Nightfall Documentation
  • Data Detection and Response
  • Posture Management
  • Data Exfiltration Prevention
  • Data Encryption
  • Firewall for AI
  • Data Classification and Discovery
  • Welcome to Nightfall Documentation
  • Release Notes
    • Release Notes 2025
    • Release Notes 2021-2024
  • Introduction
    • Why Cloud DLP?
    • Introduction to Nightfall
    • Nightfall Overview
    • Cloud-native DLP vs. CASB
    • How Nightfall Works
    • Reasons to Choose Nightfall
    • Benefits of Nightfall
  • Compliance
    • How Nightfall Fits into Compliance Frameworks
    • ISO 27001 Compliance + DLP
    • SOC 2 Compliance + DLP
    • PCI Compliance + DLP
    • PHI Detector - More on Nightfall's HIPAA Compliance Detector
  • Getting Started
    • Installing Nightfall
  • Nightfall Detection Platform
    • Overview
    • Detectors
    • Choosing a Nightfall Detector
      • Compliance Use Cases
      • Data Protection Use Cases
    • Nightfall Detector Glossary
      • Secrets Detection
    • Creating Custom Detectors
      • Creating Dictionary Detector
      • Create File Type Detector
      • Create File Fingerprint Detector
      • Create Regular Expression Detector
      • Extend a Nightfall Detector
    • Create Detection Rules
    • Detection Platform Overview
    • Evaluating Detection
    • Creating Policies
      • Selecting Integration
      • Scope of the Policy
      • Detection Rules
      • Advanced Settings
      • Name and Risk Score
    • Historical Scan Detection Rules
    • Regex Library
    • Detection Platform FAQs
      • How can I reduce false positives in my findings?
      • What do different “Confidence Levels” mean?
      • What file types will Nightfall scan for sensitive data? What are the limitations?
      • How do I use Context Rules?
      • How do I use Exclusion Rules?
      • Does Nightfall have a regex library I can choose from?
      • Why does Nightfall sometimes miss to report SSN, credit card number, and so on?
      • Why does the Password Detector Report False Positive Zoom Password Findings?
  • Nightfall Detection & Policy Templates
    • Detection Rules
    • Nightfall Sample Data Sets
  • Dashboard and Events
    • Nightfall Dashboard
    • Sensitive Data Protection Events
      • Filtering Events
      • Event Filter Operators
      • Applying Actions on Events
      • Applying Bulk Actions on Events
      • Event Status
      • Deduplication and Automatic Resolution of Events
  • Setting up Alert Platforms
    • Nightfall Alert Platforms
    • Setting up Slack as an Alert Platform
    • Setting up Jira as an Alert Platform
    • Setting up MS Teams as an Alert Platform
  • Operationalizing Nightfall DLP
    • Playbook
    • Informing & Coaching Business Users
    • Alert Management Guiding Principles
    • Integrating with Security Tools
      • Integrating with SIEM
        • Integrating with Microsoft Sentinel
      • Creating Dashboards for Nightfall Alerts in Splunk
      • Creating Dashboards for Nightfall Alerts in Sumo Logic
      • Sending Alerts to Microsoft Teams
    • Frequently Asked Questions (FAQs) for End-Users
  • Nightfall Integrations
  • Nightfall for Slack
    • Nightfall for Slack: Quick Start
    • Getting Started With Nightfall for Slack
      • Requirements
        • Requirements for Nightfall DLP for Slack Enterprise
        • Requirements for Nightfall DLP for Slack Pro and Slack Business+
      • Installing Nightfall for Slack
        • Installing Nightfall DLP for Slack Enterprise
        • Installing Nightfall DLP for Slack Pro and Business+
    • Configure Alerts for Slack
    • Configuring Policies for Slack Pro and the Slack Business+ Editions
      • Slack Pro and Business+ App Selection
      • Configure Scope for Slack Pro and Slack Business+
      • Configure Detection Rules for Slack Pro and Slack Business+
      • Configure Automated Actions in Slack Pro and Slack Business+
      • Configure Advanced Settings in Slack Pro and Slack Business+
      • Risk Configuration in Slack DLP for Slack Pro and Slack Business+ Editions
      • Manage Events for Slack
    • Configuring Policies for the Slack Enterprise Edition
      • Slack App Selection
      • Configure Scope for Slack Enterprise
