Cyral Data Access Portal
Streamlining and securing database access for enterprise security
Project Overview
Duration
3 months
Team
Lead Designer (me), Head of Engineering, Chief Software Architect, 2 Front-end Developers, Product Manager
Platform
Web Application
Traditional database connection workflows often fall short due to their reliance on passwords, which pose significant security risks and management challenges. As the first design hire at Cyral, I was tasked with solving a critical problem: how do we create a password-less database access solution that maintains enterprise security while dramatically improving user experience? Business Context: Database security breaches cost organizations an average of $4.35M per incident. Our enterprise customers (Informatica, Verisk, Vanguard) were struggling with password management across hundreds of databases, creating both security vulnerabilities and operational friction. My Role: I led the entire design process, from user research to final implementation, working as the primary design voice on a cross-functional team.
The Challenge
The project presented several key challenges:
- •Security Vulnerabilities: Organizations struggled with password-based database access, leading to security incidents and compliance challenges in enterprise environments.
- •User Friction: Users had to manage multiple passwords and complex connection strings, with 65% reporting that existing database access methods were cumbersome and time-consuming.
Research & Discovery
Through comprehensive research and user testing, I uncovered key insights:
User Research Approach
I conducted 15+ customer interviews across enterprise and SMB segments, partnering with our sales and support teams to understand real-world pain points. I also analyzed support tickets to identify the most common failure points in existing workflows.
Cross-functional Collaboration
Rather than working in isolation, I embedded myself with engineering from day one. I facilitated weekly design-engineering sync meetings and created shared Figma files where engineers could inspect designs and leave feedback. This collaborative approach helped us identify technical constraints early and find creative solutions together.
Design Standards
I established design guidelines specifically for this project, creating reusable components for data tables, connection forms, and security indicators that could scale across Cyral's product suite.
Stakeholder Management
I presented design decisions to executives using business metrics and security compliance requirements, translating user needs into language that resonated with C-level stakeholders focused on ROI and risk mitigation.
The Solution
Centralized Access Management
A unified interface for managing database connections that simplifies how users search for repositories, manage access tokens, and request access. The portal provides paginated database listings with enhanced search and filter capabilities, as research showed organizations manage databases numbering from the dozens to hundreds. Design Decision: I chose a card-based layout over traditional tables after observing users needed to quickly scan database types, access levels, and security restrictions simultaneously.
Password-less Authentication
Implemented token-based authentication that eliminates the need for passwords, enhancing security and simplifying the connection process. Users primarily utilize connection strings containing necessary values for database connection, with legacy password support maintained for specific scenarios. Technical Collaboration: Working closely with our Chief Software Architect, I designed the authentication flow to integrate seamlessly with existing identity providers while maintaining a simple user experience.
Enhanced Security Integration
The portal displays security restrictions (e.g., access only when on-call) and integrates with SSO and MFA systems. Users can authenticate using identity providers when necessary, ensuring compliance with enterprise security policies. Innovation: I developed an unexpected solution for security policy visualization—using color-coded indicators and progressive disclosure to show complex access rules without overwhelming the interface.
Results & Impact
Business Impact & Long-term Vision
The Data Access Portal became Cyral's most adopted feature, with later expansion to S3 buckets becoming one of our most popular offerings. This work directly contributed to Cyral's ability to close larger enterprise deals. This project established the foundation for Cyral's unified data access strategy, with the design patterns I created being adopted across multiple product areas.
Overcoming Challenges
- •Technical Constraints: Initially, engineering wanted to build separate interfaces for different database types. I advocated for a unified experience and created prototypes demonstrating how consistent patterns could accommodate various database configurations, ultimately reducing development time by 40%.
- •Stakeholder Alignment: When executives pushed for faster delivery, I facilitated alignment sessions showing how rushing would compromise security—a non-negotiable for our customers. I presented user research data and competitive analysis to build consensus around the 3-month timeline.
- •User Adoption: To ensure smooth adoption, I designed progressive onboarding flows and worked with customer success to create migration guides, resulting in 92% user satisfaction during rollout.
Key Takeaways
- •Leadership in Cross-functional Teams: Leading design decisions while building consensus across engineering, product, and executive stakeholders taught me how to balance user needs with technical feasibility and business constraints.
- •Domain Expertise Development: Deep-diving into enterprise security helped me become a better design partner to engineering teams working on complex technical products.
- •Scalable Design Thinking: Creating a solution that worked for both 10-database startups and 500-database enterprises required designing flexible, scalable patterns that could grow with customer needs.