Shield is a security application designed for system administrators and CISOs (Chief Information Security Officers) to effectively manage employee exposure to sensitive information within their organization. With an intuitive interface, Shield enables CISOs to set sensitivity levels, and administrators to ensure that confidential data remains secure. This application provides a comprehensive solution for maintaining organizational information and minimizing potential risks.
In the ever-evolving landscape of information security, ensuring access to confidential data only by authorized personnel is a complex task. Shield aims to streamline this process by providing a robust solution that allows administrators to set, monitor and control sensitivity levels, reducing the risk of unauthorized access and data breaches.
The main problem is: administrators face challenges in effectively overseeing access permissions to their company's information.
Furthermore, In the absence of systematic regulation there are additional consequences: it can lead to increased security risks in the organization. Without a structured system for managing and controlling access permissions to sensitive information, there is an increased likelihood of unauthorized access and data breaches. This could result in a breach of confidentiality, potential loss of sensitive data and increased susceptibility to cyber threats, ultimately undermining the organization's overall security posture.
I've researched a variety of apps including security apps, time management apps, task management apps and customer relationship management apps.
The app is designed for two user types: Chief Information Security Officers (CISOs) and administrators. The CISO sets sensitivity levels for organizational information, while administrators implement these levels for employees based on their permissions. The app also allows CISOs and admins, visibility into which individuals have access to which information.
After analyzing the outcomes of my user and market research, I have developed a user flow for administrators to apply data classifications to fields.
The CISO (Chief Information Security Officer) establishes sensitivity levels and assigns categories to them. By dragging them up or down, they determine the degree of sensitivity, emphasizing the importance of positioning the more severe ones at the top.
The CISO has an overview screen that allows monitoring of any environment within the organization. This screen provides information about the risk profile, risk score, percentage of classified data, and risk exposure.
When the 'Show suggestions' button is clicked, the application offers the administrator guidance on categorizing specific fields with appropriate sensitivity levels. The admin can approve all, decline all or partially approve only some fields.
In the toolbar, there is an indicator showing the timestamp of when the classifications were last applied.
Users have the option to filter the information suggested by the application based on sensitivity levels, enabling them to efficiently manage classifications in a more convenient manner.