Symantec CIC Onboarding
Enterprise Network SSL Certificate Scanning & Renewal.
So Easy A Caveman Can Do It.
Symantec's Certificate Intelligence Center is an enterprise software solution that discovers, monitors, and renews SSL certificates across large networks. It is a very powerful tool, but it has a very steep learning curve. At the time of this project, deployment of the product could take months, even in a test environment with technical support. Not only was this a poor customer and user experience, it created internal problems as well. Sales teams struggled to set up demos, and the support team was inundated at all times.
Like many enterprise software solutions, the setup process was originally designed by highly technical engineers with guidance coming from sales and marketing. The results was a setup experience that required the entire solution to be deployed at once, and forced users to use every single feature.
Upon setup, the first user of the product was required to:
- set up all other users, each with their unique role permissions
- divide those users into groups
- configure notifications for all users
- download and install dozens of sensors
- configure and run dozens of network scans
- configure and view scan reports
- configure, download, and install dozens of agents
Each step was mandatory, could take hours or even days, and had to be done with no on-screen instructions. The setup guide was a massive PDF file, over 100 pages long. It was thorough and accurate, but users complained that it was overwhelming and required a lot of IT planning to prepare for all the deployment tasks.
FIRST TIME VIEW OF THE PRODUCT - WHERE TO BEGIN?
ORIGINAL UI FOR SETTING UP SCANS
My design partner, Burr Walker, and I asked our manager if we could spare a few cycles to create a design concept to address this.
We decided to take a completely different approach, and asked ourselves a simple question: "What would a one day deployment look like?" The answer at first seemed comical. There was no way to deploy the product in a large complex environment in one day. The most that you could hope for would be that a user could perhaps get a single sensor or agent installed. However, we also knew that many users had provided feedback that a lot of the existing setup steps (like setting up users and notifications) seemed unnecessary.
We took a hard look at the app and studied the marketing message. We asked, "What, at its core, does this product do, and how would you explain it in the simplest terms possible?" We broke it down into a small subset of simple steps with the goal of having the user take a quick, but full test drive of the app. If the user could learn to install a single sensor, run a single scan, discover a single certificate, and renew that certificate, then the same process could be applied at scale for the thousands of certificates on the network.
We designed with that scenario in mind and created a simple prototype using Axure (the preferred tool of Symantec's UX team at the time).
SETUP REDESIGN PROTOTYPE
RESULTS & LEGACY
We tested the prototype with several users, and it was met with very positive feedback. Afterwards we presented the concept to the VP of Product, who was also excited about the concept. However, the reality was that the product roadmap was set so this redesign was never built.
Despite never seeing its way to development, this project is something I am quite proud of. This is because my efforts on this prompted two important things to happen at Symantec:
1. This project gave the UX Team organizational credibility at a time when the UX Team's role in product development was simply to support software releases without having a say in how products were planned. This project proved to the product organization, all the way up to the VP, that the results would be much better if designers were involved upfront.
2. At the time there was an internal assumption that SSL and site security was "just a complicated domain that requires highly technical people to do this stuff". However, the approach and principles we used in this project proved to the product organization that this didn't have to be true. Subsequently, this project helped accelerate new product initiatives that focused on creating site security tools & services for new markets, with less technical user and customer personas.
Much credit also goes to my design partner on this project, Burr Walker.