Type: Professional Project at KPMG
Team size: We started with a team of 3 and grew to 12 members
Timeframe: May. 2017 – Feb. 2020 (~3 years)
My role: Product Design and Development
Awards: Solution of the year 2018&2019, KPMG India
(Awarded by the CEO for excellence in innovation)
Super Team, 2019
(Awarded to our team by the CEO for
team spirit and contribution to business growth)
More than 20 clients (as of 2019) in industries spanning Ecommerce, Automobile, Telecom, IT/ITes, Banking, FMCG are using the platform to protect their digital assets and reputation online. Our biggest use case was helping one of India’s largest Ecommerce company to protect their customers from impostor websites that trick customers and re-direct them to make payments on these fake websites during a large festive sale. The platform was able to detect over 60 such sites and the client was able to take them down.
We were not only able to expand business and bring additional revenue to the firm, but also drove innovation-centric culture in a service based company. It was used as a model of success, paving the way for more products and assets to be developed within the firm.
The platform continues to grow in features and client base.
DSIP was one of those rare and unique opportunities where I stretched beyond my comfort zone and wore multiple hats. I helped design and develop a product from ideation to a fully functional product launched and sold to clients globally.
I got to explore and contribute to the realms of design, product, and engineering and everything in between:
Product Design: Led and managed end-to-end design and development of the Cyber-Insights module. I grew it to the most-subscribed module of the platform.
User Experience Design: Designed the information architecture for the Cyber-Insights module, right from how the client sees it at their end to how it is stored in the database. I designed interactive dashboards and detailed reports. I also was responsible for creating a quick and straightforward client onboarding experience.
Engineering: I modeled and implemented the Cyber Risk Score, providing real-time tracking for mitigation efforts. Was involved in scaling the platform’s data pipeline to a fully automated, multi-core, multi-process, configurable architecture. This reduced reporting ETA by ~12 hours. I wrote crawlers that used APIs and web scraping and designed the database schema to store the results.
Business Development: I was actively involved in giving demos and pitches to clients, internal stakeholders, and the firm’s leadership. I was also responsible for providing technical and design presentations to team leaders. I also mentored junior developers and interns. I was involved in conducting Python training workshops for my colleagues to get started with programming.
While working on this product, every other day presented a unique challenge and with it a chance gain new knowledge and broaden my skill set. Unfortunately, I cannot present the interface or implementation details here. I would however,
like to talk about the challenges I faced, individually and as a team, and the lessons I learned from being a part of this project.
CORPORATE START UP EXPERIENCE
Challenges and opportunities
Getting buy-in from leadership
In a firm whose business primarily serves clients, every resource not being billed to a client is a liability. On the one hand, we need resources to build the tool. On the other, we had to prove to leadership that there was a market for it that would justify the cost of building the tool.
We made the difficult decision to work on building a proof of concept (POC) outside of the hours stipulated for billable projects. It was an extremely stressful four months for me, but my faith in the idea and the freedom and ownership that our director gave us made it possible to pull through. The effort was worth it because the first version of the tool’s demo gained traction with clients and internal stakeholders, paving the way to take it forward.
Bureaucracy & constraints
Operating like a start-up inside a large organization was very different from the advantages a traditional start-up has. There were more restrictions, rules, and approvals that made the development process slow.
We learned that the best way to work around this is to get support from internal stakeholders like the firm’s Partners as early as possible. Showing tangible results (in our case, we developed a proof of concept to get market validation), no matter how small, is key to persuading them to get onboard. Having them prioritize our solution helped speed approvals.
We also could not get creative with the visual elements of the user interface. We had to strictly follow brand design guidelines. It was actually a blessing in disguise. We were forced to make our features shine. Clients did not mind using a simple-looking interface; they only cared whether they could use it to meet their goals.
Growing the team
As our codebase and client base started growing, we needed more developers to be part of our team. However, we had to increase profits before getting the budget to hire new resources.
I learned how enormous visibility, both on the floor and at the top of the company, can make it possible to get permission to pull in resources from across the firm, freedom to defy conventional thinking, and the right to recruit own team.
The following activities helped us make the best out of opportunities within the firm-
- We told our corporate start-up story at a KEDx (The firm’s version of a TED talk). Intrigued and impressed, lots of colleagues reached out wanting to be part of the team.
- We engaged interns, garnered their interest, and trained them to contribute to our project.
- We conducted python and technical training workshops, which helped us identify resources within the firm for our team.
- We took every opportunity to participate/organize Hackathons in the firm.
- Our managers and directors took every opportunity to showcase the platform and its progress at Executive meetings.
The path of entrepreneurship was not a comfortable one. We had to constantly hustle, take risks, navigate uncertainties, learn new things, and innovate to stay ahead of competitors. Launching a product was a first for all of us, and we were not perfect. We sometimes had to firefight due to system issues, face the consequences of a feature not doing as well as we anticipated, or witness sales figures falling.