      • Select Detection Rules for Slack Enterprise
      • Configure Automated Actions in Slack Enterprise
      • Configure Advanced Settings for Slack Enterprise
      • Risk Configuration for Slack Enterprise
      • Manage Events for Slack Enterprise
    • FAQs
      • Can I redact sensitive message content in Slack?
      • Nightfall for Slack Pro vs Enterprise
        • Upgrading from Slack Pro to Enterprise
      • Can we customize the alert messages sent in Slack?
      • Can I Disable Detection in Private Channels or DMs?
      • What types of channels does Nightfall scan? Does Nightfall scan shared channels?
      • I am unable to view a sensitive message or file from the Nightfall alert channel.
      • Upon Slack installation, why am I seeing a 400 error mentioning a "Restricted Action"?
      • I send a sensitive message, edit it, and then admin applies the Redact action. What is the outcome?
      • How do I re-install Nightfall DLP for Slack Pro Edition?
      • How do I re-install Nightfall DLP for Slack Enterprise Edition?
  • Nightfall for GitHub
    • Getting Started
      • Requirements
      • Install Nightfall for GitHub
      • Configure Alerts for GitHub
    • Configure Policies for GitHub
      • GitHub App Selection
      • Configure Scope for GitHub
        • Use Regular Expressions to Exclude GitHub Directories
      • Configure Detection Rules for GitHub
      • Configure Advanced Settings for GitHub
      • Configure Risk Score for GitHub
    • Manage GitHub Events
    • Remediation on Nightfall for Github
  • NIGHTFALL FOR GOOGLE DRIVE
    • Getting Started
      • Requirements
      • Install Nightfall for Google Drive
      • Enable Google Drive Labels
      • Configure Alerts for Google Drive
    • Configure Policies for Google Drive
      • Google Drive App Selection
      • Configure Scope for Google Drive
      • Configure Detection Rules for Google Drive
      • Configure Advanced Settings for Google Drive
      • Risk Score for Google Drive
      • Manage Google Drive Events
  • Nightfall for Confluence
    • Getting Started
    • Install Nightfall for Confluence
      • Configure Alerts for Confluence
    • Configuring Policies for Confluence
      • Confluence App Selection
      • Configure Scope for Confluence
      • Configure Detection Rules for Confluence
      • Configure Advanced Settings for Confluence
      • Configure Risk Score for Confluence
      • Manage Confluence Events
    • FAQs
      • Page Restrictions
  • Nightfall for jira
    • Getting Started
    • Install Nightfall for Jira
      • Configuring Alerts for Jira
    • Configure Policies in Nightfall for Jira
      • Jira App Selection
      • Configure Scope in Nightfall for JIRA
      • Select Detection Rules in Nightfall for JIRA
      • Configuring Advanced Settings in Nightfall for JIRA
      • Configure Risk Score for Jira
      • Manage Jira Events
  • Nightfall for Microsoft 365
    • Getting Started
      • Microsoft 365 Requirements
      • Setting up Directory Sync
      • Setting up Microsoft Tenant
        • Update App Selection for a Registered Tenant
    • Nightfall for OneDrive
      • Configure Alerts for OneDrive
      • Nightfall Policies for OneDrive
        • OneDrive App Selection
        • Configure Scope for OneDrive
        • Configure Detection Rules for OneDrive
        • Configure Advanced Settings for OneDrive
        • Risk Score for OneDrive Policies
        • Manage OneDrive Events
    • Nightfall for Microsoft Teams
      • Configure Alerts for Microsoft Teams
      • Configure Policies for Microsoft Teams
        • Select Integration in Microsoft Teams
        • Configure Scope for Microsoft teams
          • Scope for Personal Chats
          • Scope for MS Teams Channels
        • Configure Detection Rules in Microsoft Teams DLP
        • Configure Advanced Settings in Microsoft Teams
        • Risk Score in Microsoft Teams Policies
        • Manage Microsoft Teams Events
  • Nightfall for Gmail
    • Overview
    • Install Nightfall DLP for Gmail
      • Configure Content Compliance Rules
        • Create Content Compliance Rule - Monitoring
        • Configure Content Compliance Rule - Quarantine
