Designing AI-powered tools that support employees and managers streamline secure data access and compliance in large enterprises

For my HCDE capstone, I led a team of two in collaboration with Microsoft Customer Experience on a blue sky project exploring how to engage users in better security practices. We scoped the challenge to focus on streamlining workplace data access, designing AI-powered solutions that reduce friction for employees and help managers maintain compliance.

As tech companies continue to scale, the complexity of managing employee access to tools, software, and sensitive data grows exponentially. Whether during onboarding, team transitions, or offboarding, inefficient data access and permissions workflows create friction for employees and managers which can cause lack of productivity, miscommunication, and potentially introduction of security vulnerabilities.

To tackle the complexity of enterprise data access, we designed Nexus, an AI-powered solution with two core experiences.

For employees, we streamlined the access request process with Copilot-driven suggestions that reduce friction, increase speed, and improve clarity.

For managers, we crafted a Copilot-powered dashboard that surfaces compliance risks and streamlines ongoing audits.

By addressing both perspectives, Nexus makes secure access more streamlined, proactive, and easy to manage.

After exploring directions like phishing awareness and data collection via browser history, we narrowed our focus to workplace data access since it impacts a broad range of users and offered clear opportunities for meaningful design. We also considered time constraints and participant availability, ultimately choosing a scope that was both impactful and feasible to design and prototype for.

To guide early exploration, we analyzed online forums and articles such as Reddit, using open thematic coding to uncover common frustrations around software and data access. This helped us surface recurring themes and define six key user profiles, including new hires, managers, and IT admins. These insights shaped our initial understanding before we conducted interviews.

For our interviews, we chose to focus on new hires and managers. New hires often face challenges during onboarding as they work to gain access to the tools and resources needed to begin their roles. Managers were selected because they are responsible for overseeing team access and ensuring security compliance. To balance depth with feasibility, we conducted six one-hour sessions, combining semi-structured interviews and card sorting in a single session.

To better understand the needs, goals, and success metrics of those involved, we developed personas representing new hires and managers navigating the data access and auditing process. These helped ground our design decisions in real user contexts.

We mapped journeys for new hires and managers to identify key actions and pain points across onboarding and offboarding as well uncover opportunities to improve access management.

➺ New Hires need clearer, more guided onboarding flows and process to request for access
Confusion around the access request process led to delays and reliance on coworkers during onboarding. To address this, we focused on simplifying the request experience with contextual guidance that helps new hires navigate the process independently and reduces setup friction.
‍
➺ Managers Require Tools to Simplify and Automate Access Audits
Manual onboarding and audits are time-consuming and prone to error. We focusesd on designing manager-facing dashboard powered by AI suggestions to streamline decision making, surface access risks, and reduce the time spent managing permissions.
‍
➺ Lack of Visibility Slows Teams and Increases Compliance Risk
Without a centralized view of statuses, both new hires and managers experienced delays and confusion. We focused on crafting tailored dashboards for each role, enabling new hires to track their tool and file access in real time, and helping managers take proactive actions through prioritized insights.

After sharing our research findings with Microsoft stakeholders, we hosted a collaborative ideation workshop to generate solutions that addressed user needs while supporting business goals. Through structured activities like “How Might We” framing, voting, and brainstorming, we identified top opportunities around onboarding, automation, and AI-supported access. The most promising ideas centered on improving onboarding through features like automated provisioning, AI-powered directories, and mentorship systems.

To further understand the current experience, we created flow maps for both new hires and managers, outlining the visible steps they take along with the supporting back-end processes. This helped us surface key pain points such as access delays, audit bottlenecks, and unclear responsibilities. We also identified potential ingress and egress points where users enter or exit the system. These insights revealed opportunities for AI-driven support and helped us scope a focused scenario for storyboarding and prototyping.

Storyboarding helped us translate our user flow maps into a tangible, narrative-driven scenario. This visual artifact kept our team aligned, ensuring our design decisions remained focused on real user needs and context throughout the prototyping process.

To make the most of our limited timeline, we conducted six usability tests with three new hires and three managers using the RITE and Krug approach. Designers observed each session live, and made improvements between tests. This approach helped us continuously refine our prototype based on direct user feedback.

➺ Conduct additional user testing on revised designs. After making final design updates based on usability feedback, further testing is needed to validate changes. Expanding the participant pool beyond six users will also help ensure broader usability and uncover any remaining friction points before moving into development.

➺ Explore more thoughtful and intentional AI integration. Throughout the project, we considered how AI could support users without overwhelming them. Future exploration could focus on identifying additional touchpoints where AI can enhance decision making, reduce cognitive load, and feel contextually helpful rather than intrusive.

➺ Enhance accessibility considerations in future design iterations. While we used Microsoft’s Fluent Design system for its accessible foundation, future work could include deeper integration of accessibility features. This includes support for screen readers, keyboard-only navigation, and text-to-speech, as well as involving users with disabilities and accessibility specialists in testing and feedback.

➺ Managing complexity across two distinct personas. Designing for both new hires and managers introduced unexpected complexity to our project. Each group had unique goals, responsibilities, and pain points, which led us to develop two separate but interconnected solutions. This added significant scope and required constant prioritization to ensure our work remained focused, feasible, and meaningful within the time constraints of our capstone.

➺ Growing through team leadership and collaboration. As the team lead, I coordinated communication, facilitated decision making, and kept our work aligned with feedback from both sponsors and instructors. This role helped me learn how to support a team under tight timelines, adapt to shifting priorities, and lead with empathy while ensuring we delivered high quality, thoughtful, and user-centered solutions.