Nightfall helps automate ongoing CCPA/CPRA compliance so you can improve your security posture, drive revenue, and build customer trust.
The California Consumer Protection Act (CCPA) and California Privacy Rights Act (CPRA) grant California residents, more control over the use and sale of their personal data. CCPA applies to businesses that:
Have annual revenue in excess of $25 million;
Buy, receive, sell, or share personal information on 50,000 or more CA households or devices;
Derive more than half of their annual revenue from selling consumer personal information.
Under CCPA/CCPA, you need to implement, document, and monitor security controls to protect consumers’ privacy. Nightfall supports these requirements under the following sections of CCPA/CPRA:
Section 1798.81.5 of the CCPA requires businesses to implement and maintain reasonable security procedures and practices to protect personal information from unauthorized access, destruction, use, modification, or disclosure. Nightfall is a control that protects personal data from unauthorized access, alteration, or loss.
Section 1798.125 of the CCPA requires businesses to provide certain rights to California residents regarding their personal information, such as the right to know what personal information is being collected, request deletion of PII, and opt-out of the sale of personal information. Nightfall helps organizations to identify and control the collection, use and sharing of personal information.
Scan and assess the risk across all your cloud applications to ensure you stay compliant and avoid potential fines or data breaches.
Report on compliance in a consolidated view
Reduce the burden of completing annual audits with continuous data monitoring, and move your organization from a point-in-time to a continuous security and compliance model.
Leverage Nightfall's built-in dashboard or out-of-the-box SIEM integrations to manage all your cloud data protection and data classification in one place.
Use Automation to reduce ongoing compliance costs
Reduce the time your security team spends managing violations and alerts. With Nightfall's market-leading detection accuracy, automation, and easy-to-use dashboard, you can take the pain out of ongoing compliance.
Reduce false positives with machine learning (ML) detection
High-accuracy ML detectors with an out-of-the-box PHI template to highlight the highest-risk data items, reducing the time spent triaging security alerts
Automate compliance tasks
Automate the remediation for security alerts to reduce manual work and dramatically reduce time of data exposure. Manage all of the security tasks in your SIEM or Nightfall dashboard
Scale your operations by educating users and encouraging security best practices - aiding ongoing compliance with your contractual obligations.
Reduce your teams ongoing security training workload
Leverage automatic training notification to train employees, making your organization well trained on compliance. This also reduces the workload on your security team and allows them to remain focused on high-priority and strategic work.
No end-user impact
With Nightfall's agentless deployment there is no blocking of network traffic or device latency, helping empower and educate users - ensuring productivity is not impacted.
Aaron’s is a sales and lease retail company that provides home furnishings including electronics, home goods, bedding, and furniture. With almost 12,000 employees in 1,800 stores across the U.S., Canada, and Puerto Rico.
The Aaron's Enterprise Process Solutions team needed a way to centralize business processes securely and without compromising the company's commitment to safeguarding customer data.
The Nightfall Developer Platform, which can be implemented in just a few lines of code, allows companies to integrate Nightfall into any cloud environment, including custom ones. With it, Aaron's was able to deploy data detection and remediation capabilities.
“The Nightfall Developer Platform allows us to scan for certain patterns of information, like social security numbers or credit cards. We can ensure that our internal communication stays as work-appropriate as possible.”
Manager of the Enterprise Process Solutions