SCRATCH — Allan Kwan

# Forcepoint
#projects

## Summary
I was the lead designer for Forcepoint’s web security product, an industry-leading web protection software that stops advanced web threats from compromising sensitive data within organizations.

On a day-to-day basis, I worked closely with development engineers to implement new features, fix bugs, and provide UX guidance for all customer-facing issues.

## Forcepoint Cloud App Policies
For over 20 years, the Forcepoint Web Security product was a leader in the web and URL filtering landscape of web protection products. However, with the rise of Amazon Web Services (AWS) and Microsoft Office 365, cloud applications and services were becoming increasingly common in enterprise organizations, which introduced a critical need to secure data being hosted and managed in the cloud.

Forcepoint acquired a cloud app security broker (CASB) solution to provide visibility and control over cloud applications and services being used in organizations’ networks. By integrating the CASB solution with Forcepoint's industry-leading web security product, IT security administrators would be able to more effectively protect their organizations against a broader range of security threats.

### My Role
I led the end-to-end user experience design of Forcepoint's integrated CASB solution for the cloud and on-premises web security products.

The goal of the project was to introduce the ability to configure and manage web security policies for cloud app traffic passing through an organization's network.

#### Customer Research
I partnered with one other designer to conduct customer research and understand the user needs and motivation points for a cloud app security solution.

#### UX Design
I created user flows, mockups, and prototypes to share design ideas with stakeholders and utilize for testing with customers to uncover usability issues and other customer pain points.

#### Collaboration
I collaborated closely with development team members early in the design process and shared the user research & design vision of the feature with stakeholders throughout the entire project.

I was involved in the implementation from beginning to end, and conducted UX reviews to ensure the overall user experience remained intact.

#### Leadership
I shared the user research & design vision of the feature to senior stakeholders to help drive decision making and gain buy-in for placing user-centered design at the forefront of business priorities.

### The Problem
* Over 80% of employees use unapproved SaaS (cloud app) products for business, with the average employee using 15+ apps in total.
* Organizations have zero to no insight into their employees’ cloud app activity, including whether those apps meet compliance standards.

### The Solution
* Provide visibility and control over the policy enforcement of cloud apps, especially by risk level, type/category, and direct name within the existing policy management controls.

### The Process
#### Flows
I created user flow diagrams to map out the primary pathways users would need to walk through in order to set up and configure their CASB policies within the Forcepoint Web Security product.

#### Wireflows & Mockups
Several design iterations were created with key stakeholders prior to testing with actual customers. Wireflows were created to highlight the primary interactions and navigation workflows.

#### Customer Research (Usability Testing, Key Issues)
Due to recruiting challenges, the discovery research for the feature was embedded into the usability testing phase. Discovery questions were added to a semi-structured usability testing script, where customers were asked to perform several typical tasks using a low-fidelity prototype.

Sessions were run remotely with a total of 5 customers over the course of one week. Another designer moderated the session, while I observed and interjected with probing questions as needed.

##### Objectives:
1. DISCOVER: Understand customers’ overall approach to cloud app security, specifically in regards to policy management and reporting
2. TEST: Identify potential usability problems with:
* Cloud app policy configuration
* Filtering behavior in cloud app reports

##### Key findings:
1. Overall concept of a cloud app is new/foreign to security admins
2. Security admins were uncomfortable with blocking “high risk” apps all at once
3. Cloud app types/categories were confused with existing web URL categories
4. Difficult to understand the relationship among the policy configuration areas

#### Iteration & Implementation
After gathering and analyzing the results from the customer research, I worked with stakeholders and development team members to update the mockups based on the customer feedback.

### The Result
#### New Cloud App Policy Filter

#### Enhanced Reporting Layout

---

### The Feature
Forcepoint acquired a CASB solution to provide visibility and control over cloud apps. By integrating the CASB solution with Forcepoint's industry-leading web security product, Forcepoint would be able to more effectively protect organizations against online security threats regardless of where they are coming from.

This would also enable administrators to have more control over their web and cloud app security, all within one product portal.