations
Google Drive
Slack
Zendesk
Region
US, West
On this page

Challenge

  • As a fintech platform that enables on-demand pay, Rain is subject to stringent data privacy and security standards like PCI, CCPA, SOC 1 type 2 & SOC 2 type 2. To comply with these regulations and defend against reputational risks, Rain must take a proactive stance around data security risk.

Solution

  • Nightfall lets Rain set comprehensive data security policies within collaborative cloud platforms in order to prevent security incidents that could increase data exposure risk or result in compliance violations.

Adopting a proactive stance on data exposure risk

Through the Rain platform, employers can offer workers on-demand pay or earned wage access. As a fintech company, Rain takes a proactive approach to data security stewardship, and wanted to adopt a cloud tool that could monitor sanctioned communications platforms like Slack and Google Drive for data leakage risk of content like credit card numbers as well as secrets and keys. This is to ensure that access to such content remains on a need-to-know basis, and that such data is no longer stored within Rain’s systems once it reaches the end of its lifecycle. 

As an organization that works in various time zones, a required capability of their cloud DLP solution was automated actions that would block sensitive information from being shared. Another key requirement was end-user notification so that employees would not only be able to take quick action, but would also be coached on data hygiene best practices so sensitive data exposures would be minimized.

That is when Rain turned to Nightfall. After vetting several other cloud DLP solutions, as well as CASBs and endpoint DLP providers, they chose Nightfall for 3 main reasons:

  1. Comprehensive Coverage: Rain needed visibility into Zendesk, Slack, Jira and Confluence. While it was possible for them to access native solutions for some of these applications, Rain required a solution that would provide a holistic view of their core cloud environments. This would not only help them save time and money integrating and managing disparate point solutions, but it would also provide a more accurate view into all of the sensitive data. By choosing Nightfall, Rain also now has the ability to add more integrations supported by the Nightfall platform, including Google Drive and Gitlab. 
  2. Automated Actions: As a smaller team, Rain was looking for a solution that could provide automatic remediation so that their security teams would not be burdened with administrative tasks. Additionally, the team operates in several time zones so they need to be aware of data security issues 24x7 regardless of location.
  3. ROI and Total Cost of Ownership: By using an agentless solution that connects directly with cloud applications at the API level, Rain does not need to expend resources on installing, maintaining, and tuning a DLP solution that connects to the network or endpoint. Because of this easy install and management process, Rain was able to install and configure Nightfall quickly. 

Enabling data security at scale through automation

Central to Nightfall’s value proposition for rain is its machine learning technology. Nightfall uses natural language processing, object character recognition, and more to identify items like credit card numbers, bank routing numbers, and API keys in whatever contexts they appear. Using AI, Nightfall identifies sensitive content in over 100+ file types, including within photos and non-text PDFs in real-time with high accuracy. The security team at Rain finds Nightfall accuracy useful enough that they use automated remediation actions that let the platform automatically redact and remove sensitive findings should they occur.

“Nightfall was able to quickly provide us with the security we needed to ensure compliance and reduce sensitive data exposure risk,” says Rafael Souza, Security Team Lead at Rain. Rain has been able to address this risk seamlessly and cost-effectively using Nightfall’s AI-trained detectors that come out-of-the-box for immediate use. Because of the comprehensiveness of coverage, members of Rain’s Security and IT admin team can now be assured that their data is well-protected. In addition, due to the fact that Rain is in the financial services industry, it is held to stringent compliance standards.

Read more Customer Stories

#02bcff
See how Dividend Finance uses Nightfall to limit the proliferation of tokens and secrets in GitHub
quote mark
Nightfall helps ensure that we keep the proliferation of tokens and secrets to an absolute minimum, exactly for this reason. In this day and age, you simply shouldn’t assume that private cloud environments are inherently safe from snooping or exfiltration.
Read Case Study
Marc Winner
Marc Winner
CISO
#201A19
Discover how NorthOne uses Nightfall to secure customer and company data in Slack and Jira
quote mark
Nightfall has dramatically dropped the time that we spend developing and executing our security fundamentals, so we can think about higher-order problems. It keeps us focused on what we really want to work on. We have a safety net to aggressively pursue whatever our customers need in real-time.
Read Case Study
Blake Edwards
Blake Edwards
VP of Engineering
Nightfall Mini Logo

Getting started is easy

Install in minutes to start protecting your sensitive data.

Get a demo
Nightfall Brand Logo
Newsletter

Subscribe to our newsletter to receive the latest content and updates from Nightfall

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

By registering, you agree to the processing of your personal data by Nightfall as described in the Privacy Policy.

Compatible with
Hipaa logo
HIPAA
PCI-DSS logo
PCI
CCPA Logo
GDPR/CCPA
SOC 2 Logo
SOC 2

© 2024 Nightfall. All Rights Reserved.

Terms of ServicePrivacy PolicySecurity
Twitter LogoFacebook LogoInstagram LogoLinkedIn Logo