Kristine Ng
Product & Service Designer
DAC hero.png

Data Access Controls

Amplitude Data Access Controls

Enable customers to granularly limit which users have access to sensitive data

Problem

Provide customers with the ability to classify data as restricted and limit who has access to sensitive data.

Goals

  1. Address customer feedback requesting more privacy capabilities
  2. Increase enterprise readiness capabilities
  3. Instill a privacy-by-design culture as a publicly traded company

Role: Product Strategy, User Research & Design Lead

Team: Co-launched the Privacy Pod with PM and 3 engineers. Collaborated with every PM and Designer because Data Access Controls touched all product surfaces. 

Timeline: Alpha scope increased the timeline from 1 quarter to 3 quarters.

Deliverables: Research presentations, cross-product workshops, framework for future releases, and hi-fidelity designs.

Approach

Customer Research

I interviewed eight customers who expressed interest in data access controls to learn more about their use cases. Learnings from these interviews informed our requirements:

  • Three default data classifications will be available out-of-the-box: PII, Sensitive, and Revenue.
  • Limiting data access control management to admins is not restrictive enough.
  • The disjointed workflow may be problematic for customers unfamiliar with permission groups and data management features.

We continued to work with these customers as development partners, and I concept tested Figma prototypes with them to gain valuable feedback.

Platform Design

Even though Data Access Controls was solving for the needs of Amplitude Admins, I was aware that data restrictions could limit the value of the platform for end users. Because of this, I knew it was important to solve for the needs of multiple personas and took the initiative to collaborate closely with other designers.

I identified patterns of data usage by doing a platform audit and took an initial pass at designing data restrictions for each pattern. I collaborated with each designer on their area of ownership, and they helped me identify surface areas that I missed because the platform is so complex.

Design Framework

As the project progressed, I realized that we needed a way to future-proof Data Access Controls as new features continuously shipped. Designers started asking for guidance after we collaborated on existing features, so I created a framework for designers to use as a guideline for new features.

Impact

DAC is the most used acronym of the year
— Enterprise CSM

Results

Changes to scope, timelines, and resources significantly impacted this project. The Alpha launched in October 2023 and retained multiple customers, while others upgraded. The GA is expected to significantly increase revenue from enterprise customers.

Amplitude Admins can classify properties as PII, Revenue, or Sensitive within the Data product,

End users without access to specific properties will not be able to access analyses with those properties.

Learnings

From multiple rounds of customer interviews, we discovered that DAC only solves part of their needs. Admins also need robust permissions and the ability to restrict non-sensitive data access by product, business unit, and location.

This project's customer research was the gateway for exploring additional capabilities to meet the needs of enterprise companies.

The success of this project was due to cross-product collaboration and alignment on impact. In hindsight, I would have aligned all product teams on customer needs and business impact earlier on despite the processes not supporting a project of this scale.

My key takeaways from leading alignment workshops:

  • Storytelling is effective to convey the business and customer impact
  • Adding humor to a tense situation helped folks let their guard down