Challenge
- As a marketing technology platform, this confidential SaaS company is subject to a number of consumer data privacy laws such as CCPA and GDPR. It also needs to ensure that payment card data does not end up in cloud systems as it is not a payment processor.
- This company was initially utilizing a data loss prevention solution to manage PII and PCI compliance risk, but the tool was not configurable to address risk within their cloud environments. It was also inaccurate, creating a significant amount of false security alert volume for the team.
Solution
- Nightfall provided a customizable data loss prevention solution with inbuilt automation and market-leading accuracy. This helps prevent sensitive PII like credit card numbers from proliferating within platforms like Zendesk, Google Drive, and S3.
Deploying the right solution to address data security risks
When a new Senior Security Engineer joined this company's Information and Security team, one of the first initiatives he worked on was replacing their existing data loss prevention (DLP) solution. The team found it was insufficient in the items it could detect as well as accuracy. Additionally, the solution could not integrate with environments like Zendesk, a critical application for the organization. Under the direction of the VP of Information Security and Compliance, the team sought out an alternative DLP platform.
“Any regulations our clients are subject to extend to us. One of the ways we wanted to leverage our DLP tool was to ensure we weren’t storing payment card information, personal health information, or other types of sensitive information.”
VP Information Security and Compliance
Consulting with Gartner to find a partner that met their standards, the team found Nightfall, which uses machine learning rather than regular expressions to detect sensitive data. Nightfall provides users access to individual machine learning detectors, each one built from the ground-up. The result is fast and accurate detection of sensitive data within cloud environments.
“Nightfall has saved us hundreds of hours annually in managing false positives that were a huge source of pain with our previous DLP provider.”
VP Information Security and Compliance
What really stood out to the team was how easy it was to set up Nightfall across AWS S3, Google Drive, and Zendesk. Nightfall provided a powerful sense of versatility to apply the same set of rules across environments without much configuration and complexity.
“Our previous DLP tool felt brittle and error-prone. I would often get error messages trying to connect it with systems like AWS S3. But with Nightfall, it took minutes to set up. Most of what we wanted to do worked right out-of-the-box, whereas other tools would have taken months to set up and configure.”
VP Information Security and Compliance
With Nightfall deployed, this company has substantially reduced the risk that their 500+ employees could accidentally or deliberately share or store sensitive information in the cloud.
Extensive visibility for a unified view of cloud data security
Another key way that the security and compliance team leverages Nightfall is by integrating it with Splunk, the company's SIEM tool. Using webhooks, Nightfall can automatically send alerts and analytics into SIEM platforms like Splunk so that alerts can be routed to specific individuals, and findings can be aggregated and analyzed for trends.
This provides a convenient way to manage Nightfall alerts without disrupting or breaking any of the security teams’ existing workflows. Plus, it provides a way for the team to quickly see if sensitive data exposure incidents are either increasing or decreasing over time. Since deploying Nightfall, the team has stated that sensitive data exposure events are rare, and can now demonstrate that with confidence to key stakeholders.
Looking towards the future of DLP
The team has focused on preventing PCI and specific types of PII like social security numbers from proliferating within environments like Zendesk. However, they are now looking to invest resources to expand into other types of data, including unique identifiers within files like CSVs.
Because Nightfall can scan over 100+ file types for sensitive content, the team sees the opportunity to utilize the platform widely. Additionally, they are interested in using Nightfall’s custom notifications to send educational messages to employees who might violate the policy of handling confidential data outside of their primary AWS environment.
“Nightfall is helping us maintain our internal security standards and meeting obligations like SOC 2 Type 2, ISO 27001, GDPR, and CCPA. This is valuable work that ensures we meet our internal standards for handling data as well as those of our customers. This would be much harder if Nightfall weren’t in place.”
VP Information Security and Compliance