Simplifying Access Management
Simplifying Access Management
Simplifying Access Management
Enabling Admins to Securely Manage Teams and Assets in Athena
Enabling Admins to Securely Manage Teams and Assets in Athena
Enabling Admins to Securely Manage
Teams and Assets in Athena
2024
2024
2024
3 Months
3 Months
3 Months
Product Design
Product Design
Product Design
As our system scaled up, its hyper-manual user onboarding process became unsustainable. Leading Research and Design, I develop an access management solution that streamlined onboarding, reduced support tickets, and empowered users to manage their teams and resources efficiently.
As our system scaled up, its hyper-manual user onboarding process became unsustainable. Leading Research and Design, I develop an access management solution that streamlined onboarding, reduced support tickets, and empowered users to manage their teams and resources efficiently.
As our system scaled up, its hyper-manual user onboarding process became unsustainable. Leading Research and Design, I develop an access management solution that streamlined onboarding, reduced support tickets, and empowered users to manage their teams and resources efficiently.
Team
Team
Team
1 Product Designer (me)
1 Product Manager
1 Technical Product Owner
1 Product Designer (me)
1 Product Manager
1 Technical Product Owner
1 Product Designer (me)
1 Product Manager
1 Technical Product Owner
Business Goals Summary
Business Goals Summary
Business Goals Summary
Faster Onboarding
Improve user satisfaction, maintain partnership momentum, and scale efficiently.
Scalable & Adaptable System
Support evolving roles, business strategies, and future growth.
Refocused Responsibilities
Reduce IT burden, empower users to manage access, and enhance privacy controls.
Faster Onboarding
Improve user satisfaction, maintain partnership momentum, and scale efficiently.
Scalable & Adaptable System
Support evolving roles, business strategies, and future growth.
Refocused Responsibilities
Reduce IT burden, empower users to manage access, and enhance privacy controls.
Faster Onboarding
Improve user satisfaction, maintain partnership momentum, and scale efficiently.
Scalable & Adaptable System
Support evolving roles, business strategies, and future growth.
Refocused Responsibilities
Reduce IT burden, empower users to manage access, and enhance privacy controls.
Process
Process
Process
Market Research
Market Research
I started by looking at similar tools on the market, the existing internal system, key stakeholders. Then I structured a discussion with the Technical Product Owner and Product Manager surrounding these 3 topics:
Team Setup
How do companies structure teams within access management?
Roles & Permissions
How are roles defined and permissions assigned?
Access Auditing
How do admins monitor and review user access?
We saw three key requirements emerged —
Hybrid Access Model
Combines RBAC (role-based control) and ABAC (access-based control) to incorporate and extend the existing system
Modular & Versatile Design
Supports both internal operations and external teams.
Privacy & Security Focus
Ensures data protection, compliance, and user trust.
These points were used to frame our conversation with the broader team in the next step
I started by looking at similar tools on the market, the existing internal system, key stakeholders. Then I structured a discussion with the Technical Product Owner and Product Manager surrounding these 3 topics:
Team Setup
How do companies structure teams within access management?
Roles & Permissions
How are roles defined and permissions assigned?
Access Auditing
How do admins monitor and review user access?
We saw three key requirements emerged —
Hybrid Access Model
Combines RBAC (role-based control) and ABAC (access-based control) to incorporate and extend the existing system
Modular & Versatile Design
Supports both internal operations and external teams.
Privacy & Security Focus
Ensures data protection, compliance, and user trust.
These points were used to frame our conversation with the broader team in the next step
I started by looking at similar tools on the market, the existing internal system, key stakeholders. Then I structured a discussion with the Technical Product Owner and Product Manager surrounding these 3 topics:
Team Setup
How do companies structure teams within access management?
Roles & Permissions
How are roles defined and permissions assigned?
Access Auditing
How do admins monitor and review user access?
