Optimising Group Management

Overview

Our client, a leading air defence organisation, tasked us with revamping their attendance tracking application. The goal was to enable digital check-ins for visitors at specified military locations.


Apart from developing the visitor-facing interface, our team also built the administrative backend that spread across three types of admin users.

Expanding Scope

Midway through developing the admin portal, the Product Owner (PO) requested categorising users into groups. This feature aimed to improve the efficiency of managing entrance permissions by allowing admins to:


Challenge

Integrating user group into the design presented a challenge. We needed to ensure the feature:



The last point was crucial as the client needed the new functionality but couldn't afford significant delays.

The Process

Discovery


Understanding The Users 

Within the product ecosystem, there are 3 admin user types:


User assignment permissions: Let's explore the user assignment functionalities for superadmins and admins.

As this feature is built to enhance capabilities in organising users for entrance management, admin users would be responsible for assigning entrance permissions.


Initial Flow 

In the first phase, entrance access followed a streamlined approach. All existing users were automatically granted access when an entrance was created. Admins could then manually remove access for specific users if needed. New users required manual assignment for access.

As shown below, it was designed for flexible access where admin users can individually grant or revoke entrance access for any user, allowing for fine-tuned control over who can access each entrance.

What & Why User Group?

Typically, a group management tool empowers administrators to organise users into groups and delegate access privileges. In this context, access privileges would translate to assigning specific entrances.


Much of the backend code had been written per the approved designs when PO requested this feature. Hence, we'd prefer to avoid code modifications to minimise project timeline impact. Implementing a group management feature would require this, so we explored alternative approaches.

Desk Research

Moving forward, conducting desk research would be crucial to uncovering best practices and leveraging existing knowledge instead of reinventing the wheel. We can specifically focus on:

ServiceNow's user group management functionalities can provide insights into organising and managing user access within a complex IT service management platform.

Upon creation, the user has the flexibility to choose between group members, roles and groups, as shown below.

For Google Workspace, creating groups refers to the process of establishing a collection of users who can easily collaborate and communicate with each other. These groups function like mailing lists but offer additional functionalities like shared calendars, document access control, and security features.

Compared to ServiceNow, creating groups in Google Workspace offers a more streamlined approach. It focuses on assigning access permissions first during creation and guides the user to add members thereafter.

Field Study

During a recent onboarding session for the previous version of our product at an airbase, I encountered a key aspect of their existing system – the Electronic Key Management System (ETMS). This system allows users to group personnel into teams and assign them access to specific keys based on their roles and responsibilities.

This discovery of the ETMS validated a crucial aspect of user workflows at the airbase: the existing behaviour of user group management and granular access control for physical keys. This correlates with insights from previous field studies (as seen below) which also translates to the functionalities of our product, particularly assigning access to groups and individual users.

Ideation

Using 'Manage Entrance Access' as the core, we assessed how might we iterate the designs to an extent where the impact is minimal.

Revise the Initial Flow stage

The initial access flow has been updated to remove the automatic "grant access to all users" feature. This shift allows for more granular control over permissions by assigning access based on user groups.

Proposed Feature 1: Tagging Users

This feature allows users to tag other users when creating or editing user profiles. Similar to hashtags on Instagram, typing the first few alphanumeric characters will trigger a suggestion list of existing users.

One key question remains: How will we store the user tags? There are various options to consider, depending on the complexity and scale of the tagging functionality.

Also, importing users through CSV files becomes more complex with tags. The CSV format would need to accommodate tag information, potentially leading to data management challenges.

Proposed Feature 2: Group Management

The idea of user tagging lingered, prompting us to explore its viability as a separate feature that would not affect the effort greatly.

Initial flows were thought of and mapped out into three scenarios:

While creating and assigning users to groups is straightforward within this module, adding entrance assignment functionality here would create redundancy with the 'Manage Entrance Access' feature in Entrance Management.

Hence, we first built a streamlined group management module for creating and assigning users to groups. Second, we explored enhancements to the 'Manage Entrance Access' functionality to integrate group-based access control.

Creating Group Management

Leveraging existing components for efficiency, we built the module utilising the data grid and populating it with the necessary user data.

In creating entrances, it is a 2-step flow where the entrance is created first, and then you can start assigning users to it. We replicated this behaviour for creating groups, leveraging the existing pattern.


However, since group creation only requires a name input, we utilised the drawer component to provide a more compact interface suitable for single-step group creation.

Thereafter, users would be directed to 'Manage Group Access' where they can assign other members to the group. 

Enhancing 'Manage Entrance Access'

We revisited the 'Manage Entrance Access' functionality and since we decided not to make drastic changes, we integrated the group management module as a filter. This filter would allow users to view users by their assigned groups and select them for access.


This approach offers the flexibility of assigning access to entire groups or individual users without groups.


To fully integrate this feature, we considered several potential scenarios: adding users to an existing group, removing users from a group, and deleting a group.

We established the following for impact on the relationship between group and entrance access:

These rules ensure that changes to group assignments are reflected accurately in entrance access while minimising disruptions to existing permissions.

Given the potential for simultaneous user additions and removals, the first two instances should be consolidated, and the message should be generalised.

Hence, it is essential to communicate to users that existing assignments will be preserved when a group is deleted.

Usability Testing

A usability test involving three potential users was conducted on the admin dashboard. While the overall test yielded valuable data, this case study will delve into specific findings related to member assignment, user flow evaluation, and product enhancement feedback.

(In Manage Entrance Access) Assign users from group "ABC" to entrance "IMF Building" 

(In Group Management) Create group 'SH-TS' and assign users 

(In Manage Group Access) Add additional user to group 'ABC'

While observing if users would read message in modal:


Feedback

Amendments were made to include:

While displaying entrances within the modal would be optimal, necessary technical adjustments will be addressed in a future phase.

Moving Forward

As the product gets onboarded by more users, I seek to conduct more usability testing sessions with participants to obtain more insights as to improve the product's experience.