From Concept...
Gathering Insights
The project kicked off with in-depth
consultations with security experts
to align the design with the best security practices. I also gathered the
feedback taken from Factory's implementation
to dive deep into the users’ pain points and gather actionable insights. Shortcomings identified there would include:
-
No Granular Permissions:
A need to control what actions a credential can take.
-
No Individualized Product Access:
A need to control where actions can take place.
-
No Bulk Management:
A need for visibility of usage metrics, mass suspension and expiration options.
Visualizing Features
During these initial meetings I took inventory of objects and access paths, particularly what data and connections users
would be interfacing with.
By creating quick visuals on the fly while in discussions, stakeholders were able to understand how this might come
together and have an easier time contributing requirements. After these sessions, wireframes and flows were presented to and agreed upon by the PM, security team, and engineers. I
then moved to high-fidelity prototypes which could be rapidly built using Sophos' design system and Figma component
library. Getting to this point quickly was important as mockups that look closer to the final output were easier for all
members of the team to digest. The design process at this point continued to be
flexible and iterative, involving multiple rounds of workflow examination to refine the interface and
functionality. Notable features here included:
-
Branching Configuration:
New product configurations would need to choose to add a new credential or select an existing one. I prioritized the
adding of a new credential since it was the more common case and always relevant to new users.
-
Three-Step Credential Creation Wizard:
If adding a new credential users would proceed to a wizard that would guide them through the process in logical thematic
steps rather than overwhelm them with the complexity of all fields at once.
-
Global Management Table:
A sortable and filterable table that would show statues, metadata, and controls for credentials. This was an important
aspect of the credential overview that presented information that was previously buried in each product or in some cases
not available at all.
-
Bulk Actions:
Provided the ability to control many credentials at once, whether it was enabling, suspending, or deleting. This
required context considerations when selecting multiple types of credentials. This gave users a large speed boost when
making changes.
Initial inventory of object data and locations before wireframing.
Mapping user flows and each page's access point.