Department for Transport – User Research
Business challenge
Fact finding research to provide the DFT with an overview of security practices and procedures within DFT Central, focusing on:
- Documenting sign-on and security routines – What Identity verification procedures do internal DFT Central users go through to access devices, systems and platforms?
- What is the result of the procedure (what platform or application are they trying to access)?
- What devices are the IV procedures related to?
- What hardware/software do they use to verify access platforms and systems (VPN software, device-based verification etc)
- Where are users accessing services from (home, on-site)?
- What are the pain points inherent in these procedures?
- Can the users pinpoint any flaws in security procedures?
- How do users manage their IV information? (password management tools etc.)
- How often is user-level IV information refreshed/reset?
- What are the IV recovery procedures and how secure do the users find them to be?
- Overall, how secure do users feel (personal information) and feel their data is?
- How could security procedures be improved (based on previous experience in other organisations, knowledge of best practice or new IV techniques)
Solution
We needed to conduct rapid one-to-one user research sessions across DFT employees (plus contractors, partners, arm’s length bodies and suppliers) to build a comprehensive picture of security identification practices within DFT and associated agencies.
Results
A report documenting the identity verification landscape within the Department for transport which would then lead into a series of recommendations and help create a roadmap to inform changes to internal procedures to ensure data protection and security best practice,


Successful remote working during COVID-19
Ready to start your next project?