Users
IT Administrators (small to large enterprises) responsible for maintaining Intranet and external websites.
Objective
In total I worked across 6 major releases for CWS and in that time I had the opportunity to work on some interesting industry wide changes like the CAB forum Ballot 193 changes where the maximum validity of Public SSL certificate was truncated to 825 days from the previous 3 year period.
Another challenging issue was with the acquisition of Symantec's Website Security Business by Digicert, the process of CAS (Customer Authentication Services) for certificates changed which had to incorporated into the workflows without making jarring changes to the user's workflows.
Exporting Audit trails, Domain Control Validation, Sending Certificate Pickup, Custom Notification Email, View/Revoke Admin IDs etc. were some of the other major workflows that I designed.
Challenges
Understanding website security domain and Symantec's product line was one of the biggest challenges I faced while designing solutions. Requirements changed often, along with an uncertain environment owing to Digicert's acquisition of Symantec's business also proved challenging.
Also the designer, developer relations were not at the best as the earlier team based out of US had lesser interactions with the engineering team and there was constant miscommunication between both leading to frustration on both sides. Building that rapport with Engineering, QA and PM at the same time also delivering design solutions and ensuring that there was constant support for engineering while implementation drastically improved the relations and led to better quality output and fewer UI/workflow bugs. Engineering teams also started appreciating the designs and were more ready to accept challenging design ideas leading to a more constructive design and development environment.
My Role
Define and lead end to end experience while collaborating with Product Managers across geographies, multiple scrum teams and their architects for implementation strategy along with documentation teams to align with both user and business goals.
Task Flow
Screen Flow
Acquisition changes
The acquisition of Symantec's Website Security Business by Digicert posed a challenging issue where we were left with two different processes in CAS (Customer Authentication Services) for certificates, especially Extended Validation certificates (EV certs) between the two organisations.
EV, OV and DV certificate requests were now sent to Digicert's Lehi CAS team whereas Codesigning and Private TLS certificates were sent to Symantec for authentication. This change in process meant that the validation time for new, renewal and replace certificates needs to be handled differently without letting the user know of its obvious differences.
Process Flow
Post Digicert-Symantec acquisition, certificate and domain validation flow.
When I first proposed this solution, there was quite a lot of apprehension from the engineering side. They wanted something much more simpler like adding another column to the OEM pages which would have some sort of indication like a checkmark when TLS and/or codesigning was available without changing the existing UI. I felt this was hugely redundant because having two columns for status didn’t add any value and from a status readability wasn’t sending the right message to the user and secondly, the number of accounts with both TLS and Codesigning would be less and there would be a persistent empty column when there was an absence of one type of certificate. This could further confuse the user because adding another type of certificate was not possible through the current interface and was based on a complicated account units measurement.
Further interactions with another PM confirmed the number of customers with both TLS/SSL and Codesigning accounts were in the few hundreds when compared to the thousands that was for only TLS/SSL or Codesigning. This gave me additional confidence in this approach and after quite some convincing engineering team agreed to implement this idea.
While I was slightly apprehensive about the approach, due to the number of people who felt this would be a UX nightmare, when we released there were zero escalations/question mails around this new flow! The flow was intuitive with no usability issues recorded, it was business as usual for our users.
Organisation & Domain Validation
