Jeremy Mailen has an eye for every last detail. After learning to program when he was seven, he’s never lost the sense of wonder that comes with building and creating “things” out of lines of code. But once you’ve realized you can create just about anything you’d like, you start to think about what’s actually worth building.
“You need to build things in a way that people can love the product and get value out of it at the same time,” he says. “I’ve tried to create software that has that aspect to it: It does things in a way that makes you feel differently about the software. It makes you enjoy using it.”
He believes that software should not just be practical and useful, but also elegant and comfortable, like a piece of literature that not only tells a great story, but is effortless to read.
A Meeting of Data Minds
His experience with data discovery and security goes back more than a decade to work with fellow co-founder Vikram at Symantec, where Jeremy focused on the user experience and workflow while Vikram built tools to identify and protect data through a data loss prevention lens.
“We worked together very closely,” Mailen remembers, putting together data insight products with the storage team, looking at access logs of who was reading and writing and the data sensitivity and coming up with a risk heat map that would be useful for security teams. Or building systems to detect malicious insiders, looking at a user’s risk profile and understanding their data activity so it would be easy to spot when they were trying to do something harmful.
They went off to work at a series of different startups, but they’d still catch up to have beers once a month or so, to compare notes and talk shop about what was happening in the enterprise data space.
One time, Vikram threw out a couple of ideas that he felt sounded promising for a startup. What did Jeremy think?
“I was like, one of them sounds like an open source project,” Mailen says, “but the other one sounds like a huge opportunity for an enterprise startup. With the GDPR coming out, having that intelligence about your data just has to be way more important.”
That idea became Divebell.
Automation and Transparency
“What was missing out there,” he says, “was automation. It’s easy to translate a law and make some forms to fill out. And people need that. But they don’t go very far in helping you understand the data that you have. The reality is that most enterprise companies don’t know what they’re storing; they don’t have a way to track the pace of change. How does anyone on Earth keep track of what regulated data their company uses and why?”
“Without automation, that problem is impossible to track,” he says. “The best you can do is ask some people. You don’t know if their answer is correct or not. If you want to know, then you have to deploy software automation.”
That’s Divebell’s mission. “I think the first thing Divebell has to do is create real knowledge,” Mailen says. “Much of the information about data today is hearsay.”
What Divebell does at its core, he says, is create transparency. “Two people can look at the data and agree,” he says. “Right now, you get a privacy officer communicating with a data owner and when the privacy person says ‘sensitive personal information,’ the other person just thinks, ‘SSNs.’”
“Being able to look at the same screen and both agree that it’s sensitive,” he says, “just being able to create those touch points among people agreeing over knowledge is a step you need to get to in order to have self-service empowerment. You don’t need to have a meeting every month to decide what you can or cannot do! And then eventually it’s automated and self-serve, and this thing that used to be a friction in the company becomes frictionless.”
Mailen’s focus is making that happen in as elegant a way as possible.
Empowering the Chief Privacy Officer
“I think the later you get in your career,” he says, “you start to value simplicity more and more. Because you ride the hype cycle of all the complex things you can do. There’s always a focus on the new. But if you can create something simple, that usually stands the test of time.”
Ultimately, he believes Divebell and people who can create software solutions in general are servants. They make things possible. “We’re helping a group of people who are desperately lacking good solutions to make their jobs possible and to make them feel empowered,” he says. “This role, this privacy role of CPO, you have a C-level role that needs to have a lot of leverage to achieve privacy compliance for their organization. It’s a rising role working within the constraints of current budget and staff — these are growing, but they need good solutions today.”
“I’d love to build a solution that does what they need and the operations people also love it, so all that friction about getting this thing deployed, that goes away,” he says.
And, better yet, they actually want to use the tool.
Any opinions expressed here and statements made are not legal advice, nor representations or warranties, and are intended to promote discussion around technology and data protection.