        • Configure Routing Rules - SMTP Relay Settings
    • Configure Alerts for Gmail
    • Nightfall Policies for Gmail
      • Gmail App Selection
      • Configure Scope for Gmail
      • Configure Detection Rules for Gmail
      • Configure Advanced Settings for Gmail
      • Configure Risk Score for Gmail
      • Manage Gmail Events
    • Remediation on Nightfall for Gmail
  • Nightfall For Salesforce
    • Overview
    • Getting Started
      • Install Nightfall DLP for Salesforce
      • Upgrade Nightfall DLP for Salesforce
      • Configure Alerts for Salesforce
    • Nightfall Policies for Salesforce
      • Salesforce App Selection
      • Configure Scope for Salesforce
      • Configure Detection Rules for Salesforce
      • Configure Advanced Settings for Salesforce
      • Risk Score for Salesforce
      • Manage Salesforce Events
    • FAQs
  • Nightfall for Zendesk
    • Getting Started
      • Requirements
      • Install Nightfall DLP for Zendesk
      • Configure Alerts for Zendesk
    • Configure Policies for Zendesk
      • Zendesk App Selection
      • Configure Scope for Zendesk
      • Configure Detection Rules for Zendesk DLP
      • Configure Advanced Settings in Zendesk
      • Risk Score for Zendesk
      • Manage Zendesk Events
  • Nightfall for Notion
    • Getting Started
      • Requirements
      • Steps
    • Install Nightfall for Notion
      • Verification of Notion Installation
    • Configure Alerts for Notion
    • Configure Policies for Notion
      • Notion App Selection
      • Configure Detection Rules for Notion
      • Configure Advanced Settings for Notion
      • Risk Score for Notion
      • Manage Notion Events
  • NIGHTFALL FOR Generative AI Applications
    • Overview
    • Install Nightfall for GenAI apps
      • Install Nightfall DLP on Individual Devices
      • Install Nightfall DLP Across Organization
    • Configure Alerts for GenAI apps
    • Creating GenAI Policies from Nightfall Console
      • AI Apps Selection
      • Configure Detection Rules for AI Apps
      • Configure Advanced Settings for AI Apps
      • Risk Score for AI Apps
    • Nightfall Browser Plugin Deployment Guide
    • GenAI Safe Usage and Data Protection Policy
  • Developer Section
    • Nightfall Firewall for AI
    • Nightfall Playground
  • Settings
    • Users and Roles
      • Authentication Options
    • Role Based Access Control (RBAC)
      • Security Analyst Role
      • Policy Manager Role
      • Security Events Manager Role
      • Security Operations Manager Role
      • System Administrator Role
    • Directory Sync
      • Add Microsoft Entra ID to Nightfall
      • Google Workspace Directory Service
      • Add Okta to Nightfall
    • Custom Branding
    • Customer Referral Program
  • Frequently Asked Questions (FAQs)
    • How long does it take to deploy Nightfall?
    • How do I deploy Nightfall?
    • What are some unique points about Nightfall that I should know?
    • Which languages does Nightfall support?
    • How does Nightfall yield time savings for my team?
    • Nightfall vs Legacy DLP: What's the difference?
    • How does Nightfall make my organization more secure?
    • Nightfall vs CASB: What's the difference?
    • Nightfall vs E-Discovery: What's the difference?
    • How does Nightfall classify data?
    • What types of data does Nightfall classify?
    • Does Nightfall scan unstructured data?
    • Does Nightfall require data to be already tagged?
    • How do I learn more about and test out Nightfall?
    • Using Service Accounts with Nightfall
    • Which permissions are required for each integration?
    • Where can I find active user counts for each SaaS application protected by Nightfall?
    • In the Atlassian Marketplace, why does it show that the Nightfall app is not approved in security?
    • How can I estimate the data volume that Nightfall needs to scan?
    • How can I check the Platform Status of Nightfall
  • Login to Nightfall
  • Contact Nightfall
Powered by GitBook
On this page
  • So, What's the Harm of Sensitive Data Residing in the Cloud?
  • What Can Pose a Threat to Sensitive Data?
  • How Can I Prevent Data Breach?
  • How Can I Prevent a Data Leak?
  • Nightfall - AI Native Cloud DLP

