March – April 2016
In January I approached the Information Security Office (ISO) at Stanford about collaborating on redefining "Security" as a service. After a major incident two years ago, Stanford has had to drastically increase it's preventative security measures, which impact everyone across campus, adding encryption and minimum security requirements to each device used by faculty, students, and staff. This experience is less than ideal, and the current campus perception is that "Security" is a mandate, not a service provided to campus. I wanted to help the ISO team better empathize with the campus community, help them reframe "Security" as a service provided to campus, instead of a mandate, and lay the foundation for future projects aimed at improving specific security experiences.
I was able to secure three, 3-hour sessions with the entire ISO team over the course of two months, participating in their all-hands annual retreat. I designed a series of interactive workshops to lead the team through the following:
Value statement activity
Service architecture definition
After nine hours of workshops, the ISO team had an arsenal of tools to help reframe Security as a service. The primary outcomes were a new service portfolio architecture and strategy document. This will be used by ISO to continue to reframe their services and better design their service experience. The foundation laid in these workshops will hopefully lead to future projects where we can focus on assessing and improving key service experiences for the campus community.
Deliverables from this project:
Other indirect outcomes from this research include:
I initiated, designed, and led the three, 3-hour workshops with the ISO team. I had assistance from my two colleagues in leading the workshops and creating polished deliverables.