Designing Nightfall's Google Drive DLP Experience

Designing Trust: How I Built Nightfall’s Google Drive DLP Experience for

Security Teams and End Users

Google Drive is a high-velocity collaboration surface where sensitive data can spread through public links, external collaborators, and shared folders. Security teams need fast setup, accurate detection, clear routing of alerts, and reliable automated actions for both posture changes and data exfiltration attempts.

Led the full design process for Nightfall AI’s Google Drive integration: from discovery and scoping to policy creation workflows, violation alert UX, and compliance dashboards.

Deliver accurate detection (~95% precision) of PII, PHI, PCI, secrets, and credentials.

Provide clear alerts and automated remediation without disrupting user workflows.

The first challenge was making installation simple and fast, because security teams are often resource-constrained and do not want lengthy deployment cycles. Legacy DLP tools can take weeks to configure, while our goal was to enable protection in under an hour

Set Up Revamped – I helped revamping the old set up workflow at Nightfall to make the UX more intuitive.

Authorize and Scope – Nightfall connects via the Google Drive API so teams can start quickly. The goal is to minimize friction while explaining what Nightfall can see and do.

One of the core design challenges in Nightfall AI for Google Drive was making policy creation simple yet powerful. Security teams needed flexible controls to cover a wide range of sensitive data (PII, PHI, PCI, secrets, credentials), but the interface had to remain approachable for admins who were not DLP experts.

While doing this project, I also led a revamp of the Policy Creation experience that turned it into a clear, guided workflow.

A wizard-driven builder that keeps policy logic coherent and auditable

This revamp shortens setup time and makes advanced options discoverable without overwhelming first-time admins.

The Dashboard was designed as the central hub for visibility and compliance reporting. Security and IT teams needed a place to see violations in real time, investigate alerts, and export data for audits.

When a policy triggers, violations appear in the dashboard and alerts are sent based on configuration. Risk-first dashboards that surface the biggest problems, not the most recent ones

With ~95% detection accuracy and automated tuning, Nightfall reduces false positives, preventing alert fatigue.

The end-to-end design makes Google Drive protection easy to adopt, accurate in detection, and actionable in minutes. It gives Security and IT a clear path from installation to policy to remediation, while giving end users a humane way to participate in keeping data safe.