Webinar: Join us, Tues 5/24. Nightfall & Hanzo experts will discuss how machine learning can enhance data governance, data security, and the efficiency of legal investigations. Register now ⟶
Flatfile protects PII and maintains compliance in their SaaS environments with Nightfall
Flatfile simplifies the data import process for companies via their easy-to-use data onboarding platform. Users can upload data from CSV files and Excel spreadsheets directly into their applications seamlessly. By paring down the uploading process, Flatfile allows their users to work faster and more efficiently without running into typical errors when importing data, like unsupported file formats.
The infrastructure team at Flatfile manages the company’s servers and infrastructure technology to ensure that Flatfile’s upload services perform at the high standards required for excellent customer experience. Flatfile’s head of infrastructure Robbie Trencheny leads the team that is responsible for managing risk throughout the company’s internal IT ecosystem. That includes protecting any personally identifiable information (PII) that might make its way into Flatfile’s internal systems in the course of business.
The infrastructure team needed a way to ensure that this sensitive PII is always kept safe and secure and never exposed or shared improperly within Flatfile’s internal systems. Nightfall provides the PII protection Flatfile needs to maintain compliance within their cloud tech stack.
Putting security and compliance for PII first with Nightfall
One of Flatfile’s main goals for data security within their internal SaaS apps is maintaining compliance in many different fields — SOC Type 1 and Type 2, ISO 27001, HIPAA, PCI Level One, and FedRAMP. The infrastructure team must maintain these compliance standards within Flatfile’s business-critical apps like Slack, GitHub, and Google Drive. Having a data loss prevention (DLP) strategy is an important step toward meeting those compliance regimes.
Two challenges prevented Robbie’s team from managing PII risk with DLP — either the platforms where data was stored did not include the level of protection the team needed, or the detectors and alerts within the platforms were too noisy and difficult to be configured properly.
“Before Nightfall, we used the built-in tools within these platforms for data security, like Google’s quarantine alerts,” Robbie says. “We found that they were too trigger happy and couldn’t fulfill our compliance needs.”
All in one data security functionality for Flatfile’s SaaS
Nightfall allows the Flatfile infrastructure team to configure detection to zero in on the information that’s most critical. Nightfall scans Flatfile’s SaaS systems for PII so that Robbie’s team can protect against improper exposure of sensitive information — and show that their organization is primed for the highest levels of compliance requirements.
“We use Nightfall as a preparation for our compliance qualifications,” says Robbie. “With Nightfall, we know that we won’t leak PII in our SaaS apps.”
Flatfile is built on the idea of making file and data uploads easy for their customers. So for Robbie’s team, it makes sense to deploy a data discovery and classification solution that is also simple and effective for protecting PII from exposure and meeting multiple compliance standards. Nightfall works as an all-in-one DLP solution for Flatfile, with the ability to apply one set of rules and see everything in one dashboard — all detectors, scan results, and alert actions are together in the same place for easy access and deployment.
Nightfall provides focused alerting and detection for Flatfile
Nightfall makes protecting PII within SaaS for Flatfile even easier by helping the infrastructure team fine-tune their scans to detect information at risk. “Before Nightfall, I would get almost 200 DLP alerts from Google a week, and most were false positives,” says Robbie. “Now with Nightfall, I only get alerts for things we’re actually looking for to protect PII. We no longer have to individually configure the rule sets across different platforms. It’s a major win for us.”
Flatfile can continue growing its business with confidence that their customer information will not inadvertently be exposed within the multiple apps where they deploy Nightfall. As a platform that supports their compliance goals and secures PII throughout their SaaS environments, Nightfall provides the data protection that Flatfile needs to meet their commitment to their customers.
“I was impressed by the connections that Nightfall offered out of the box. Other solutions didn’t make me feel as confident about how their integrations would work on the platforms we needed to protect.”
Nightfall is the industry’s first cloud-native DLP platform that discovers, classifies, and protects data via machine learning. Nightfall is designed to work with popular SaaS applications like Slack, Google Drive, GitHub, Confluence, Jira, and many more via our Developer Platform. You can schedule a demo with us below to see the Nightfall platform in action.
Schedule a Demo
Select a time that works for you below for 30 minutes. Once confirmed, you’ll receive a calendar invite with a Zoom link. If you don’t see a suitable time, please reach out to us via email at firstname.lastname@example.org.