Managing Security

Stopping security breachES

Do you remember Equifax's massive data breach late last year, when the credit information of 143 million people was exposed to hackers?  I designed a tool to help prevent that kind of breach from ever happening again for users of Puppet, an automated configuration management platform.

With this tool, Puppet users can quickly locate an insecure software package, learn which business-critical systems use it, and either update or remove it, all in under 6 clicks. 

Below, I'll describe my design process, from research through release.


I conducted discovery research with system administrators to learn how they manage the tens of thousands of software packages in use across the systems they set up and maintain. 

What I learned was alarming: in many organizations, there is no reliable package inventory reporting. Software packages are downloaded from the web, and if these contain vulnerabilities that a hacker can exploit to gain access to a system, it may be months before a system administrator discovers it - that's what happened with Equifax: the sysadmin responsible for removing the vulnerable package wasn't irresponsible - he just didn't know in time.

I also learned that the task of gathering package inventory data can have a high emotional cost for the sysadmin. Gathering inventory frequently involves the manual collation of spreadsheet reporting from across IT, meaning that the information can never be completely trusted. The admin responsible for system security is left with the deflating knowledge that they can never feel fully confident in their situation awareness.

This experience map describe the current, problematic workflow.

I gathered the team for a multi-day cross-functional workshop  ( my workshops are described here). We arrived at a plan we believed we could execute -  collect and display an interactive package inventory from any system connected to the Puppet service. With an ok from our Product Manager, we moved straight into prototyping and testing.

Wireframes show the data architecture and flow through the tool.

Lean specs keep artifacts as flexible as possible. We were releasing internally every sprint, a process requiring close collaboration with the full scrum team, and, IMO, the only way to fly! 

We released a CLI, API and small GUI tool first, then followed up by extending the GUI tool to create an end-to-end workflow to let the user discover a vulnerable package and remediate it.

Feedback from customers was overwhelmingly positive, and, since this tool doesn't require more than rudimentary knowledge of Puppet to be useful, Puppet's sales agents can now market the product for security, as well as operations workflows.

I wrote a short blog post on how users can inventory packages , if you'd like to learn more.

Detail of released tool