Training Example: Nira – Review the Data, Give Your Score & Compare to the Real AI Evaluation

[H1] Data Access Governance for Dropbox, Google Drive & Microsoft 365
Manage file access permissions and secure sensitive cloud data from unauthorized sharing.

[H3]
Nira works with

[IMG: Google Workspace]

[IMG: Microsoft 365]

[IMG: A view of the Nira dashboard showing all documents and items owned or shared with your company, with one document highlighted.]

[H2] How Nira Works
Nira integrates with multiple cloud file applications, enabling you to view and manage thousands of access permissions in one transparent interface.

Get visibility
View and filter all access permissions and security risks.

[IMG: A view of the Nira dashboard showing all documents and items owned or shared with your company, with one document highlighted.]

Manage access
Update permissions for any amount of data assets in seconds.

[IMG: A view of the Nira dashboard showing how to make a bulk change to all items with a Public link type.]

Enforce security
Implement automated Data Access Governance security policies.

[IMG: A view of all Security Policies in Nira showing some that are running while others that have yet to be turned on.]

[H2] File sharing apps conceal numerous data security risks
Collaboration is as simple as sending a link. Oversharing spreads company information across employees and external parties. Managing access becomes a full-time job.
When you don’t know who has access…

Internal sharing
Getting organization-wide visibility into access permissions is impossible.

Third-party access
Outside users can access sensitive data until their accounts are manually audited.

Public links
Anyone with the URL can access files or Sharepoint pages until public links are discovered.

Employee offboarding
Standard offboarding processes and tools don’t scrub personal account access.

Downloads and copying
Both employees and third parties freely copy data onto their devices without detection.

Inbound documents
There is no way to audit and evaluate inbound information risk.

[H2] Unmatched visibility and control, with a fraction of the resources
IT teams of all sizes use Nira to manage and secure their most valuable cloud documents.

[IMG: GitLab]

[IMG: HackerOne]

[IMG: Essence]

[IMG: RapidSOS]

[IMG: SurveyMonkey]

[IMG: Ad Hoc]

[IMG: Moloco]

[IMG: Nira is a leader in Data Security on G2]

[IMG: Nira is a leader in Office 365 Management on G2]
[IMG: Nira is a leader in Office 365 Management on G2]

[IMG: Dan Cody]

[IMG: SurveyMonkey]

Nira allows me to focus my teams more on driving business value rather than shutting down risk.

Dan Cody,
Vice President of IT Infrastructure and Operations at SurveyMonkey

[IMG: Micah Granger]

[IMG: Mixbook]

A huge asset was Nira’s time to implementation. The ability to sign in, review risk, and remediate access issues immediately was phenomenal.

Micah Granger,
IT Manager at Mixbook

[IMG: Colin McCarthy]

[IMG: EssenceMediacom Logo]

Being able to change the link type on almost a million documents in a number of hours was ridiculously smooth with Nira.

Colin McCarthy,
Google Workspace and Productivity Tools Lead at EssenceMediacom

[IMG: Anushka Sharma]

[IMG: ProducePay]

We were able to instantly monitor and comply with our personal account access policy through Nira.

Anushka Sharma,
Information Security Manager at ProducePay

[IMG: Mike Goddard]

[IMG: HackerOne]

We wanted the ability to rectify issues on a massive scale, which Nira excels at.

Mike Goddard,
IT Engineer at HackerOne

[IMG: Dan Cody]

[IMG: SurveyMonkey]

Nira has greatly reduced our exposure to documents, confidential information, and IP being shared, left behind, and ignored.

Dan Cody,
VP of IT Infrastructure and Operations at SurveyMonkey

[IMG: Russell K.]

[IMG: RapidSOS]

In one quarter, we’ve saved weeks of time with Nira, which adds up to quite a lot of money.

Russell K.,
Senior Information Security Engineer at RapidSOS

[IMG: Colin McCarthy]

[IMG: EssenceMediacom Logo]

If I look at the development of Nira in the last 12 months, and the development in other platforms, Nira is lightyears ahead.

Colin McCarthy,
Google Workspace and Productivity Tools Lead at EssenceMediacom

[IMG: Aaron Zander]

[IMG: HackerOne]

I once spent almost eight hours trying to fix an issue that would have immediately worked with Nira.

Aaron Zander,
Head of IT and Workplaces at HackerOne

[IMG: Ryan Sims]

Nira provides visibility into access details that no other tool provides.

Ryan Sims,
Director of IT at SnapCare

[IMG: Maksim Pavlishin]

[IMG: Ampush]

Other tools are not as easily accessible. Nira’s ease of use is far above any other tool on the market today.

