Chat and messaging systems have helped customer experience teams expand and improve the services they offer through instant communications. As customers reach out to your business via platforms like Intercom, they can often share personal information like personally identifiable information (PII), credentials, email addresses, and credit card numbers (for PCI compliance) in their messages.

The Nightfall blog is a knowledgebase for cybersecurity professionals with news and insights from the world of cloud security. Each week, we’re publishing new content to help you stay up-to-date on cybersecurity topics and to prepare you for the issues and threats that occur every day on the job.

When your customers reach out for help, they send messages to your support team that likely contain personal information. Help desk ticketing systems can often harvest for personally identifiable information (PII) like email addresses and credit card numbers, while healthcare providers using ticketing systems may request protected health information (PHI) like patient names and health insurance claim numbers or phone numbers.

During the pandemic, healthcare and education providers scrambled to adapt to providing services remotely, using tools like Slack, Google Drive, and Zoom to continue connecting with patients and students. McKinsey tracked a spike in the use of telehealth solutions in April 2020 that was 78 times higher than in February 2020. And, by some estimates, more than 1.2 billion children worldwide were impacted by school closures due to the pandemic — some of whom were able to learn remotely.

Nightfall has added remediation actions for Google Drive violations, so you can fix the issue automatically or with just a click. Nightfall for Google Drive is one of our most popular integrations, helping customers to discover and classify sensitive data across Google Drive. Once sensitive data violations are found to exist in Google Drive, you want to take steps to protect the data – because removing the risk is really the point, isn’t it?

According to a recent CNBC report, Google has seen a rise in posts flagged for racism or abuse on its message boards. This has caused the company to ask its employees to take a more active role in moderating internal message boards. That’s one way to handle content moderation. But, it also takes an employee’s time and attention away from higher-value tasks. Many companies address instances of internal harassment through training and stronger HR policies.

Every year, business owners grapple with the same question: how can I keep my data safe? One survey found that 47% of small business owners found data security to be their biggest challenge; a further 42% said preventing data loss was also keeping them up at night. Data loss prevention is a clear priority for enterprises of all sizes.

Slack as a product is constantly expanding with new functionality and integrations. Slack Connect is among the most popular new features Slack introduced in the past year and is growing in popularity because it’s an easy way to stay connected with people you work with outside your organization — in real time with all the features that Slack offers. ​​As new improvements or upgrades for Slack are released, data security and compliance should be a top concern for your teams.

Vulnerability management is a full-time occupation. This cybersecurity function is iterative and involves constant monitoring, documentation, and review. From updating your software to recording new patches, vulnerability management is a constant process that benefits from automated tools like Nightfall . Here’s how vulnerability management works, the ins and outs of the vulnerability management life cycle, and best practices to implement at your organization.

Social engineering is a type of cyber attack that targets people to gain access to buildings, systems, or data. Social engineering attacks exploit human vulnerabilities to get inside a company’s IT system, for instance, and access its valuable information. Social engineering is one of the most common— and successful— forms of cyber attack. Social engineering attacks are constantly evolving, but they generally follow five main approaches.