We saw three key requirements emerged —
Hybrid Access Model
Combines RBAC (role-based control) and ABAC (access-based control) to incorporate and extend the existing system
Modular & Versatile Design
Supports both internal operations and external teams.
Privacy & Security Focus
Ensures data protection, compliance, and user trust.
These points were used to frame our conversation with the broader team in the next step
B. Interviewing Internal Stakeholders
B. Interviewing Internal Stakeholders
B. Interviewing Internal Stakeholders
I identified groups of people who would be impacted by the outcomes of this project and set up discussions with them. The teams are:
Internal Athena Admins
Developed the existing system. Thus have the best understanding of the model.
IT Team
Manages user onboarding and access requests.
Security Team
Best knowledge on how to ensure compliance with security regulations.
HR & Customer Ops
Handles internal and client access requests. Can be the voice of customers.
I identified groups of people who would be impacted by the outcomes of this project and set up discussions with them. The teams are:
Internal Athena Admins
Developed the existing system. Thus have the best understanding of the model.
IT Team
Manages user onboarding and access requests.
Security Team
Best knowledge on how to ensure compliance with security regulations.
HR & Customer Ops
Handles internal and client access requests. Can be the voice of customers.
I identified groups of people who would be impacted by the outcomes of this project and set up discussions with them. The teams are:
Internal Athena Admins
Developed the existing system. Thus have the best understanding of the model.
IT Team
Manages user onboarding and access requests.
Security Team
Best knowledge on how to ensure compliance with security regulations.
HR & Customer Ops
Handles internal and client access requests. Can be the voice of customers.
C. Findings and project requirements
C. Findings and project requirements
C. Findings and Project Requirements
Balancing Flexibility & Structure
With Athena planning to absorb Powertrack, the challenge lies in merging two fundamentally different systems—one too broad, the other too restrictive. A unified approach must accommodate both flexibility and control.
User Access Challenges
Managing user assignments across multiple sites is inefficient and places a heavy burden on IT. A self-service model would streamline the process, reducing overhead and improving user experience.
Security & Compliance
SOC 2 and GDPR regulations mandate strict access controls, requiring a solution that ensures security without compromising usability.
Future Vision
The goal is to empower users with independent access management while maintaining a system that is both simple and flexible.
Balancing Flexibility & Structure
With Athena planning to absorb Powertrack, the challenge lies in merging two fundamentally different systems—one too broad, the other too restrictive. A unified approach must accommodate both flexibility and control.
User Access Challenges
Managing user assignments across multiple sites is inefficient and places a heavy burden on IT. A self-service model would streamline the process, reducing overhead and improving user experience.
Security & Compliance
SOC 2 and GDPR regulations mandate strict access controls, requiring a solution that ensures security without compromising usability.
Future Vision
The goal is to empower users with independent access management while maintaining a system that is both simple and flexible.
Balancing Flexibility & Structure
With Athena planning to absorb Powertrack, the challenge lies in merging two fundamentally different systems—one too broad, the other too restrictive. A unified approach must accommodate both flexibility and control.
User Access Challenges
Managing user assignments across multiple sites is inefficient and places a heavy burden on IT. A self-service model would streamline the process, reducing overhead and improving user experience.
Security & Compliance
SOC 2 and GDPR regulations mandate strict access controls, requiring a solution that ensures security without compromising usability.
Future Vision
The goal is to empower users with independent access management while maintaining a system that is both simple and flexible.
D. Create stakeholder map and service blueprint
D. Create stakeholder map and service blueprint
D. Create stakeholder map and service blueprint
Managing multiple projects, I noticed recurring knowledge gaps—projects were often treated in isolation rather than as part of a larger project cycle. Unintentionally, this led to different teams duplicating effort on the same functionality in separate areas.
Recognizing this inefficiency, I saw the need to consolidate and document a service blueprint to visualize where permissions and asset transitions occur. Collaborating with our SMEs, we mapped out how our product supports the full process.
