NEO Auth
NEO Auth is an application that allows business to manage the access of right information to right individual/team at the right time
Role
Design Consultant & Design Ops
Duration
8 Months
Team
9 people (1 designer, 6 developers, 1 BA and 1 product owners)
Client
Thoughtworks(Internal)
Let's understand the Challenge!
The ask was to come up with a design and strategy to enable business to be able to manage access as per the role and requirement and to enable internal employees to get required access seamlessly and superfast. Post IPO organization wanted to manage the access to MNPI information in a restricted manner in order to be Data compliant
Design Approach
This is a high level peak into the design approach, the process was not limited to this approach as it was not purely a design problem but ways of working problem as well.
Discovery and Research
1. Discovery workshops
2. Conducted user interviews and survey
3. Competitor Analysis
4. Vertical/Domain analysis
Define
1. To be journey
2. Personas
3. User pains and needs
Ideation & Brainstorming
1. Ideation workshop
2. Information architecture
3. Task flows
Designs
Couple of screens from the flow
Discovery and Research
The research plan for this includes understanding the Vertical/Domain, competitor analysis, User survey and Stakeholder interviews
Understanding the Vertical/Domain
As I was quite new to the concept of this “Data Access and Governance also called Data Administration and Governance” I had to understand the domain itself first for which I did some digging and read some articles to bring myself up to speed
There two concepts stood out for me which I had to dig deeper and learn -
RBAC(Role Based Access Control)
IAM (Identity and Access Management)
Understanding the Market/Competitors
As I was quite new to the concept of this “Data Access and Governance also called Data Administration and Governance” I had to understand the domain itself first for which I did some digging and read some articles to bring myself up to speed
There two concepts stood out for me which I had to dig deeper and learn -
RBAC(Role Based Access Control)
IAM (Identity and Access Management)
User Survey (included both data managers and consumers)
With this I wanted to understand
1. What our targeted users know about Access control model as a whole?
2. What do they think about the current access management process?
3. Do they have any knowledge or understanding of who is responsible for providing and managing accesses?
4. Do they know how and where they can check what accesses they have in the systems and so on?
And much more!!!
Stakeholder’s Interviews (Leadership)
With this I wanted to understand
1. What is the leadership’s take on the output and outcome from this platform?
2. Expected business value?
3. What is the current process and how the data and access is being managed currently?
4. Which roles are responsible for managing data and access at different stages of this process?
And much more!!!
Define
Based on all the findings from the discovery and research phase I tried to leverage the same to map out certain strategy and approach for the design. This is the place where I try to bring in my devs as well because this ideation and brainstorming phase is best when done collaboratively and who knows who might give you the best idea. However this also makes everyone feel part of the product and helps keep everyone on the same page and carve out a feasible approach.
In this My aim was to come up with the targeted personas, pain points and needs, To be journey
Personas
Due to confidential reasons I have not kept the descriptive persona but just a short role based info card for each category
This product is supposed to cater to multiples roles withing the organization and having a fix set of users was not going to help us get the required insights, so I went ahead with role/category based personas as involved in the data access management process
To-Be Journey
Due to confidential reasons I have not kept the descriptive persona but just a short role based info card for each category This product is supposed to cater to multiples roles withing the organization and having a fix set of users was not going to help us get the required insights, so I went ahead with role/category based personas as involved in the data access management process
Ideation & Brainstorming
Information Architecture
Before creating the final designs I wanted to come up with the complete hierarchy of the information and the role based information flow within the product. This helped me carve out the mainstream mvp section of the app which could be designed and developed first and can be tested with the actual users.
This information architecture shown below also gave us a quick glance into how the complete roadmap for design and dev should look like and also helped us derive quick task flows.
Couple of Initial task flows
Design
%20(1)%201.png)
%20(1)%201.png)
%20(2)%201.png)
%20(1)%201.png)
Outcome
Gives visibility to all the users to what information asset they have access to, what application they have access to and what business team they are a part of
Enable business to find any access gaps and resolve them asap, during the audit that happends twice a year
Enables business to categorize the MNPI and NON MNPI information and manage access accordingly
Enables the business to create information assets, business teams and assign accesses on an individual and team basis
Enables the users to request access to any team, application or Information.
And many more...