nightfall ai
for
Google drive
Designing Trust: How I Built Nightfall’s Google Drive DLP Experience for
Security Teams and End Users
Year started
2023
type
sole designer
Category
integration
mvp timeline
2-4 months
problem
Google Drive is a high-velocity collaboration surface where sensitive data can spread through public links, external collaborators, and shared folders. Security teams need fast setup, accurate detection, clear routing of alerts, and reliable automated actions for both posture changes and data exfiltration attempts.
stakeholders
Security Teams (Infosec leads, Compliance Officers): Need robust detection, high accuracy, low noise.
MY ROLE
Led the full design process for Nightfall AI’s Google Drive integration: from discovery and scoping to policy creation workflows, violation alert UX, and compliance dashboards.
IMPACT
API-based integration and guided policies shorten deployment to minutes.
Deliver accurate detection (~95% precision) of PII, PHI, PCI, secrets, and credentials.
Provide clear alerts and automated remediation without disrupting user workflows.
The first challenge was making installation simple and fast, because security teams are often resource-constrained and do not want lengthy deployment cycles. Legacy DLP tools can take weeks to configure, while our goal was to enable protection in under an hour.
Set Up Revamped – I helped revamping the old set up workflow at Nightfall to make the UX more intuitive.
Authorize and Scope – Nightfall connects via the Google Drive API so teams can start quickly. The goal is to minimize friction while explaining what Nightfall can see and do.
One of the core design challenges in Nightfall AI for Google Drive was making policy creation simple yet powerful. Security teams needed flexible controls to cover a wide range of sensitive data (PII, PHI, PCI, secrets, credentials), but the interface had to remain approachable for admins who were not DLP experts.
Revamped the old flow
While doing this project, I also led a revamp of the Policy Creation experience that turned it into a clear, guided workflow.
new google drive policy
A wizard-driven builder that keeps policy logic coherent and auditable
This revamp shortens setup time and makes advanced options discoverable without overwhelming first-time admins.
The Dashboard was designed as the central hub for visibility and compliance reporting. Security and IT teams needed a place to see violations in real time, investigate alerts, and export data for audits.
how alert are sent
When a policy triggers, violations appear in the dashboard and alerts are sent based on configuration. Risk-first dashboards that surface the biggest problems, not the most recent ones
With ~95% detection accuracy and automated tuning, Nightfall reduces false positives, preventing alert fatigue.
The end-to-end design makes Google Drive protection easy to adopt, accurate in detection, and actionable in minutes. It gives Security and IT a clear path from installation to policy to remediation, while giving end users a humane way to participate in keeping data safe.
