Links

Compliance Use Cases

Organizational compliance is one of the leading drivers that require DLP tooling such as Nightfall. These are the recommended configurations for each compliance framework.
Compliance
Configuration
Considerations
HIPAA Compliance
  • Depending on the type of healthcare organization, disclosure of personal information may disclose PHI (e.g., a sufficiently uniquely named person going to a health provider like an AIDS clinic would likely disclose the person’s PHI).
PCI Compliance
  • Use the Credit Card Number detector
  • Set Minimum Confidence level to Likely
  • Set alert to trigger on Any Detectors
  • For greater rigor, set on each of your locale’s detection rules alongside the Person Name detector configured to trigger with All Detectors, per:
ACH Compliance
  • Use the US Bank Routing and Person Name detectors
  • Set Minimum Confidence level to Likely
  • Set alert to trigger on All Detectors
GLBA Compliance
  • Use the SWIFT and US Bank Routing detectors
  • Set Minimum Confidence level to Likely
  • Set alert to trigger on Any Detectors
ISO 27001 Compliance for v2022
  • Enable all Secrets detectors:
    • API key
    • Cryptographic key
    • Database Connection String
    • GCP credentials
    • Password in code
  • Set Minimum Confidence level to Likely
  • Set alert to trigger on Any Detectors
Other detectors that exist are not recommended for use for the above compliance frameworks. For all use cases, Nightfall further recommends:
  • Tune and amend Minimum Confidence over time in accordance with your violations and data set
  • Scoping should cover all locations where the sensitive data should not be disclosed
  • Using Exclusion Rules to reduce false positives and fine-tune alerts
  • Reporting false positives for machine learning training to [email protected]