Prototype & validation, followed by front-end design and technology build
The Challenge of MSS
Kudelski Security has a legacy of secure products behind their name, with the Kudelski brand going back decades. Their relatively recent cyber security organization was on the rise as an MSS (Managed Security Services) to watch in the market. MSS providers lean heavily on their partner's suite of products. This allows them to utilize the latest and greatest in security technology to serve their enterprise clients. The challenge is that this then requires that Kudelski clients must navigate a sea of apps to access, tickets to manage, and reports to pull.
In a time of increasing threats and a proliferation of technologies promising answers, Kudelski’s Managed Security Services (MSS) Portal needed to demonstrate key offerings:
Beautiful: Is it finely crafted and presented?
Functional: does it seamlessly connect different offerings?
Robust: is it able to handle heavy customer usage?
Flexible: can it meet different consumer needs?
Quick: can it respond to customer inputs rapidly?
The existing offering (at the time) required Kudelski clients to navigate a sea of complex cybersecurity applications to pull reports and create tickets from several un-centralized applications. The user experience was unfriendly to say the least. Their global clients, mainly CISOs (Chief Information Security Officers), security managers, and security analysts, needed a centralized portal to understand the status of their Kudelski Security MSS services and overall security posture. That’s when Crema was approached by the Kudelski team to build a better way to interact with relevant security data.
Crema was asked to design, prototype, test, build and deploy a new service called MSS Portal, which took all the different tools their clients had to use and pulled them into one, easy to use centralized tool - with the end goal to make security more effective and remove complexity for the end user. We created a design system that was consistent and clear across every view in the solution, providing valuable insight and depth into their MSS services and security posture across a global client base.
A solution that sells
After rapid prototyping with the Kudelski team and testing our initial concepts against a team of internal and external stakeholders, we were able to focus the MSS portal experience to a platform that has all the information that’s needed for a use by the Kudelski analyst, client security teams, and administrators alike. All of this without the headache of multiple logins or cluttered product experiences. The product concepts were presented at RSA - a national cyber security conference to validate the need for the tool, and the response was overwhelming that the market wanted this product. Crema was then asked to build and deploy the product, which then released in 2018. Our team focused on the frontend of the experience and collaborated closely with the Kudelski backend & DevOps team in Switzerland on iterative, bi-weekly development sprints.
Objectives & goals of the work
Product branding, prototyping, validating
When our two teams began working together in late 2016, the original focus was to further refine the Solarhood product concept and design unique product branding that is still being used to this day. By creating a high-fidelity mobile prototype and testing it with real users to glean feedback on the application, we were able to measure a response on the product in two solar markets – Kansas City and Portland.
The outcomes of this 5-week phase were:
A defined business model and unique value proposition.
Initial brand direction, including brand logo, iconography and brand guidelines.
A high-fidelity, clickable prototype that was tested with real users in two solar markets to ensure the mobile experience is intuitive, efficient, and enjoyable to use.
A high level product roadmap and budget for initial release of the application, leveraging a dedicated product team at Crema.
Recordings of all user testing sessions and access to all assets created.
At the end of this, the Solarhood team decided to shift their resources and allocate some of the development to an offshore team. We remained in touch & kicked off conversations for phase two almost 18 months later.
"Kudelski Security offers enhanced usability with an intuitive, well-designed portal. Kudelski Security's client portal has unique features... and the company provides a thorough, transparent implementation process."
In Q3 of 2018, Forester Reports reviewed 10 emerging MSSP's in the market ranking Kudelski among the top two
A platform that's positive, not fear based
One of the key concepts for the MSS portal was to create an experience that was bright, friendly, and easy to use. Rather than the industry standard that led with a visual of dark and fear-driven, Kudelski was a leader and thinking differently about what a "Portal" could be. These experiences traditionally were boring ways to just link off to other apps. Now, the experience is customized to the Kudelski brand. Having one place for clients to check incident tickets, run reports, and review the suite of apps that Kudelski used to provide their awesome security services made things easier for everyone.
Kudelski Security received its highest scores in the following criteria:
business and technical value
reporting capabilities (including dashboard and user interface)
Crema continues to support the product with a maintenance and design retainer.
Crema is an agency driven by user interface & user experience design – powered by a strong product management process. With the help of our development partner, 5 and 2 Studio, we ensured the diverse platform was made up of small, reusable, declarative components. The Crema team oversaw product management and quality assurance, while our .NET development partner focused on implementing the new platform.
There were several moving pieces to the PhysEmp platform that required complex orchestration to ensure we would hit the goals of the engagement. Navigating a 20-year-old database, designing a new user interface for components of the platform, and prioritizing features necessary for launch were woven into our 2-week agile sprints.
Our teams collaborated over the course of the engagement by:
Creating, managing, and working toward a backlog of shared work on a bi-weekly sprint basis
Regularly grooming and prioritizing the backlog to meet the needs of PhysEmp and the team’s capacity
Establishing a velocity of work that can be completed during a 2-week sprint
Pivoting when necessary as complexities and opportunities presented themselves
Frequently demonstrating the product to client stakeholders
Weaving quality assurance & test engineering throughout the entire process
Insights behind the solution
The mature database of the PhysEmp platform was a lynchpin in the new product’s success. After unraveling the code, our teams realized that the errors users were experiencing could be solved by rewriting some frontend components and calls to the database. A strategy was developed and reviewed with the client to keep the current database & reconfigure other aspects of the platform so that the launch date could be met.
