In this tutorial, we will create and deploy a server that scans files for sensitive data (like credit card numbers) with Nightfall’s data loss prevention (DLP) APIs and the Flask framework. The service ingests a local file, scans it for sensitive data with Nightfall, and displays the results in a simple table UI. We’ll deploy the server on Render (a PaaS Heroku alternative) so that you can serve your application publicly in production instead of running it off your local machine.

A recent report from IBM found that data breach costs rose from $3.86 million to $4.24 million in 2021. This year’s estimate is the highest average total cost in the 17-year history of the IBM Cost of a Data Breach Report. Partly, the record-setting cost of a data breach has to do with the fact that so many companies are working remotely.

As digital transformation continues post-COVID more organizations, including those covered by HIPAA, will seek out SaaS solutions that make collaboration easier. Fortunately more and more applications like Slack are enabling HIPAA compliant use. In early 2019 as Slack filed for its IPO, the company also updated its security page to provide details on its qualifications as a HIPAA compliant messaging app.

Data loss prevention (DLP) refers to a category of tools and technologies that classify, detect, and protect information (data) in three states: data in use, data at rest, and data in motion. The purpose of DLP is to enforce corporate data security policies that govern where data does — and doesn’t — belong. As such, there are some key strategies and best practices required to build these data security policies.

Data loss prevention (DLP) refers to a category of tools and technologies that classify, detect, and protect information (data) in three states: data in use, data at rest, and data in motion. The purpose of DLP is to enforce corporate data security policies that govern where data does — and doesn’t — belong.

The rules set forth by PCI-DSS can seem complicated. Four levels, 12 requirements, multiple credit card brands: it’s easy to get lost in the details of PCI-DSS requirements. However, merchants who fail to meet the PCI compliance standard face heavy consequences. Not only do these companies put their customer data at risk, they also may face hefty fines that can range from $5,000 to $100,000 per month.

In this tutorial, we’ll demonstrate how easy it is to redact sensitive data and give you a more in-depth look at various redaction techniques, how Nightfall works, and touch upon use cases for redaction techniques. Before we get started, let’s set our Nightfall API key as an environment variable and install our dependencies for our code samples in Python.

We’re excited to announce that Nightfall DLP for Jira now has real-time detection. Services like Jira, which are part of the Atlassian ecosystem, are among some of the most popular cloud tools leveraged by companies today. Like most SaaS applications, Jira is an always-on service where many collaborators share information. In some cases, this may result in the unintentional exposure of sensitive data.

In this tutorial, we will walk through the end-to-end process of scanning your Amazon S3 buckets for sensitive data with Nightfall’s S3 Sensitive Data Scanner. By the end of this tutorial, you will have an exported spreadsheet report (CSV) of the sensitive data in your S3 buckets.

Cloud security is not only good for consumers — but it’s also a requirement for businesses in many industries. Understanding compliance regulations (like GDPR) and security frameworks (like NIST) can help IT teams create strong, layered privacy and security controls and data loss prevention using a range of platforms and integrations. Here are the most common and comprehensive security standards that businesses need to know to be cloud compliant.