Webinar—Designing Trust: Embedding Privacy & Security Into Enterprise AI
Aug 19—RSVP
Customers
Unit21

How Unit21 Stopped Shadow AI Data Breaches and Secured Financial Data Without Blocking Innovation

Nightfall provided Unit21 with the first DLP solution built for the AI era—protecting sensitive financial data across their entire SaaS ecosystem and every AI interaction.
Industry
Financial Services
Integrations
No items found.
Region
U.S. West
On this page

Key stats:

  • Less than 24 hours to fully deploy Nightfall and see real exposure risk across SaaS, AI apps
  • 150+ Staff protected by Nightfall
  • 6 enterprise apps protected
  • Less than 5% false positive rate
  • 67% of issues are automatically remediated by Nightfall
  • Less than 5 hours mean time to eliminate exposure or exfiltration risk 

The Challenge: AI Became Their Biggest Security Blind Spot

Unit21 provides risk and compliance platforms for banks, fintechs, and crypto exchanges—handling some of the most sensitive financial data in the ecosystem. But Jay Crumb, their Head of Security, discovered a critical vulnerability: their employees' productivity tools had the potential to become data exfiltration highways.

"The biggest thing we struggled with before having DLP was visibility into where things are being shared. It's really easy to lose track when everything is moving through SaaS apps, but the advent of LLM chatbots made this problem significantly worse,” says Jay Crumb, Head of Security, Unit21.

The wake-up call: Within days of AI tool adoption, Unit21's data was flowing to unauthorized platforms. Customer addresses appeared in screenshots uploaded to ChatGPT. Spreadsheets were being pasted into unauthorized AI tools for analysis.

Legacy DLP couldn't see browser activity. Traditional network security missed SaaS-to-AI data flows. Unit21 faced a compliance nightmare with zero visibility.

The Solution: AI-Native DLP That Monitors Everything, Everywhere

Nightfall provided Unit21 with the first DLP solution built for the AI era—protecting sensitive financial data across their entire SaaS ecosystem and every AI interaction.

Shadow AI Protection That Actually Works

The Risk: Internal teams were unknowingly feeding company data into unauthorized AI tools.

Nightfall's Protection: Nightfall’s scanning detects sensitive data in real-time before it reaches AI platforms. When employees attempt to upload financial documents or paste customer information into unauthorized tools, Nightfall blocks the action and redirects them to approved alternatives.

"We want to allow our folks to use the power of generative AI but in a safe and approved way. Nightfall gently redirects our people to the safe gen AI sites and helps us by blocking attempts from folks putting PII or customer data into ChatGPT and other tools."

Beyond Surface-Level Detection

The Risk: Legacy DLP missed sensitive data hidden in images, compressed files, and complex documents—exactly where financial firms store their most critical information.

Nightfall's Advantage: Advanced OCR and AI-powered content analysis scans inside ZIP files, screenshots, and embedded content that traditional DLP completely misses.

Real Result: "One of the things that surprised us was how Nightfall will look inside ZIP files and screenshots. That makes a huge difference for us. That's one of our more common true positives, finding data in screenshots that we don't want to be in there", says Jay

Operations That Scale Without Breaking

The Problem: Most DLP solutions require dedicated security resources and constant tuning. Financial firms can't afford security tools that slow down business-critical workflows.

Nightfall's Approach: Slack-native operations mean Unit21's security team handles 90% of incidents without leaving their existing workflow. Self-service policy customization eliminates vendor dependency.

"The tight Slack integration with Nightfall really stands out for us. I would say 90% or more of our interaction with Nightfall is just through Slack. The only time we go into the Nightfall console itself is when we need to tweak a policy."

The Results: Enterprise DLP Without Enterprise Complexity

Immediate Detection of Sensitive Data

Unit21 went from complete AI blindness to detecting sensitive data exposure within minutes of deployment. Real violations were caught on day one, with fine-tuning quickly optimizing detection accuracy.

No False Positive Fatigue

Unlike legacy DLP that drowns security teams in alerts, Nightfall's AI-powered detection achieved <5% false positive rate while maintaining comprehensive coverage across financial data types.

Compliance-Ready Operations

Unit21 can now demonstrate proactive data protection to auditors and regulators, with detailed reporting showing exactly how customer financial data is protected across all AI and SaaS interactions.

Business Enablement, Not Blocking

Instead of restricting AI adoption, Nightfall enabled secure AI usage by redirecting risky activities to approved tools while maintaining employee productivity.

Why This Matters for Financial Services

"For anyone who serves a sufficient number of enterprise clients, DLP is mandatory. It all comes down to picking what fits best for your organization. We needed something that we wouldn't have to dedicate a lot of time to think about and operate. I think there are very few DLP vendors that we've considered that are as seamless and easy to use as Nightfall."

The Bottom Line: Unit21 eliminated their biggest compliance risk—shadow AI data exposure—while enabling, not blocking, AI-powered productivity. They proved that financial firms can embrace AI innovation without sacrificing data protection.

In an industry where a single data breach can cost millions in fines and lost trust, Unit21 chose the only DLP solution that actually sees where financial data goes in the AI era.

Read more Customer Stories

The automatic end user remediation is one of the most important Nightfall features for us. You can send automatic alerts to users, customize notifications, and empower users to mark false positives or provide business justification for their actions. We didn't find this feature in other tools, so this is one of the most important things we found in Nightfall.
Ulises Chombo Martínez
Ulises Chombo Martínez
Security Operations Lead
Read case study

Nightfall’s Slack integration is critical. Being able to action on alerts—redact, block, resolve—directly within Slack without logging into another portal saves us significant time. We see alerts and deal with them immediately, keeping our team highly efficient.
Adam Davis
Adam Davis
Read case study

Read more Customer Stories

Learn how Snyk automates their security workflows with 94% true positives

Nightfall is reliable. When it says there’s a detection, we trust that detection. For people in my field, that’s a big factor. You don’t want to waste time chasing ghosts.
Victor Sogaolu
Victor Sogaolu
Staff Security Engineer
Victor Sogaolu
Read case study

Nightfall gives us the confidence to embrace AI innovation while maintaining our security policies and practices. What previously required days of manual review now happens automatically, allowing our Security team to focus on strategic initiatives instead of constant monitoring.
Kyle Marshall
Kyle Marshall
Security Operations Team Lead
Kyle Marshall
Read case study

Nightfall’s Slack integration is critical. Being able to action on alerts—redact, block, resolve—directly within Slack without logging into another portal saves us significant time. We see alerts and deal with them immediately, keeping our team highly efficient.
Adam Davis
Adam Davis
Adam Davis
Read case study
See All Use Cases

Schedule a live demo

Tell us a little about yourself and we'll connect you with a Nightfall expert who can share more about the product and answer any questions you have.
<1---->

© 2025 Nightfall AI. All rights reserved.

Terms of ServicePrivacy PolicySecuritySecurity
Twitter X LogoFacebook LogoLinkedIn LogoLinkedIn LogoYoutube Logo