Rebuilding two frontend applications, along with the other priorities of the engagement, required our teams to remain agile throughout the process and frequently keep the focus on creating a better, more useful experience for the physicians and recruiters who rely on the platform.
With the new PhysEmp platform live, there are many more opportunities to build upon the experience and introduce new features to users. Our backlog is brimming with new functionality and upgrades to the platform on both the physician and recruiter side.
PhysEmp intends to continue to grow their offering to the thousands of physicians & recruiters who use the service.
Throughout the years, our process has evolved to support our clients and business and varies to fit the unique phases of an engagement. There were several key processes that we used to create meaningful outcomes together with the Solarhood team.
One of the hallmarks of Crema’s process is User Testing. With Phase 1 of Solarhood, we collaborated to recruit users to test the prototype with in two markets – Kansas City and Portland. We targeted 2 rounds of testing, with 3-5 testers per testing iteration. When user tests are conducted with individuals outside of Kansas City, software is used to connect the user to the prototype to interact with it.
Testing is typically facilitated by Crema staff, but the client is welcome to listen in throughout the process. All parties remain neutral during sessions to allow for honest and raw feedback to come from the person experiencing the prototype. Each user is walked through a series of prompts to unveil their assumptions about the platform, highlight key areas of refinement, and ultimately validate – or invalidate – the product experience.
In the instance of Solarhood, user tests informed many elements of the UI/UX in terms of what information was important to consumers & how they wanted to interact with that data. Later, user tests were conducted with B2B prospects to understand their solar wants and needs, which would greatly inform the product strategy.
This is all done in a series for 2-4 weeks, before a single line of code is written. After user testing sessions have been completed, our teams work to solidify the product experience, finalize all assets, and create a development plan of attack to bring the designs to fruition.
Prioritization & delivery
Through our extensive product development and launch experience, Crema has crafted a process to ensure we’re working in a partnership with our clients to achieve goals on a sprint-to-sprint basis. We understand that over time, priorities change, and our teams can quickly adapt to the demands that our clients are up against.
We do this by working from a central, prioritized backlog of items that range from development, testing, design, and discovery tasks that undergoes regular review between the Product Strategist, Product Manager, and client. The Crema team offers objective, expert input into how items should be prioritized, in line with the client’s desired direction. Best of all, it can be quickly reprioritized if need be.
Throughout our engagements, there is a regular meeting with the entire product development team to estimate the effort to each priority item in the backlog. These estimates inform how much work can be accomplished each sprint. Ultimately, this leads to a mutually-agreed upon scope of work that the team works on, frequently demoing and asking for feedback from the client team.
These processes – reminiscent of scrum rituals – require a high level of collaboration between our internal teams and the client stakeholders involved in the engagement. It produces a clear picture of exactly what is being worked on and what is to come. Crema maintains an open dialogue between all teams to effectively develop, maintain, and support our clients throughout the course of these engagements.
Crema’s technical team doesn’t start writing code on day 1 of the engagement. Oftentimes, we’re incorporating development team members into our project kickoffs, so they have a front row seat to the discussions and decisions being made. One of Crema’s core strengths is providing expert technical recommendations based on the needs of our clients.
During our engagements with Solarhood, there were several opportunities for our technical team to explore the best technical approach for the product builds – one of the major moments being moving from native mobile apps to React Native. This is done by uncovering any dependencies, architecture needs, and third party resources, and solidifying that recommendation against time, budget, and other requirements.
Based on what’s uncovered in the technical planning period, Crema’s recommendation is summarized and presented to the client – fueling them to make the decision that is best for their team and business.
Crema has been a critical part of our incredible success in building, from the ground up, a cutting edge Managed Security business. The designs delivered by the Crema team have resulted in industry analyst recognition as "innovative" and "world class". Our clients appreciate the clear and easy to use portal design as well as the eye catching visual cues. I'm happy to know that when we build a new service or have an interesting idea, Crema is there with the support to make it come to life via our portal.
Alton Kizziah, Vice President, Global Managed Services at *Kudelski Security*
Insights behind the solution
Navigating B2C and B2B markets creates a plethora of opportunities. Solarhood has relied on feedback from real users every step of the way, allowing them to build products that people really want. By asking questions like “What matters most?” and “How do we lay the data out to bring the most value?” they’ve benefitted from learning from the market early and often.
Most notably, the switch from native mobile apps to React Native was one of the biggest milestones during our multi-year engagement with Solarhood. Collectively, the decision was made to move this direction, and it eventually lead to a much more stable and scalable code base to build upon.
Today, Solarhood is available on the web and for download on all iOS and Android devices. With their robust tech stack and flexible design language, they’re positioned well to scale quickly consistently exploring new geographic regions, customer segments, and additional revenue models. The Solarhood team also continues producing engaging, informative solar information across many different channels, educating consumers on the benefits of going solar.
Let's talk about your business and technology goals.