Once Upon a Time >
With the establishment of WikiLeaks and the publishing of secret information, news leaks, and classified media from anonymous sources, companies started to intensify their security measures to prevent data from leaking.
At that time, I was asked to join a new operative team within Data Loss Prevention Group of Symantec with the goal to explore “Malicious Insider” profiles. My role was to lead the discovery phase and later the design. Through a variety of exploratory sessions, interviews, and workshops—working with the new operative team—I helped identify three main categories of offenders: the Disgruntled employee, the Repeat offender, and the Malicious employee who knew how to obfuscate documents.
Along with a series of recommendations–identify behavior, detect avoidance, enable investigations–I validated the need for our current product to move from an exclusive data-centric to an identity-centric approach and presented an initial paper-prototype to visualize the new functionality.
This represented a fundamental shift for our product as well as our company. Symantec had always been very careful in protecting data without shadowing employees, but considering the overwhelming need to protect data in every way possible, the company had to adapt.
I adopted the storyboard technique to soften the negative connotations while telling our story in a way that was well received.
Few boards from our story: