first time experience for enterprise ssl security, 2 months
Symantec CIC Setup Redesign
Symantec's Certificate Intelligence Center is an enterprise software solution that discovers, monitors, and renews SSL certificates across large networks. It is a very powerful tool with a very steep learning curve. At the time of this project, deployment of the product could take months even in a test environment with technical support. Not only was this a poor customer and user experience, it created internal problems as well. Sales teams struggled to set up demos, and the support team was inundated at all times.
At the time there was an internal assumption that SSL and site security was "just a complicated domain that requires highly technical people to do this stuff". This, coupled with a UX Design team that was primary focused on feature delivery had led to complex and bloated product experiences. My design partner (Burr Walker) and I set out to that CIC's first time experience could be simple and rewarding.
Original First Time Experience
Like many enterprise software solutions, the setup process was originally designed by highly technical engineers with guidance coming from sales and marketing. The result was a setup experience that required the entire solution to be deployed at once, and forced users to use every single feature.
First time view of CIC (where to begin?)
Configuring first scan
For the first time experience, the first user of the product was required to:
- set up all other users, each with their unique role permissions
- divide those users into groups
- configure notifications for all users
- download and install dozens of sensors
- configure and run dozens of network scans
- configure and view scan reports
- configure, download, and install dozens of agents
Each step was mandatory, could take hours or even days, and had to be done with no on-screen instructions.
A One-Day Deployment
The existing setup process could take months to deploy. My design partner, Burr Walker, and I decided to take a completely different approach, and asked ourselves two simple questions:
1. "What, at its core, does this product do?"
2. "What would a one day deployment look like?"
We broke the setup down into a small subset of simple steps with the goal of having the user take a quick, but full test drive of the app. We realized that if the user could learn to install a single sensor, run a single scan, discover a single certificate, and renew that certificate then the same process could be applied at scale for the thousands of certificates on the network.
We designed with that scenario in mind and created a simple prototype using Axure (the preferred tool of Symantec's UX team at the time).
prototype of the redesigned first time experience
Results & Legacy
Whereas the original setup process could take months before users could realize the potential, the redesigned process let the user take a full test-drive in minutes. We tested the prototype with several users and internal stakeholders, and it was met with very positive feedback all the way up to the VP of Product.
Unfortunately, this redesign was never built. The product roadmap was set and was already almost a year behind. Despite that, I am very proud of how this project went. This is because our efforts on this prompted two important things to happen at Symantec:
1. This project gave the UX Team organizational credibility at a time when the UX Team's role in product development was simply to support software releases without having a say in how products were planned. This project proved to the product organization, all the way up to the VP, that the results would be much better if designers were involved upfront.
2. The approach and principles showed that network security tools didn't have to be highly complex. Subsequently, this project helped accelerate new product initiatives that focused on creating site security tools & services for new markets focused on technical user and customer personas.
Much credit also goes to my design partner, Burr Walker.