Our director made it a point to organize workshops at least once every quarter where the team (sometimes including internal stakeholders) came together to reflect and re-affirm our motivations and goals. I found that these activities helped us stay positive and look at the bigger picture.
Finding the right SDLC
When it was just me and two other developers on the team, it was simple to coordinate among ourselves. Having a “process” only made things slower. However, as the team grew in size, organized chaos turned into chaos.
It took us a couple of months to find a software development process that worked well for a start-up like environment. We adopted a modified agile development process. Since we had to include many ad-hoc tasks, we decided to keep a 3 week long sprint where the first week was dedicated to design and research. It gave us enough time to manage time sensitive ad-hoc requirements and sprint tasks. We initially scheduled releases at the end of every sprint. As we took on more complex features that required more research and testing, we changed to release after two sprint cycles. I learned it is ok to tailor the SDLC process according to the dynamics of the environment.
Advocating for UX
Taking the user-centered approach
Diagnosing the problem
Defining the problem
I realized that there was a simple solution to this problem – role-based dashboards. But before jumping in, I wanted to validate this assumption. We were a small team with no resources to conduct focused user studies. Therefore, I reached out to colleagues within the firm’s cybersecurity division who could be potential users instead. I set up some time with them. I prepared task scenarios for them to navigate our platform. I also discussed with them to understand their needs and frustrations if they were to use the tool. Affinity analysis and persona design helped me synthesize these conversations.
Key takeaway: Business users looked for an overview of risks and their business impact, while the analysts wanted technical details.
I created paper prototypes that represent two views of the dashboard in the first iteration. Once I got a go-ahead form, my team’s manager, I created a high fidelity mock-up using HTML, CSS, JS.
Business user/Manager view
I created a cyber risk matrix that correlated the identified vulnerabilities to risks and business impact and quantified with a scoring algorithm. I visualized it according to their logical line of questioning: What is the overall risk sore? How has this changed over time to reflect the mitigation efforts of my team? What is the impact? Which category of risk has the most vulnerabilities? Why?
I made the insights actionable by providing recommendations for mitigation and a vulnerability score (represented as Red/Amber/Green) to help prioritize efforts. I used interactive drill-downs in anticipation of an overload of information, showing the most critical data first followed by the meta-data.
I went back to my cybersecurity colleagues to take feedback for my high-fidelity prototype. They helped me perfect this representation over several quick iterations.
Visualizing the Cyber Risk Score
Working on visually representing a quantitative metric was one of the most challenging problems I faced. The data in our database was not in the desired format. I had to create a view of the data in the form of the Cyber Risk Matrix I designed. I then had to create APIs to structure (JSON format) and retrieve the information to visualize it. I found that the Sunburst Chart is ideal for representing hierarchical information. Its interactive drill-downs was perfect for presenting the factors in line with the flow of questions while also handling information overload. I also displayed the change in score that reflected mitigation efforts, making it more trustworthy.
I configured the platform’s access control to display the view that corresponded to the logged-in user’s role.
Impact & Learning
After these changes, we saw a dramatic increase in customer satisfaction and pitches converted into deals.
The human interaction aspect of technology solutions is considered far too little and far too late in the race to capture the competitive market. I thought that UX design would be time-consuming and come in the way of deadlines and business goals. I realized that, in fact, it helps strike a balance between user and business goals. I realized that user-focused research is as critical or even more so than generic market research. At the end of the day, even if the product is sold, it is a loss for both the business and customers in the long term if the product is unable to cater to the end-user needs.
Looking at the colorful sticky notes on my desk and notebooks, curious colleagues would often stop by and show interest in learning about UX and the design thinking process. It would spark conversations and discussions about how they could use some of these techniques in their projects. As a result, colleagues would offer to be interviewed for user research and feedback sessions. I found that it was effective to show stakeholders insights and progress. Post this experience, I made it a point to follow a user-first approach to design and development.
Choosing the appropriate technology stack for solution
Mobile App Vs. Web App
Python Vs. Java
MySQL Vs. Hadoop
Choosing the right data store was probably the toughest decision we had to take. We naturally went with MySQL for making the proof of concept because all of us in the team were familiar with it, and it was quick to set up. However, there was a push from management to use “Big Data” technologies in our stack despite our attempts to explain that we weren’t there yet.
I created a cost-benefit analysis of procuring and configuring Hadoop clusters. I also pulled stats on our data size, query completion times, and memory usage to show that we are nowhere at maximum capacity or inefficient. Further, we showed that our tool requires constant user-interaction, and MySQL is faster to handle ad-hoc queries. It helped make our case and save the team and the company from wasting thousands of dollars and a maintenance nightmare.
I experienced tremendous growth in my technical and problem-solving capabilities. I learned to manage uncertainties and grew to become a confident professional.
This project took me on an exciting journey and exposed me to the different phases of designing, building, launching, and maintaining a product. Thanks to which, I was finally able to realize that my interest lies in User Experience Design. I thoroughly enjoyed applying the design thinking process to make our product hassle-free and easy to use. It instilled in me an unwavering desire to play a part in the efforts to bridge the gap between people and technology.