top of page

Data Malware Prevention: Multiperson Authorization+Copilot

Optimizing global data security and compliance of Veritas backup-based applications with Multiperson Authorization, and bridging data management gap with AI-assisted Alta Copilot to help users make smarter, faster and informed decisions.

Veritas MPA.png

OVERVIEW

With urgent concerns from our customers, Multi-person authorization (MPA) on Veritas' backup-based platform Flex Appliance is introduced to help protect, prevent, and manage ransomware attacks from undesirable malicious acts to external key management servers (eKMS).​ Users (security administrators only) can configure MPA and manage their operations protected by MPA.

To bridge the substantial data management gap, I also enhanced Alta Copilot to vertically streamline users' data operations and simplify their data management with MPA.

COLLABORATORS

2 product managers, 1 chief architect, 4 engineers, 1 technical writer

RESPONSIBILITIES

Lead designer 1) Strategy, 2) UX Research, 3) Visual Design, 4) Platform Design

TOOLS

Figma, FigJam, Jira, Confluence

DURATION

May ~ November 2024 (shipped)

Problem

Problem

Customers of Veritas have raised urgent concerns that unauthorized users can hold the encrypted data for ransom. Ransomware is the most urgent threat and the focus for cybersecurity. 

data privacy illustration.png

Customer quote

"Without proper secure method, we worry that a person with access to could easily configure a random external key management server (eKMS), create and distribute keys to encrypt NBU / Flex assets, then delete keys and essentially hold the encrypted data for ransom. "

— Security Administrator from Morgan Stanley

Customer quote

Vision

Multi-person Authorization & Copilot for secure compliance:

Vision

Fix the ransomware attacks by adding multi-person authorization as a critical security control in the backup-based platform, so security administrators can comfortably configure and manage operations in the console. Additionally, Alta Copilot offers an AI-assisted approach to enhance efficiency, security, and scalability for security admins to streamline operations protected by MPA.

MPA - Product vision picture.png
Research

Understanding context

From user findings to design objectives, we found that our customers are worried about unauthorized or random users hold encrypted secure data for ransom. In the current product phase, there lacked a shield to protect their data, even our engineers are concerned with it. It's emphasized that an extra layer is pivotal to secure the configuration within hybrid-cloud environment.

  1. Enterprise customers were concerned that someone can hold encrypted data for ransom. 

    • customer trust​

  2. Enterprise customers need a way to ensure that their configurations are protected, safely and securely.

    • malicious acts​

    • management efforts

    • scalability

    • zero-trust principles, such as role-based access controls, and privileged user management.

Screenshot 2025-01-14 at 22.54.36.png

Enforce MPA to manage backup policies

MPA - security admin workflow.png

Create an intelligent query to manage policies

MPA - security admin workflow 2 (1).png
Iteration

Iteration

Design challenge 1

- how MPA enforces

In first ideation, MPA page includes lots of steps with a scrollbar. Though the design provided a table-primary approach, users found it time-consuming to understand how MPA enforcement works. After several iterations and user validation, we ensured that simplicity and visual consistency were among our core design principles, and decided the second approach where a built-in IAM policy activates MPA and users can access custom policies.

Design challenge 1.1.png
Design challenge 1.2 (1).png

Design challenge 2

- efficient workflow modals

Another challenge we faced was the policy modal was inefficient. Both users and our solution architect complained that version may not support complex requirements. We switched from foldable columns into side menu, allowing users to streamline their workflow progress, and include tabs design support multi-purpose function requirements.

Design challenge 2.1.png
Design challenge 2.2.png
Solution

Solution

Persona

We created a representative persona modeled for the final prototypes. With MPA enforcement, Arthur comfortably creates backup policies and operations, and as a security admin, he can approve or decline tickets from other users as a role-based enforcement, manually or AI-assisted by Alta Copilot.

MPA persona.png

Approve tickets - from Alta Copilot

We integrated the superstar Veritas Copilot to assist Arthur to manage policy operations. Arthur creates an intelligent query to ask the AI assistant about pending MPA tickets, and requests to access MPA table where he will approve or reject a pending MPA ticket. The whole process is streamlined by AI to assist Arthur in accessing and managing MPA tickets.

Impact

Impact

After launching in late October 2024, MPA enforcement and Copilot integration proved significant success across our major customer enterprises. We experienced substantial recognition and customer retention, establishing us as a top player in the cybersecurity industry.

Improved adoption

among 90% of Fortune 100 customers

4 Veritas products

adopting new MPA enforcement workflows to prevent data malware attacks in each own platform

Top 5

method at Veritas' cybersecurity and recovery solutions in year 2024

bottom of page