Maksim Pavlishin,
Head of Engineering at Ampush

[IMG: Nicholas Kinyua]

[IMG: Sand Technologies]

Before Nira, we had little or no visibility on how our company documents had been shared with external parties.

Nicholas Kinyua,
IT Support Specialist at Sand Technologies

[IMG: Dimpu Shah]

[IMG: CoinDesk]

I would need 12 to 14 months of full investigations to get the same overview and granular visibility that Nira provides instantly.

Dimpu Shah,
Corporate IT at CoinDesk

[IMG: Scott Murray]

[IMG: Ad Hoc]

I've gotten more done with Nira in two months than I would've gotten out of hiring an entire person for a year.

Scott Murray,
Director of IT and Security at Ad Hoc

[IMG: Young Kwon]

[IMG: Energage]

It’s not enough to tell our stakeholders we are secure. I want to show them we are secure. Nira helps us do that.

Young Kwon,
Director of Information Security and Privacy at Energage

[IMG: Scott Murray]

[IMG: Ad Hoc]

Our relationship with Nira doesn’t feel like a customer-vendor relationship. It’s a partnership.

Scott Murray,
Director of IT and Security at Ad Hoc

[IMG: Ricky Dunn]

[IMG: findhelp]

With Nira, we clicked a button, and the automation was set up. Any time we need it, it’s there, carrying out automation tasks in the background.

Ricky Dunn,
IT Manager at findhelp

[IMG: Victor Nee]

[IMG: StreamSets]

Nira falls in the bucket of tools we can actively use to bolster IT, security, and compliance.

Victor Nee,
Director of IT at StreamSets

[IMG: Dan Cody]

[IMG: SurveyMonkey]

Nira allows me to focus my teams more on driving business value rather than shutting down risk.

Dan Cody,
Vice President of IT Infrastructure and Operations at SurveyMonkey

[IMG: Micah Granger]

[IMG: Mixbook]

A huge asset was Nira’s time to implementation. The ability to sign in, review risk, and remediate access issues immediately was phenomenal.

Micah Granger,
IT Manager at Mixbook

[IMG: Colin McCarthy]

[IMG: EssenceMediacom Logo]

Being able to change the link type on almost a million documents in a number of hours was ridiculously smooth with Nira.

Colin McCarthy,
Google Workspace and Productivity Tools Lead at EssenceMediacom

[IMG: Anushka Sharma]

[IMG: ProducePay]

We were able to instantly monitor and comply with our personal account access policy through Nira.

Anushka Sharma,
Information Security Manager at ProducePay

[IMG: Mike Goddard]

[IMG: HackerOne]

We wanted the ability to rectify issues on a massive scale, which Nira excels at.

Mike Goddard,
IT Engineer at HackerOne

[IMG: Dan Cody]

[IMG: SurveyMonkey]

Nira has greatly reduced our exposure to documents, confidential information, and IP being shared, left behind, and ignored.

Dan Cody,
VP of IT Infrastructure and Operations at SurveyMonkey

[IMG: Russell K.]

[IMG: RapidSOS]

In one quarter, we’ve saved weeks of time with Nira, which adds up to quite a lot of money.

Russell K.,
Senior Information Security Engineer at RapidSOS

[IMG: Colin McCarthy]

[IMG: EssenceMediacom Logo]

If I look at the development of Nira in the last 12 months, and the development in other platforms, Nira is lightyears ahead.

Colin McCarthy,
Google Workspace and Productivity Tools Lead at EssenceMediacom

[IMG: Aaron Zander]

[IMG: HackerOne]

I once spent almost eight hours trying to fix an issue that would have immediately worked with Nira.

Aaron Zander,
Head of IT and Workplaces at HackerOne

[IMG: Ryan Sims]

Nira provides visibility into access details that no other tool provides.

Ryan Sims,
Director of IT at SnapCare

[IMG: Maksim Pavlishin]

[IMG: Ampush]

Other tools are not as easily accessible. Nira’s ease of use is far above any other tool on the market today.

Maksim Pavlishin,
Head of Engineering at Ampush

[IMG: Nicholas Kinyua]

[IMG: Sand Technologies]

Before Nira, we had little or no visibility on how our company documents had been shared with external parties.

Nicholas Kinyua,
IT Support Specialist at Sand Technologies

[IMG: Dimpu Shah]

[IMG: CoinDesk]

I would need 12 to 14 months of full investigations to get the same overview and granular visibility that Nira provides instantly.

Dimpu Shah,
Corporate IT at CoinDesk

[IMG: Scott Murray]

[IMG: Ad Hoc]

I've gotten more done with Nira in two months than I would've gotten out of hiring an entire person for a year.

