Make Security Events More Actionable 8.png

OKYO APP 2.4 • 10 min read

Make Security Events Actionable

Yes, we got the best and greatest cyber protection.

Yes, our app provides max visibility into all the events we caught on your networks.

Now, how might we engage our users to take action upon all the security values we offer?

MY ROLE

Lead UX/UI Designer
Design Sprint Master

UX Researcher

PROJECT TYPE

Mobile App UX/UI

New Feature

RELEASE DATE

Phase 1 - June 2022

Phase 2 - July 2022

Phase 3 - WIP...

Timeline - Light.png

The problem space

Currently, security events in the Okyo app do not clearly tell the user whether or not their action is needed in order to eliminate a threat/risk detected.

This can leave the user in a fearful or confused state, wondering what to do next.

Who are we designing for?

In meeting the needs of home cybersecurity lead users, we primarily focused on creating a solution that prefigures the desires of our larger “Assurance Seeker” market.

Assurance Seeker.png

Collaborative ideation through Design Sprint

Design sprint through FigJam

Top 3 design principles through affinity mapping

Some great sketches from Crazy 8s

To help the product team get from a vaguely scoped feature proposal to a tangible, functional solution, I ran a design sprint (quick-n-dirty style) involving 9 members from the design, research, product and engineering team.

Sprint Board.png

Use Cases & Design Principles

Early in the sprint, the team focused on coming together to establish design principles and key use cases for this project.

Key Use Cases
  • As a user, I want to look at the app and quickly know: “Do I need to do anything to stay safe?”

  • As a user, when I see a security event, I want to know if Okyo has protected me and “taken care of” the potential threat.

  • As a user, I would like to tell Okyo to block certain security events when it’s not blocked by default.

Design Principles
Design Principles.png

Making ideas tangible

On the last day of the sprint, I was able to encourage the product team to translate their ideas into rough sketches on paper through an activity called ‘Crazy 8s’.

Crazy 8s.png

Converging and generating solutions

Through this rapid sprint process, the team found many
commonalities in the ideas we came up with through brainstorming and sketching.


We concluded that there were 3 main design solutions we wanted to move forward with:

Solution 1/3

On security tab, Okyo will report incidents based on how they are treated based on the current security setting, rather than categorizing all incidents as ‘threats caught’

Solution 2/3

Allow more granular control of different types of security threats

Solution 3/3

Provide our users with more information around threats and actions they can take to improve their cyber hygiene

2.png
1.png
3.png

Design, prototype, test and iterate

I was able to collaborate with another PM on running the tests and synthesize the results

A glimpse of the review board for V2 design post-testing

Screen Shot 2022-09-06 at 12.24.13 AM.png

With these 3 solutions, I was able to quickly come up with some mid-fi wireframes to review with the team.

Once the team felt like we were in a good spot, we immediately prototyped it and tested the new design with 5 users who identified as assurance seekers.

The test was structured to include 3 tasks, each task aimed to validate one of the design principles the team came up with during the sprint.

Group 14346.png

Test results, iterations and tracking

Through testing, we validated our assumption that users were more satisfied with the increased granularity of security policy controls. They felt more empowered and inclined to go into the app and customize the policies once they grasped the model of ‘Blocked’ and ‘Noticed’.

We were also able to identified some usability and visual issues & made corrections and additional designs accordingly.

Since this round of testing was relatively small-scaled, I collaborated with the PM & engineering team to establish Firebase metrics for post-release tracking, including action performed, time to action, recurrence, etc.

What we have released so far

A new intuitive look for the Security Tab

Phase 1 | June 2022

Granular control to allow more customization

Phase 1 | June 2022

Actionable instructions for each threat type

Phase 2 | July 2022

Drilldown.png