Policy Rule Builder Redesign
Old
Tasks:
1. Redesign the UI to align with the current product.
2. Clarify the default state for the user&user group.
3. Simplify the user flow of creating a rule.
- How to specify a rule&rule group?
- How to combine exceptions?
- How to increase readability?
- How to create a seamless experience?
Previous Iterations
Process
Before I worked on this, there has been work previously done in the past two years although never been implemented
I dived deep into the pattern of the written rule and did several paper testing sessions with users and then developed two options:
First one was to writing rules as a paragraph using natural language.
Pro: user can see everything on one page
Con: Some of the features doesn't align with the back-end engine( For instance, Exception rules). So then I developed the second one using a wizard.
One-Page Modal
Step-by-step Wizard
Threshold Tuning
Old
My Iterations
Tasks:
1. Redesign the UI to align with the current product.
2. Users should be able to do more detailed adjusting based on different risks.
3. Provide a clear visual indication of the threshold concept.
4. Explain the complex model of the fluid threshold.
- How to show the constantly changing number of anomalies?
- How to show different amounts of anomalies without causing confusion?
- What's the best visualization?
- How can the user estimate the adjustment they did?
Final Design
CASB Connect
Tasks:
Integrate our new feature CASB connect into our product
Challenges:
1. Users didn't read the promo info
2. Different use-cases for different roles, which broke the user flow.
3. How to really show the value to the customer?
Solution
After understanding the ripple effect on the different tabs, I designed 4 user flows based on user roles and created different entry points for them to realize the value for CASB connect.
Scenario 1 Business Request
“Purchasing at the company wants to use SAP Ariba to improve the purchasing process. Presented the idea to VP of finance. Finance says great idea, I’ll fund it. Tossed to security,"
User Flow
Business request > compliance team > search > service details > see recommendations > request API support > governance decision (generates support ticket to CASB Connect team)
Scenario 2 Compare services
“IT paid for Office 365 and has OneDrive. They think that’s sufficient. But other departments say it’s not, they want DropBox, Box. They go to compare services.”
User Flow
IT initiative > compliance team > registry > filter by category > compare services > see supported use cases > make decision
Scenario 3 Value for Compliance Team
“Compliance team was monitoring the unassigned services and they saw the increasing usage of Lucidchart. They looked at the side panel to see what’s going on.”
User Flow
Compliance/risk user > my dashboard > services (unassigned services) > lucid chart side panel > see recommendations
Scenario 4 Admin Enable
“Sanctioned service is supported for Box, the user enables the service and admin get the notification to set up.”
User Flow
Service detail page > add sanctioned service for Box >administrator >add services > set up
Old
Side Panel Redesign
Tasks:
1. Suppress duplicated incidents.
2. Combine incident detail in the side panel.
Redesign goal:
1. Create clear info hierarchy with a high-level summary
2. Show clear high severity matches/collaborators.
3. Make the incident history readable.
4. Design for different scenarios/incidents
UP NEXT
Back to home