This blueprint now serves as a critical tool for assigning feature ownership to scrum teams, facilitating cross-team collaboration, and ensuring scalability while maximizing impact.
Managing multiple projects, I noticed recurring knowledge gaps—projects were often treated in isolation rather than as part of a larger project cycle. Unintentionally, this led to different teams duplicating effort on the same functionality in separate areas.
Recognizing this inefficiency, I saw the need to consolidate and document a service blueprint to visualize where permissions and asset transitions occur. Collaborating with our SMEs, we mapped out how our product supports the full process.
This blueprint now serves as a critical tool for assigning feature ownership to scrum teams, facilitating cross-team collaboration, and ensuring scalability while maximizing impact.
Managing multiple projects, I noticed recurring knowledge gaps—projects were often treated in isolation rather than as part of a larger project cycle. Unintentionally, this led to different teams duplicating effort on the same functionality in separate areas.
Recognizing this inefficiency, I saw the need to consolidate and document a service blueprint to visualize where permissions and asset transitions occur. Collaborating with our SMEs, we mapped out how our product supports the full process.
This blueprint now serves as a critical tool for assigning feature ownership to scrum teams, facilitating cross-team collaboration, and ensuring scalability while maximizing impact.
Stakeholder Map for Renewable Energy Project – Visualizing key players, their roles, and interactions to identify dependencies, decision-making authority, and collaboration opportunities in the system.
Stakeholder Map for Renewable Energy Project – Visualizing key players, their roles, and interactions to identify dependencies, decision-making authority, and collaboration opportunities in the system.
Stakeholder Map for Renewable Energy Project – Visualizing key players, their roles, and interactions to identify dependencies, decision-making authority, and collaboration opportunities in the system.
Service Blueprint — Mapping STEM's role throughout the project lifecycle, from Development to Operation, to support data migration and ensure proper document setup and access (e.g., technicians need architectural or electrical drawings, while financial managers require budget spreadsheets).
Service Blueprint — Mapping STEM's role throughout the project lifecycle, from Development to Operation, to support data migration and ensure proper document setup and access (e.g., technicians need architectural or electrical drawings, while financial managers require budget spreadsheets).
Service Blueprint — Mapping STEM's role throughout the project lifecycle, from Development to Operation, to support data migration and ensure proper document setup and access (e.g., technicians need architectural or electrical drawings, while financial managers require budget spreadsheets).
Design Exploration
Design Exploration
Design Exploration
Low fidelity wireframe to validate concept
Low fidelity wireframe to validate concept
Low fidelity wireframe to validate concept
While interviewing internal teams, I also explored various models and structures, continuously engaging the Product Manager and Technical Owner to brainstorm ideas and validate concepts with the broader team. The Information Architect was also actively involved in the discussions.
While interviewing internal teams, I also explored various models and structures, continuously engaging the Product Manager and Technical Owner to brainstorm ideas and validate concepts with the broader team. The Information Architect was also actively involved in the discussions.
While interviewing internal teams, I also explored various models and structures, continuously engaging the Product Manager and Technical Owner to brainstorm ideas and validate concepts with the broader team. The Information Architect was also actively involved in the discussions.
Laying out the foundation — Exploring a data model that enable Actor's resource access through their Roles and Permissions
Laying out the foundation — Exploring a data model that enable Actor's resource access through their Roles and Permissions
Building Blocks — Communication Material
Building Blocks — Communication Material
Define JTBDs (Jobs to be done)
Define JTBDs (Jobs to be done)
Challenges and Mitigations
Challenges and Mitigations
Challenges and Mitigations
Our solution balances user needs with system scalability but requires a greater commitment and investment in the existing permission model.
Although well-researched and backed by the Business Strategy team, the proposal encountered resistance from the Development team due to misaligned goals—essentially a "too many cooks" situation. To address this, I paused the design of the next workflow, Permission, and facilitated cross-team discussions to assess trade-offs. I also consulted internal SMEs to document risks and potential returns.