Was this helpful?

Export as PDF
  1. Introduction

Why Cloud DLP?

Advantages of a Cloud DLP and introduction to Nightfall cloud DLP

PreviousRelease Notes 2021-2024NextIntroduction to Nightfall

Last updated 12 months ago

Was this helpful?

In today's data-centric environment, organizations are moving to the cloud to cut down infrastructure expenses and concentrate only on their organization tasks thus empowering them to build powerful applications catering to their customers.

When organizations migrate to the cloud, their entire infrastructure is stored on the cloud. The organization's infrastructure moving to the cloud implies that its sensitive data is also stored in the cloud. Sensitive information being stored in the cloud is becoming a normal phenomenon.

conducted by Thales on 3000 IT professionals across 18 countries revealed eye-opening facts. A whopping 75% of respondents said that around 40% of their data stored in the cloud is sensitive. With Cloud being the go-to option for modern businesses, the amount of sensitive information moving to the cloud will only increase in the coming years.

So, What's the Harm of Sensitive Data Residing in the Cloud?

The sensitive data stored on the cloud can either belong to the organization itself or it can be the customer's data required for business purposes. If this sensitive data is lost or even exposed to unauthorized users the consequences can be fatal for organizations and their customers. It's the responsibility of the organization operating in the Cloud to ensure the safety of customers and their sensitive data. Governments around the globe have defined complaint frameworks like GDPR, PII, HIPAA, and so on, which must be adhered to by cloud organizations that collect customer data for operations.

What Can Pose a Threat to Sensitive Data?

Data breach is a well-known threat that has already affected many businesses around the world and is continuing to do so, bringing companies to a standstill and in the worst cases even closure of businesses.

A data breach is a scenario in which your organization's data security is compromised by a malicious user or group (hacker), who steals your organization's sensitive data. Once the data is stolen, hackers can demand ransom to return your data which can lead to data loss by your organization. Hackers might even directly expose your sensitive data on platforms like the dark web without demanding any ransom.

How Can I Prevent Data Breach?

As we saw in the previous section, a data breach can easily lead to data loss or data exposure. So, you need to prevent data breaches in your organization. But what exactly can cause a data breach?

The revealed that human error is the most common cause that leads to a data breach. Of all the data breaches caused, human error was responsible for 55% of the total data breaches. (The next distant factor was the exploitation of vulnerabilities which accounted for 21% of all the data breaches).

A human error is a scenario in which an employee from the cloud provider organization leaks out sensitive data unintentionally. This is known as a data leak. Data leaks are pretty common in organizations because employees are generally occupied in their day-to-day tasks. Some or most of their tasks involve the usage of sensitive data present in the organization. While using sensitive data there is a very high possibility that employees might leak it publicly, causing a data leak, thus leaving room for a potential data breach attack which can ultimately lead to data loss.

The following examples are scenarios of data leaks that can be caused by employees.

  • A developer commits a piece of code to GitHub that consists of an API key or some other credentials.

  • An employee shares an image in a public Slack channel that contains sensitive data.

  • A developer submits live API keys to ChatGPT to generate a block of code.

  • An employee uploads a document with sensitive data to a public Google Drive or AWS S3 bucket.

  • A support team member reveals secret data in a Zendesk ticket.

The above examples are pretty common cases of data leaks which are difficult for any organization to prevent. In the real world, many more scenarios of data leaks go unnoticed until they lead to a data breach. Even after a data breach, it could be difficult for organizations to figure out how hackers were able to gain access to sensitive data, which can help them stop such attacks in the future. It is only when organizations perform a hardcore root cause analysis they get to know that a minor data leak by an employee led to a mammoth data breach.

So, it's pretty clear that not exercising anti-data leak solutions in your organization is as good as serving your organization's sensitive data on a platter to malicious attackers. This is because some employee at some point is bound to accidentally cause a data leak.

How Can I Prevent a Data Leak?

Framing policies to protect sensitive data and educating employees about these policies is a common approach followed by organizations. However, every organization that experienced a data leak, did have data protection policies and implemented rigorous training to employees on adhering to these policies which unfortunately could not prevent the attack.

Another approach can be the use of Cloud Access Security Brokers (CASBs), or some data leak prevention (DLP) tools that can automatically halt unintentional data leak attempts by employees. However, the issue with such tools is that many of them cannot be used in the cloud. Some other DLPs are deployed as agents. The issue with these agents is that when information is transferred to cloud applications from unmanaged or off-network devices, these legacy solutions are powerless to intercept it. Once the sensitive information is stored within the cloud application or infrastructure, legacy endpoints, and network solutions can no longer see it. As a result, users of legacy DLP solutions are left with no visibility into sensitive data that already exists in the cloud, or which is being transferred to the cloud on unmanaged networks or devices.

So, how do you protect your sensitive data in the cloud?

Nightfall - AI Native Cloud DLP

Nightfall’s Cloud DLP provides a solution to this problem. Nightfall is cloud-native and integrates directly with other cloud applications and infrastructure at the application level via API. Nightfall can inspect content stored within the cloud application regardless of how it got there, for complete visibility into cloud DLP risk. Another key advantage of direct cloud-native integration is that Nightfall can take remediation actions on sensitive data that is discovered in the cloud, thus eliminating the DLP risk at the source - a method that legacy solutions cannot hope to achieve. Nightfall’s cloud-native DLP does not require the installation of agents and can be integrated with your cloud applications in just a few clicks. The result is a DLP solution for the modern world that can proactively identify and eliminate DLP risk across your cloud environment.

A Cloud security survey
Infosecurity magazine's July 2023 article