[index]

01 Cyral Data Access Portal

Streamlining and securing database access for enterprise security

  • role: Product Designer
  • team: Cross-functional, 6
  • platform: Web Application
  • timeline: Q1 2024

Enterprise database access, without passwords.

The Data Access Portal was a centralized interface for Cyral's enterprise customers to browse, search, and connect to their database infrastructure. Instead of managing individual passwords across hundreds of databases, users authenticated once through their existing identity provider and received a token-based connection string, granting access without credentials ever being stored or shared.

Problem · When the Password Is the Problem

Informatica, Verisk, Vanguard: Cyral's enterprise customers were managing passwords across hundreds of databases. Every password was a compliance liability and an operational burden: 65% of users found existing access methods cumbersome, and password-based access was the leading cause of the security incidents their clients were paying to prevent.

Cyral already had a rudimentary access management surface, but it asked too much of users and offered no path to eliminating passwords entirely. As the first design hire, I was defining whether design could make passwordless access adoptable at enterprise scale, a mandate broader than any single screen.

Solution · One Token, Every Database

The solution was a centralized portal: one place to find, filter, and connect to any database, authenticated through existing identity providers, no passwords required.

media: /images/dap/data-access-portal.png

Designing for density without creating chaos was the core UX challenge. Enterprise users navigate databases numbering in the hundreds, each carrying its own access level, type, and security restrictions. A table forces linear scanning; cards allow spatial scanning: database type, access level, and security policy visible at a glance. I validated this with users before committing, and the pattern scaled across the product.

The authentication layer was designed in close collaboration with Cyral's Chief Software Architect to integrate with the SSO and MFA systems users already trusted. Legacy password support was kept in for customers mid-migration, since forcing a hard cutover would have killed adoption. The goal was to move users into the new system first and deprecate legacy access once the pattern was established.

Security policy visualization followed the same logic. Surfacing every restriction upfront created cognitive overload in testing. Progressive disclosure kept policies visible without overwhelming the default state: present at a glance, detailed on demand.

media: /images/dap/data-access-portal-duo-mfa.png

Iteration · Designing in Production

Launch moved the design work to a new signal source. Support requests came through the web client's support page into a Slack queue, where Cyral's support devs triaged: recurring patterns got forwarded to me, and anything a written ticket couldn't carry became a live call with the user. That channel turned into the portal's research instrument, since every recurring ticket was a usability claim with a name and a database attached.

Two patterns surfaced early. The first: users couldn't parse the details on a database or access account, because related data points sat scattered across the layout. I restructured the details view around association and disclosure. Related values moved into proximity, with color and bordered groups carrying the associations, and each connection folded into an accordion that opens one at a time, extending the portal's progressive-disclosure logic so users take in a single connection's detail rather than every connection's at once.

media: /images/dap/data-access-portal-details.png

The second was speed. Search and filter worked, but not at the pace of someone scanning hundreds of databases: search became live, rendering results as the query was typed, and the filter set expanded to cut the inventory along more dimensions. Both changes served the same goal of making the portal feel fast at real inventory sizes.

Each revision went back out through the channel that surfaced it, and the support devs confirmed whether the ticket category went quiet. The helpdesk reduction in the results below is that loop, measured.

Results

  • 85% · Reduction in security incidents related to password breaches
  • 92% · User satisfaction with the interface and ease of access
  • 40% · Reduction in IT helpdesk tickets related to database access

The portal became Cyral's most adopted feature and expanded to S3 buckets within the same quarter. The design patterns established here were adopted across multiple product areas, and directly contributed to closing larger enterprise deals.

next: /agent/design-style-guide