The process and rationale were thoroughly documented, ensuring clarity and productive discussions. Before my departure for personal reasons, I handed over my findings to my successor, enabling a smooth and frictionless transition.
Our solution balances user needs with system scalability but requires a greater commitment and investment in the existing permission model.
Although well-researched and backed by the Business Strategy team, the proposal encountered resistance from the Development team due to misaligned goals—essentially a "too many cooks" situation. To address this, I paused the design of the next workflow, Permission, and facilitated cross-team discussions to assess trade-offs. I also consulted internal SMEs to document risks and potential returns.
The process and rationale were thoroughly documented, ensuring clarity and productive discussions. Before my departure for personal reasons, I handed over my findings to my successor, enabling a smooth and frictionless transition.
Our solution balances user needs with system scalability but requires a greater commitment and investment in the existing permission model.
Although well-researched and backed by the Business Strategy team, the proposal encountered resistance from the Development team due to misaligned goals—essentially a "too many cooks" situation. To address this, I paused the design of the next workflow, Permission, and facilitated cross-team discussions to assess trade-offs. I also consulted internal SMEs to document risks and potential returns.
The process and rationale were thoroughly documented, ensuring clarity and productive discussions. Before my departure for personal reasons, I handed over my findings to my successor, enabling a smooth and frictionless transition.
Project Impact Summary
Project Impact Summary
Project Impact Summary
Enhanced Collaboration & Alignment
Enhanced Collaboration & Alignment
Enhanced Collaboration & Alignment
Bridged gaps between teams by facilitating cross-functional discussions, ensuring shared understanding and reducing redundant development efforts.
Bridged gaps between teams by facilitating cross-functional discussions, ensuring shared understanding and reducing redundant development efforts.
Bridged gaps between teams by facilitating cross-functional discussions, ensuring shared understanding and reducing redundant development efforts.
Stakeholder Map & Service Blueprint as Design, Training, and Scalability Tools
Stakeholder Map & Service Blueprint as Design, Training, and Scalability Tools
Stakeholder Map & Service Blueprint as Design, Training, and Scalability Tools
These artifacts now serve as valuable references for other designers, helping them understand system interactions and dependencies. Additionally, they are used as training materials across the company to onboard new team members and align teams on best practices, ensuring scalability and consistency across projects.
These artifacts now serve as valuable references for other designers, helping them understand system interactions and dependencies. Additionally, they are used as training materials across the company to onboard new team members and align teams on best practices, ensuring scalability and consistency across projects.
These artifacts now serve as valuable references for other designers, helping them understand system interactions and dependencies. Additionally, they are used as training materials across the company to onboard new team members and align teams on best practices, ensuring scalability and consistency across projects.
Optimized Permission & Access Control
Optimized Permission & Access Control
Optimized Permission & Access Control
Clarified role-based access needs (e.g., technicians accessing drawings, financial managers handling budget sheets), improving efficiency and compliance.
Clarified role-based access needs (e.g., technicians accessing drawings, financial managers handling budget sheets), improving efficiency and compliance.
Clarified role-based access needs (e.g., technicians accessing drawings, financial managers handling budget sheets), improving efficiency and compliance.
Smooth Transition & Knowledge Retention
Smooth Transition & Knowledge Retention
Smooth Transition & Knowledge Retention
Documented key findings and processes, ensuring a seamless handover and sustained impact beyond my involvement.
Documented key findings and processes, ensuring a seamless handover and sustained impact beyond my involvement.
Documented key findings and processes, ensuring a seamless handover and sustained impact beyond my involvement.
Hailey
Nguyen
Reach out if you have any questions or wish to discuss your project.
Hailey
Nguyen
Reach out if you have any questions or wish to discuss your project.
Hailey
Nguyen
Reach out if you have any questions or wish to discuss your project.
Hailey
Nguyen
Reach out if you have any questions or wish to discuss your project.