At Nightfall, our mission is to discover and secure sensitive data in every cloud application through a cloud-native, accurate, and performant platform. Since 2019, Nightfall has partnered with some of the world’s most innovative organizations to proactively eliminate data security risks across a fleet of SaaS applications via our native integrations for Slack, Atlassian Jira, Confluence, Google Drive, and GitHub.

Everyday business documents continue to be one of the biggest sources of data leakage. The Facebook leaks and WikiLeaks are prime examples of the damage such breaches can wreak. Even with the best security tools in place users seem to always be able to find a way to circumvent security. Or, as in most cases, accidentally share data with the wrong audience creating a security issue.

We’re excited to announce that Nightfall is partnering with Virtru, a renowned leader in email and SaaS encryption, to provide customers with an encryption solution for securing PHI in Gmail and Google Drive. Combined with our existing Google Drive data loss prevention (DLP) integration, this new solution will provide fully integrated compliance and security coverage for Google Workspace.

Data bias: the insidious threat lurking in your data unless you’ve taken active steps to mitigate it. It causes the potential to harm, skew or invalidate your data completely – or sometimes all three at once.

HIPAA requires covered entities and business associates to secure protected health information (PHI). Failing to do so can result in steep fines and penalties. Some PHI breaches, however, are out of the organization’s control. Determined hackers can expose PHI, and employees can make mistakes — they’re only human, Despite training, rigorous security protocols, and constant monitoring, data breaches can happen.

Considering the forensic-level attention to data residency that was paid in the early days of cloud, it’s interesting how little regard is now given to the matter. Explaining the many pitfalls of certain data residency challenges to fellow CISOs (and key stakeholders) and why real-time visualisations of data flow matter, is often an interesting exercise.

Microsoft 365 provides a powerful document management and collaboration platform. However, with so many applications available in the platform to store and share information internally and with external parties, such as partners, contractors and vendors, ensuring proper access and data security can be a challenge. In this blog we examine how to ensure secure file sharing in Microsoft 365 and Teams.

In part one of this two-part blog series, we analyzed the UK National Cyber Security Centre’s (NCSC) guidance relating to backups and data protection. Now in this post, we will examine NCSC’s guidance around mitigating malware and ransomware attacks. Recall that NCSC, at present, provides information and practical guidance in various articles on its website rather than formal requirements or regulations.

Over the last few years, the rise in data breaches involving personally identifiable information (PII) has resulted in the loss of millions of records.

HIPAA compliance requires covered entities and business associates to secure protected health information. Social Security numbers, medical record numbers, health plan beneficiary numbers, account numbers, and names of patients, relatives, or employers all must be secured from unauthorized access. The penalties and fines for HIPAA violations can be steep — in some instances reaching millions of dollars. And, HIPAA isn’t prescriptive about what it takes to be in compliance.