Symantec CIC Onboarding
Enterprise Network SSL Certificate Scanning & Renewal.
So Easy A Caveman Can Do It.
Symantec's Certificate Intelligence Center is an enterprise software solution that discovers, monitors, and renews SSL certificates across large networks. It is a very powerful tool, but it has a very steep learning curve. At the time of this project, the process to learn & deploy, even in a test environment with support could take months. This was especially problematic for the sales cycle, given that it was difficult to run a demo.
Like many enterprise software solutions, the setup process was originally designed by highly technical engineers, and was intended to have users deploy the entire solution all at once. The first user of the product was required to:
- set up all other users, each with their unique role permissions
- divide those users into groups
- configure notifications for all users
- download and install dozens of sensors
- configure and run dozens of network scans
- configure and view scan reports
- configure, download, and install dozens of agents
Each step was required, and had to be done with no on-screen instructions. The setup guide was a 100+ page PDF. It was thorough and accurate, but users complained that it was overwhelming and required a lot of IT planning to prepare for all the deployment tasks.
FIRST TIME VIEW OF THE PRODUCT - WHERE TO BEGIN?
ORIGINAL UI FOR SETTING UP SCANS
My design partner, Burr Walker, and I asked our manager if we could spare a few cycles to create a design concept to address this.
We decided to take a completely different approach, and asked ourselves a simple question: "What would a one day deployment look like?" The answer at first seemed comical. The product couldn't be set up in a large complex environment in one day. The most that you could hope for would be that a user could maybe get a single sensor or agent installed. However, we also knew that many users had provided feedback that that a lot of the existing setup steps (like setting up users and notifications) seemed unnecessary.
We took a hard look at the app and studied the marketing message. We asked, "What, at its core, does this product do, and how would you explain it in the simplest terms possible?" We broke it down into a small subset of simple steps with the goal of having the user take quick, but full test drive of the app. If the user could learn to install a single sensor, run a single scan, discover a single certificate, and renew that certificate, then the same process could be applied at scale for the thousands of certificates on the network.
SETUP REDESIGN PROTOTYPE
RESULTS & LEGACY
We tested a prototype with several users, and it was met with very positive feedback. Afterwards we presented the concept to the VP of Product, who was also excited about the concept. But the reality was that the product roadmap was set so this redesign was never built.
However, this project is something I am quite proud of. My fondness for this project stems from two important things that happened:
1. This project gave the UX Team a lot of organizational credibility at the time when the UX Team's role in product development was simply to support software releases without having a say in how products were planned. This project proved to the product organization, all the way up to the VP, that the results would be much better if designers were involved upfront.
2. At the time there was a technical bias that SSL and site security was "just a complicated domain that requires highly technical people to do this stuff". However, the approach and principles we used in this project proved to the product organization that this didn't have to be true. Subsequently, this project helped accelerate new product initiatives that focused on creating site security tools & services for new markets, with less technical user and customer personas.
Much credit also goes to my design partner on this project, Burr Walker.