Viktor Nagy
UX Designer

Security UX for factories

Research & Design, 2021 -

For factories, it's important to run smoothly yet securely.

Often secure configurations are different from smoothly running configurations. Every layer of security potentially slows down the maintenance process.

It's very difficult for users to navigate through the ocean of settings.
The challenge:

Creating simple representations of a
complex security features
Process overview
Detailed steps
Security UX - work process

1. Information gathering

I start my project by focusing on three key parts:

  • Business goals

  • User goals

  • Technology and other constraints

If business goals are not met, the business will not survive, no matter how great the solution is. If user goals are not met, the company may benefit in the short term but lose out in the long term. And neither of these counts if we can't realize the solution.

To find this out, first, I interview relevant stakeholders inside the company:

  • Domain experts

  • Product managers

  • Product owners

  • Customer support

Then, I prepare my questions and reach out to users:

  • Internal users

  • External users

Due to rules and regulations, contacting external users is not always possible, so I try to make up for this by triangulation.

Security UX - work process

2. Synthesizing & focusing

Once I gather enough information, I start to synthesize it.

One way I do it is through affinity mapping. Together with my UX colleague(s), we identify key points, group them and select what we will focus on.

It's important for us to select a scope that fits the given timeframe and resource allocation. However, if we feel user goals are not met with the given constraints, we recommend reconsidering the limitations.

Security UX - work process

3. Ideation

I validate my ideas early with stakeholders to ensure that anything I create fits the security concept and it's feasible.

  1. Paper sketching or designing in low-fidelity

  2. Quick validation of feasibility and accuracy with security/domain experts

  3. Iteration

  4. Repeat

Security UX - work process

4. Testing

Usability testing with users was essential to see if the feature makes sense for the user and if they can make informed decisions about their system.

I wanted to answer these questions:

  • How well does the users' mental model of the feature fit the system model

  • If they understand:

    • what the feature protects

    • what isn't protected

    • what will be taken care of by the system

    • what has to be taken care of by them

    • what steps do they have to take to achieve a secure system

    • what steps do they have to take if they don't need a secure system

Security UX - work process

5. Final iteration

Takeaways from the usability testing were prioritized. Depending on severity and feasibility, they were implemented in the final iteration step.

Next steps
  • Supporting implementation

  • Tracking the real usage of the feature after the release

  • Potential adaptations based on the actual usage data