Company: Google (contract via Adecco)
A more detailed deep dive is available upon request
Overview
In July of 2018 I joined the GSuite Security Center team as a contractor to work specifically on security automation tools. The product officially launched in October of 2019. Having had some experience at SonicWall, I was already generally familiar with enterprise IT and security admins but this was a completely new area of expertise for me.
The crux of my design work was to extend the capabilities of the Security Investigation Tool used for manual remediations. With the new ‘activity rules’, previously manual log activity could now be automated. A few examples could be a) create an alert when when data is exfiltrated or b) when an email arrives from a specific domain, send it to the quarantine, or any number of other configurable conditions and actions. Queries built in the Investigation Tool could be carried over directly into rules with only minor modification.
By intentional design from myself and other team members, the project was tightly coupled with the Alert Center and the Investigation tool to create a more cohesive product experience. Frequent remediations from the investigation tool could now be automated with the new rules, and those rules could generate alerts which appear in the alert center. By creating a ‘single’ product experience, customers are more able to effectively handle security tasks and I’m happy to say we accomplished that goal.
Video demonstrations
My work was even featured at Google Cloud Next 2019 and again during a short video demonstrating some of the security features available in GSuite Security Center, which I’ve linked here.
Individual contribution and takeaways
As the lead designer on activity rules, I was responsible for creating the entire experience from early concepts to release. The lead researcher and I started research with very early concepts and tested often with a number of security admins to inform the direction of the design. I was involved in both the alpha and beta launches, and despite switching teams recently, relatively little of the design changed between beta and release so most of my design remains intact.
Not only was I responsible for the alpha and beta launches, I also was a core team member in driving conversations with the larger UX team around consistency. Along with several other designers, I helped shape the reusable component library for creating rules throughout GSuite Security Center and owned the parts related to activity rules.
One of my favorite aspects of this project was the extremely collaborative relationship I had with a huge swath of skill teams. From keeping in communication with other UX designers working on similar problems, to shaping the PRD and adjusting product priorities based on user feedback (We were insistent on the much lauded chart making it in for beta, which it did), to gaining deep technical knowledge and earning the respect of the frontend, backend and QA engineers as a peer.
While there are things I’d change about the product, I’m extremely proud of the work I accomplished on it. I only wished I’d been able to stay on the team long enough to carry the beta to the finish line and continue working on it post launch to refine and extend it even further.