Duo Reporting & Analytics

Product Design, UX Design, Completed November 2017

Project Overview

A year-long project to reimagine Duo Security's reporting features that allowed the company to a compete in a new vertical of the cyber security market. The completed implementation now provides actionable and understandable metrics for large amounts of authentication and user data.

My Contributions

User Research, Ideation, Wireframing, Prototyping, Usability Testing

Problem and Goals

Duo is a security solution with two-factor authentication at its core. Each time a user attempts to log in to corporate resources protected by Duo, an event is logged with all the details of the attempt, such as Time, Access Device, Location, Browser, and more. Over time, these details create a predictable pattern for each user's typical behavior.

Although Duo sat on so much data, the amount of reporting on the logs was sparse and static. User behavior was difficult to understand at a glance and overall cumbersome to deal with.

Our project's goal was to enable users to take action on the activity they see, whether that's suspicious logins, inefficient usage, or lock-outs. To do this, we needed to write new architecture for the authentication data, redesign the IT administrator's dashboard, and create new reporting features that would reveal the meaning behind the logs.
Secure by Design: Delivering Incremental Value to Duo Customers
I teamed up with my Product Manager, Steve Won, to announce the completion of this project and give a behind-the-scenes breakdown of this project for the Duo Blog.
Read the Article

Research and Ideation

Before beginning, we conducted many customer interviews and user interviews to understand their pain points and usage of the existing reporting features.
Research: Synthesis of customer and user interviews
Ideation: Sketches of potential data visualizations

Building MVPs towards a North Star

Improving the authentication log filters was the most impactful change we could make to Duo's reporting functionality. It would allow users to understand the find the data they needed and allow Duo to present the data as actionable and easy to understand.

While the filtering design was relatively straightforward to mock up, writing the new architecture for the data would take much longer. So while working towards our north star of making the data actionable, I designed smaller features and components that would allow users to start understanding their data right away. I was then able to reuse those components in the larger reports that came down the line.
Updating our filters from lengthy dropdowns to a more intuitive system.
New components, roll-ups, and functionality added to make investigations easier.

Reporting and Analytics

Once the foundation was set and the new architecture was stable, we were able to surface valuable insights for our users with data visualizations, reports, and filtering options. During this time, a new team was created specifically to support this suite of features. Below are the pages I designed for the first phase of Duo's new reporting and analytics journey.

The Dashboard

As an IT Admin, I can quickly understand the state of my user's authentications and usage of Duo right from the home page of the administrative panel. I can drill in to each stat to investigate spikes in fraudulent authentications or help employees who are having trouble.

Authentication Summary

As an IT Admin, I can present to stakeholders how our deployment of Duo is going. How are my employees using Duo? Where can I utilize the service differently?

Denied Authentications

As an IT Admin or Security Admin, I can investigate suspicious or troubling activity. Where and why are my users struggling? How can I catch and stop malicious behavior before it spreads?

Deployment Progress

As a new customer of Duo, how is my deployment of Duo going? Are my employees actually using it?