Scott Murray,
Director of IT and Security at Ad Hoc

[IMG: Young Kwon]

[IMG: Energage]

It’s not enough to tell our stakeholders we are secure. I want to show them we are secure. Nira helps us do that.

Young Kwon,
Director of Information Security and Privacy at Energage

[IMG: Scott Murray]

[IMG: Ad Hoc]

Our relationship with Nira doesn’t feel like a customer-vendor relationship. It’s a partnership.

Scott Murray,
Director of IT and Security at Ad Hoc

[IMG: Ricky Dunn]

[IMG: findhelp]

With Nira, we clicked a button, and the automation was set up. Any time we need it, it’s there, carrying out automation tasks in the background.

Ricky Dunn,
IT Manager at findhelp

[IMG: Victor Nee]

[IMG: StreamSets]

Nira falls in the bucket of tools we can actively use to bolster IT, security, and compliance.

Victor Nee,
Director of IT at StreamSets

View all Customer Stories

[H1] Got questions about Nira?
Send us a message, and we’ll respond as soon as we can.

[H1] Your data is secure with Nira
We take the security of your sensitive data seriously. Security is embedded into the culture at Nira and is an integral part of how we operate.

Compliance

Nira has achieved its SOC 2 Type 2 certification for three trust service criteria (Security, Availability, and Confidentiality) and is audited annually.
Nira has also attained its International Organization for Standardization’s (ISO) 27001 certification.
Please contact compliance@nira.com for Nira’s latest SOC 2 Type 2 report, SOC 3 report, or ISO 27001 certification.
For any customer that that will be providing Nira with data regulated by the United States Health Insurance Portability and Accountability Act (“HIPAA”), Nira has a Business Associate Agreement (BAA) that we will enter into with the customer.
We are GDPR compliant as a data processor, and a EU and UK Data Processing Addendum (DPA) is available for customers to sign. For more information, visit https://nira.com/gdpr-faq/ and https://nira.com/dpa/.

[IMG: SOC 2 certification]

SOC 2 TYPE 2
CERTIFIED

Nira is proud to be SOC 2 Type 2 certified and compliant.

[IMG: ISO 27001 Certified by Cadence]

Nira is proud to be ISO 27001 certified and compliant.

Infrastructure security

Nira hosts all data utilizing industry-leading US-based Amazon Web Services (AWS) facilities, which include 24/7 on-site physical security and camera surveillance. For additional details regarding AWS security, visit https://aws.amazon.com/security/.
Data submitted to Nira by authorized users is considered confidential. All data sent to or from Nira infrastructure is encrypted in transit using Transport Layer Security (TLS) v1.2. All data is encrypted at rest using military-grade AES-256 encryption. High risk data have multiple levels of encryption applied.
Nira infrastructure is continually monitored for security vulnerabilities and updates applied automatically.

Policies and procedures

The following policies are followed and enforced at Nira:
Acceptable Use Policy, Asset Management Policy, Backup Policy, Business Continuity Plan, Change Management Policy, Code of Conduct, Cryptography Policy, Data Classification Policy, Data Deletion Policy, Disaster Recovery Plan, Data Protection Policy, Expense and Gift Policy, HIPAA Breach Notification Policy, HIPAA Sanctions Policy, Hiring Policy, ISMS Plan, Network Security Standard, Password Policy, Physical Security Policy, Policy Management Policy, Responsible Disclosure Policy, Risk Assessment Program, SDLC Standard, Security Incident Response Plan, System Access Control Policy, Vendor Management Policy, Vulnerability Management Policy, and more.
These policies are followed by all Nira employees, who review and accept the policies a minimum of once per year.

Vendor management

Nira uses a number of third party applications and services to support the delivery of our products to our customers. Nira's Security team has established a vendor management program that sets forth the requirements for Nira to engage with third party service providers. For a complete list of Nira's third party service providers, visit https://nira.com/third-party-infrastructure/.

Training and awareness

Nira requires all employees and contractors to sign a confidentiality agreement prior to their start date.
During Nira's onboarding process, all new hires are required to complete a security awareness training. All employees and contractors continue to take a security awareness training annually.
Nira's engineering team gets additional training focused on design patterns and the technical aspects of Nira infrastructure security. As an added layer of diligence, every code change is evaluated from a security perspective.

