UX Success

“The Story You Are About To See Is True.

The Names Have Been Changed To Protect The Innocent”

These were the opening words of every episode of the series “Dragnet”.

I loved  loved loved to watch “Dragnet” when I was a little girl.

But it was on past my bedtime.

Going into the last commercial, the announcer would always say “The results of this case in just a moment”.  Sometimes I would sit on the staircase landing, watching the TV  over my parents shoulders while I was supposed to be asleep.  I would be tingling in anticipation — waiting to see the results before my folks would catch me and order me to bed.

Full disclosure, I have been out in the field and forgot I needed to blog a UX post today.  So, I’ve decided to share a snippet of a recent ethnographic visit — learning about security professionals so that we can design better user experiences for them as they manage their daily security tasks.

10:30: Wanda the Watchdog

Wanda’ cube is right under a white noise machine. She likes it because she can concentrate. She is turned around looking at me expectantly. … I ask her to do what she does every day — she is relieved because she thinks a lot of work stacked up when she was in the meeting with us earlier.

Wanda has three monitors. One is super old school. It has email opened. The center monitor has an events mapper. It is purple and has something that looks like a network architecture diagram. There is a list of events. That screen stayed up the entire time I talked to her.

Wanda is celebrating her 5th anniversary as an employee of Company X. I know this because there is a big monitor that flashes messages to the cube farm up high on the wall above and the right of Wanda’s cube. There is a message that flashes up … “this network brought to you by … and then a bunch of logos. Tripwire’s logo is on that sign.

I point it out, and Wanda shakes her head. “I object to that.  Displaying what vendors we use because that’s the first thing a hacker would look for is, what technology do you have in here.  That’s part of reconnaissance.  My job is to think like a hacker so I’m in constant hacker think mode and that’s the first thing I would do is say, okay what technology do you have, what versions are you running, are those versions vulnerable, what vulnerabilities are against them, what exploits are against those vulnerabilities and then I found the hole and I’m in.”

I ask her about her background. She has a master’s degree in security from a big school.  I tell her that I didn’t even know there was a masters in security.

“I didn’t either until I took an interest.  The previous job I had, we had viruses going around and I personally spent nights cleaning out systems because I used to be management.  I used to do what these guys did and I got tired of that and I’m like, there has to be something we can do about this and I started taking an interest in security and I found this degree and I’m like, awesome, I’m going to do this cause I’m going to fight these guys.  When I graduated I’m like, okay I’ve got this degree, what can I do?  The company I worked for was not interested in security at all, they didn’t care.  So I started looking for a job and found this one.”

Wanda describes herself as a “watchdog”. Her job is to watch and alert people.  I believe that she cares about her job. — her cube is decorated with motivational messages . I mention one in particular about how security people need to remember a business is being run. She laughs and tells me that she has that there to remind herself to lighten up. “I am a stickler”

Sometimes her boss tells her to let some issues slide, but Wanda is uncomfortable with that.  The stuff that has happened in the past two years has just taken the hacking and breach to a whole new level.

“it’s incredible.” Wanda sighs, “Unfortunately the bad guys are winning.”

(The story you just saw is true.  The names have been changed to protect the privacy of those who are participating in the Tripwire UX Lab Rat program.  http://www.tripwire.com/uxlabrat/)

Note:  This post was originally published here: http://www.tripwire.com/state-of-security/it-security-data-protection/watching-the-detectives/

This is a quick press from the hotel room in foggy San Francisco. Today ends my first ever attendance at the RSA Conference.  I am here because I know only 6 months worth of anecdotal information about the so-called “Secruity”  worker.    Since my company sponsors a bunch of stuff here, I talked them into letting me come along.

I had a goal:  recruit some non-customers for user research.   I thought it would be reasonable to talk to 4 or 5 people a day for 15 minutes each in a structured 10 question interview that would be fun and not too intrusive (these guys are super freakish about security and privacy — go figure)

I enlisted the help of the team to tweet enticing messages — like:  @uxsuccess is giving away cool #UX Lab Rat T shirts if you can find her #rsac

The Tripwire Twitter Feed at RSA 2011

Soon,  I had some people tweeting to meet me to answer my ten questions in exchange for a really sweet shirt:

1. What is your job title?

2. What is your bosses job title?

3. If you were at a cocktail party and someone asked you what you do for  a living, what would you tell them? (Probe here)

4. What do you do first thing in the morning (job related)

5. What do you have to get done before you break for lunch (what?  you don’t break for lunch?!?)

6. What do you have to do before you clock out for the day?

7. Tell me a story about a time you proved your value to your boss and the company.

8. What do you hate most about your job?

9. What do you love most about your job?

10. Anything else you want to tell me?

I also stalked the outskirts of the conference  with my trusty LiveScribe pen and a backpack full  of UX Lab Rat Shirts to give away to interviewees…

Really Sweet UX Lab Rat Shirt

I made my quota!  By 2PM yesterday I had talked to 25 people, handed out 15 shirts, and promised to mail 10 shirts to people who had no more room in their luggage!

All in all,  it was a pretty good experiment.   I learned quite a bit about these folks that will be digested and fed into our Design Personas when I get back to PDX.  I also collected enough business cards and twitter followers to start a data-base of UX research participants.   If people were interested,  I signed them up in a Survey Monkey form  that lives on the corporate site (but you have to know the URL to get to it)    www.tripwire.com/uxlabrat

OK!  I’m gonna get out in the Fog for our last day .