Hyun

My work and me

About Me

Hello, my name is Hyun — I am a designer and technologist creating symbiotic relationships between information and people. I am currently working with researchers, engineers and designers at IBM Research in Yorktown Heights, New York.
If you have any questions or have something in mind for discussion, please don't hesitate to contact me.

Commercial

Community

Recreational

Legacy

IBM Cloud Security Enforcer

IBM Cloud Security Enforcer

2014-15 — Commercial :: Technologist and User Experience Designer working at IBM

Teaser image for the IBM Cloud Security Enforcer project.

SYNOPSIS: IBM Cloud Security Enforcer's purpose is to allow monitoring and assessing the risk of cloud applications so the eco-system of cloud applications can be more open in an enterprise company's network. The result is to allow employees of the company to have the benefit of using the tools they need to do their job rather than being blocked by the company's network.

Major Skills Applied

  • User Experience
  • Front-end Development
  • Ad-hoc Technology Interpreter

All projects at IBM Design are worked on and produced in teams. My specific contributions for Cloud Security Enforcer were on user experience, animations, technology research, future envisioneering designs, and applying previously gathered design patterns, research, and technologies to the project.

Problem

"Provisioning and monitoring is a process that requires a lot of manual legwork and multiple tools."
—IT Analyst, State Health Department

Cloud applications are a huge problem in terms of shadow IT: employees purchasing licenses on their own or with corporate credit cards, as well as security issues, as the data that leaves the enterprise network is at mercy of the security put in place by the cloud app. The tool allows the provisioning to be controlled by the security analyst, and the distribution to IT analysts and line managers. On the other side of the spectrum, the employees, would be allowed to transparently use their applications. The analyst with the tool has a choice to integrate popular and secure tools to the enterprise network and allow official use of the cloud app.

The personas below were crafted by the involved designers and researcher from banking and enterprise IT companies in North America and Western Europe. The data gathered to create these personas involved shadowing and interviewing current as well as prospective clients.

Currently the as-is scenario of a security analyst trying to monitor cloud applications goes as follows: A lot of users take notes in an Excel sheet or a Word document to keep all of this up.

  1. 1. Look at network logs. 1,100 lines of activity per second.
  2. 2. Find common patterns using a general data processing tool.
  3. 3. Recognize MAC Addresses, source and destination I.P. Addresses
  4. 4. Find network bandwidth data associated with the found I.P. Addresses
  5. 5. Find associated application names with destination I.P. Addresses
  6. 6. Find users associated with I.P. Addresses and MAC Addresses
  7. 7. Find security related articles regarding found application names
  8. 8. Associate a imaginary risk factor for type of user (Employee, Contractor, Executive, etc)

The line manager requires a bit of less work but it is every bit manual as the security analyst's flow. One manager from a major corporation mentioned that onboarding tools for employees were like "chewing steel". The common theme was the fact that each administration based user (Security Analyst, IT Analyst, and Line Manager) needed an interaction pattern that they can view depths of data and pivot around a specific point. The main interface for the admin view were designed with a sliding modular card system. The card system keeps context of the main page, usually a list of some kind, and the main headline so the user can always tie the detailed information to multiple levels.

A stark contrast, the design for the end user had to be straight forward. It will already be difficult to redirect the user to a launchpad to run web applications, having a complex or any kind of design that required more than a single click was out of the question. The only advantage that Cloud Security Enforcer's app launcher is the fact that all the applications listed are sanctioned and officially connected in the company's enterprise login, so the employee can use it without worrying about reprecussions or cost.

Process

The design team for the project was one of the biggest project teams to be formed in the Security group at IBM Design. Along with the help from the IBM Design's Security Core Team, members of the design team in the Cloud Security Enforcer are...

  1. Katie, Design Lead :: UX and Visual
  2. Courtney, UX and Visual Designer
  3. Alexander, UX Designer
  4. Hyun, UX Designer, Technologist and Front-end Developer
  5. Development Team (+15 US, +5 Australia)
  6. Product Manager

With the relatively large size of the team being involved in the project, there was some work being done around this project since October 2014 (Originally, it was a Design Lead, UX Designer, and me). The project didn't become official until sometime in 2015. Since the product was politically charged with the basis of entering "new" markets and being "special", a lot of design work was largely ignored in order to launch quickly. Launching quickly meant focusing on the base technology so it can be expanded upon later. Fast forward to general availibility, a lot of work for the base still hasn't been done, and there's a lot of bugs and problems. Proving again, pushing an arbitary "launch date" does more harm than good. During the rush, there was a constant tug of war between design and development as the development team did not voice their concerns regarding the development time to create the prototypes until they were literally starting the sprint. Because of the scheduling, a lot of inventive ideas were off the table until the next or several releases after.
However, in context inclusive to the design team, a lot of exciting things happened. This was one of the first products that fully adopted the IBM Design Langauge, as well as creating a whole new interaction pattern with the card systems. As I was not part of the development team from the beginning, a lot of the code that I have created for prototypes have been utilized as a reference and sometimes parted and pasted in the production code. This was the first project where I used Adobe After Effects to create animation videos to include in a product; the videos are "Getting Started" animations for the admins and end-users. It is still dissapointing to see the code architecture has been mainly created to hold things together rather than bringing a good user experience. The intent of design does not execute currently with the code createed by the development team.

Aftermath

RESULTS The product launched with much welcome from the press. Although there's many things missing, a lot of innovations are to come with continuous delivery in the future. The design team and the development team still currently work together to refine the experience and add new innovations. It was the biggest product that I have worked on and it continues to grow. Currently, the biggest expansion plan is to improve the mobile experience, both end user and admin.

Final Product

Video of the getting started experience for the end-user persona.
Screenshot of the dashboard designed for the security analyst.
Screenshot of the dashboard designed for the security analyst.
Screenshot of the list of offenses occured in the enterprise environment for the security analyst.
Screenshot of the list of offenses occured in the enterprise environment for the security analyst.
Screenshot of a detail page from the list of offenses for the security analyst.
Screenshot of a detail page from the list of offenses for the security analyst.
Screenshot of a list of applications available to be integrated into the enterprise single-sign-on for the IT admin.
Screenshot of a list of applications available to be integrated into the enterprise single-sign-on for the IT admin.
Screenshot of the end-user applications launchpad.
Screenshot of the end-user applications launchpad.
Screenshot of the end-user applications exploration page.
Screenshot of the end-user applications exploration page.