ONCE UPON A TIME - Storyboard

With the establishment of WikiLeaks and the publishing of secret information, news leaks, and classified media from anonymous sources, companies started to intensify their security measures to prevent data from leaking.

At that time, I was asked to join a new operative team within Data Loss Prevention Group of Symantec with the goal to explore “Malicious Insider” profiles. My role was to lead the discovery phase and later the design of a software solution for our mainstream DLP application.

Through a variety of exploratory sessions, interviews, and workshops—working with the new operative team—I helped identify three main categories of offenders: the Disgruntled employee, the Repeat offender, and the Malicious employee who had reasons to obfuscate documents. 

Customers interviews and quick paper prototyping validated the need for our current product to move from an exclusive data-centric approach to an inclusive identity-centric prospective, which required new components to identify behavior, detect avoidance, and enable investigations.

This represented a fundamental shift for the DLP product as well as for the company. Symantec had always been very careful in protecting data without shadowing employees, but considering the overwhelming need to protect data in every way possible, the company had to pivot.

I adopted the storyboard technique to soften the negative connotations while telling the story in a way that was well received.