Data protection

Access to customer data is limited to functions that have a business requirement to do so.
Employees are required to use a VPN to access AWS resources, and all servers and databases are inside of VPC with minimum access policies. Access to customer data requires authentication and authorization controls, including Multi-Factor Authentication (MFA). Nira has implemented controls to ensure the integrity and confidentiality of administrative credentials and access mechanisms.
Nira employees are given minimum access to customer data based on their responsibilities. All employee access to systems is logged and audited for security purposes.
Nira runs automated container and application security scans on a daily basis, and package dependency security advisory scans on a weekly basis. In addition, Nira undergoes penetration testing by a third party at least annually. We also maintain separate production and testing environments.

Enterprise companies are rapidly testing and adopting AI assistants like Copilot for Microsoft 365 and ChatGPT. In many cases, the choice is simple: use AI assistants to unlock growth and efficiency, now and in the future, or risk losing ground to competition. However, with their benefits come risks. CISOs and security teams are tasked with… (more) Microsoft Copilot: What CISOs Need to Know

Companies are eager to deploy generative AI assistants like Google Gemini and Microsoft Copilot, but security professionals have concerns. Privacy issues, manipulation by threat actors, and exposure of sensitive data are all risks organizations must be aware of when using these tools.  The time savings and economic gains of AI chatbots are enticing. Gemini and… (more) Security Risks from Deploying Generative AI: Google Gemini vs. Microsoft Copilot

[IMG: Security Risks from Deploying Generative AI: Google Gemini vs. Microsoft Copilot]

Writing code is often a tedious and time-consuming task. Modern developers are always looking for new ways to improve productivity, accuracy, and efficiency with programming. Automatic code generation tools like GitHub Copilot can make this possible. What is GitHub Copilot Anyway? Branded as an “AI pair programmer” and coding assistant, GitHub Copilot uses artificial intelligence… (more) The Ultimate Manual to GitHub Copilot

Choosing the right Microsoft Copilot plan isn’t as simple as it seems.  Microsoft currently offers seven versions of its generative AI chatbot that are designed for companies and two versions for individual users.  Pricing is a top concern for organizations considering the AI assistant. Adding a version of Copilot will increase your company’s monthly Microsoft… (more) What are the different Microsoft Copilots and how much do they cost?

The mass adoption of generative artificial intelligence has outpaced security measures as companies rush to develop and release AI-powered products. Microsoft launched Copilot, Google released Gemini, and OpenAI has made headlines with ChatGPT. Organizations are eager to test AI assistants for company tasks, from creating content to writing code. But developing technology comes with new… (more) How to Reduce Information Security Risks When Deploying Copilot for Microsoft 365

While a return-to-office (RTO) is making a comeback, one trend is here to stay: the era of hybrid and remote work was not a fleeting moment—it’s the new norm.  Remote work isn’t just about cutting costs; it’s about offering teams flexibility, tapping into a global pool of talent, and rewriting the rules of what an… (more) 9 Security Tools Your IT Team Needs for Remote Work

[IMG: 9 Security Tools Your IT Team Needs for Remote Work]

Who has access to your company’s confidential files? This question is becoming more and more relevant as companies turn to cloud collaboration tools like Google Workspace, Microsoft OneDrive, and SharePoint.  Data breaches caused by unauthorized access, what we call access risks, have risen at alarming rates as companies use collaboration tools to share files within… (more) How to Audit Sensitive Documents for Access Risks

[IMG: How to Audit Sensitive Documents for Access Risks]

Keeping sensitive data secure from theft and vulnerabilities can be incredibly challenging. With limited budget and bandwidth, IT and Security teams are expected to protect sensitive information while introducing strong security solutions. To protect sensitive data from getting into the wrong hands, companies first must understand what counts as sensitive data. This guide explores the… (more) The 10 Types of Sensitive Data Companies Must Protect

[IMG: The 10 Types of Sensitive Data Companies Must Protect]

Employees have left companies in record numbers over the last few years due to layoffs, job changes, and new opportunities. In 2023, the tech sector alone faced more than 1,500 layoffs, affecting an average of 667 people per day.  Although IT and Security teams do not have extra time or resources, they often pick up… (more) Offboarding Checklist for IT Teams

[IMG: Offboarding checklist for IT teams]

For investigations in Google Workspace, Google offers its powerful Security Investigation Tool. If you’re a super administrator on the Enterprise Plus, Education Standard, Education Plus, or Enterprise Essentials Plus plans, you can access this potent feature.  The investigation tool allows administrators to conduct searches in different Google Workspace data sources including Gmail, Chrome, and Google… (more) Google Security Investigation Tool: Remove Users, Change Ownership, and More

[H3]
Incredible companies use Nira

[IMG: GitLab]

[IMG: HackerOne]

[IMG: Essence]

[IMG: RapidSOS]

[IMG: SurveyMonkey]

[IMG: Ad Hoc]

[IMG: Moloco]