Secure Track
Built a secure, scalable tool to help Vodafone UK's vetting team to manage background checks of an applicant's more efficiently.
Team
UX designer
2 Developer
1 Business analyst
1 Product manager
My role
Research and analysis
UI design
Product strategy
Timeline
Dec-Mar 2025 (3 months)
Content
INTRODUCTION
What is a Secure Track?
-
Purpose: Secure Track is used to manage clearance records for employees and contractors involved in sensitive government and enterprise projects at Vodafone.
-
Initial Setup: The team originally relied on SharePoint and Microsoft Forms to collect applicant information.
-
Tool Evolution: A new internal tool was developed to support comprehensive vetting workflows.
-
Key Features:
-
End-to-end vetting process management.
-
Document upload capabilities.
-
Integrated audit trails for tracking actions and changes.
-
GDPR compliance to ensure data protection standards.
-
-
Scale: The system handles thousands of clearance records annually.
Who are the users?
-
Primary Users: Vodafone’s Vetting & Security Compliance Team.
-
Key Responsibilities:
-
Ensure individuals meet security clearance standards.
-
Approvals for restricted or high-sensitivity projects.
-
Maintain compliance with internal security protocols and regulatory requirements.
-
Conduct background checks on employees and contractors.
-
Ok wait..... who is this vetting and compliance team?
Vetting officers or team....
are the people who check backgrounds and make sure only the right individuals get access to the sensitive information or project.
Compliance team...
ensures that all security rules and company policies are being followed properly.
PROBLEM BREAKDOWN
Blocked growth, manual chaos and risked fines
The Secure Track used by Vodafone’s vetting & security compliance team, originally used sharepoint and MS forms was essential for managing staff clearance records. However, as business demands grew, it was difficult to manage with forms, leading to operational slowdowns, workarounds, and increasing compliance risks.
Scalability & performance breakdown
-
Performance Degradation: The system's performance dropped significantly when data volumes exceeded ~5,000 records.
-
Causes:
-
Delays during loading and filtering of clearance records.
-
Occasional system crashes.
-
-
Impact:
-
Reduced user productivity.
-
Hindered timely access to critical clearance information.
-
Compliance & operational risk
Manual & error-prone processes
-
Manual Workload: Over 20 hours per week were spent manually copying data between templates.
-
Error Handling: Errors were difficult to detect and correct, increasing the risk of inaccuracies.
-
System Limitation: The system did not support managing multiple clearance types under a single personnel record.
-
Impact: This led to inefficiencies and increased administrative overhead.
-
No clearly defined user roles or access controls in place.
-
Inability to restrict who could view or edit sensitive clearance information.
-
No test environment available for safe validation of changes.
-
All updates were made directly in the live system, increasing risk.
Impact:
-
Security risks due to unrestricted access to sensitive data.
-
Higher likelihood of accidental changes or data breaches.
-
Lack of accountability and traceability in user actions.
-
Operational instability from untested updates in the live environment.
User flow for current problems
>5000
Manual copy, paste details
Manual email notification
Compliance risks
End
Start
User add clearance details in Sharepoint form
Record count
<=5000
Data saved successfully
Automatic email notification
The user flow above illustrates how the existing SharePoint-based process fails under scale. When the record count exceeds 5,000, the system slows or crashes, forcing users to switch to Excel. This workaround introduces manual copy-pasting into templates, increasing the risk of errors and violating GDPR/UK data regulations. Even when under the threshold, the process remains sluggish and inefficient.
RESEARCH & ANALYSIS
To design a scalable, compliant vetting solution, I needed to go beyond the known technical limitations and uncover hidden pain points undermining day-to-day operations. My research aimed to:
Approach this phase with two primary goals:
Goal 1
"Validate pain points related to scalability, manual data entry, and compliance risks"
🎯
Goal 2
"Uncover hidden frustrations, inefficiencies, and workarounds not captured in the initial project scope"
🎯
Step 1: Walking through the existing process
I began research by connecting with the vetting and compliance teams to understand how clearance requests were handled from start to finish.
They walked us through how they managed:
-
SharePoint forms for data entry and updates
-
Email exchanges with applicants for document collection.
-
Excel files for tracking background checks and final statuses
-
Manual intervention for fixing, re-uploading of data across platforms
Step 2: Mapping the current state
To visualize and analyze their current end-to-end user journey, I created the user journey:
User Journey:
_edited.jpg)
Step 3: Stakeholder interviews & observations
To gather meaningful insights, I conducted:
-
5 semi-structured interviews with 3 vetting officers and 2 compliance leads.
-
2 contextual inquiries to observe workflows in real-time.
Objective
To uncover usability issues, inefficiencies, and compliance risks in the existing vetting tool by understanding real user experiences, mental models, and pain points.
Interview Plan (Participants)
-
Vetting Officers (3) - To understand day-to-day usage, time sinks, and pain points.
-
Compliance Leads (who are also Vetting officers) - To understand legal risks, audit issues, and approval workflows.
Interview Methodology
-
Type: Semi-Structured Interviews
A flexible format that allowed us to ask core questions while exploring user-specific follow-ups. -
Duration: 30–45 minutes per participant
-
Mode: Microsoft Teams (video calls with screen-sharing for tool walkthroughs)
-
Consent: All participants were informed about the research goals and provided verbal consent.
KEY FINDINGS
_edited.jpg)
IDEATION
Defining the problems clearly
I synthesized everything I learned into a few focused Point-of-View (POV) statements, which helped ground my ideation:
“Vetting officers need a reliable, unified system because the current process forces them to juggle multiple tools, which leads to mistakes and wasted time.”
“Compliance managers need traceable activity logs because manual tracking is inconsistent and makes audits risky.”
“The business needs a scalable solution that won’t break when record volume grows without relying on risky Excel workarounds.”
Turning problems into "How Might We"
❓ Manual effort & efficiency
-
HMW reduce repetitive data entry and avoid tool switching?
-
HMW automate tasks without losing flexibility?
❓ Compliance & access control
-
HMW ensure only certain roles can edits while maintaining traceability?
-
HMW build a secure audit trail without extra effort?
❓Scalability & system trust
-
HMW design a system that works with 5,000+ records, without crashing?
-
HMW reduce dependence on Excel backups?
❓Guidance & clarity
-
HMW make we display the status updates clearly?
-
HMW simplify the screen navigation and approvals process?
❓Communication
-
HMW reduce back-and-forth emails while keeping applicants informed?
Brainstorming & generating ideas
Over multiple sessions, our cross-functional team including we designers, developers, and the client’s came together to imagine the tool, where we generated ideas based on our all the research points. Using affinity mapping, we grouped related ideas and identified core solution themes.
%20(3.jpg)
This mapping helped the team:
-
To visually synthesize dozens of raw ideas
-
Align around the most urgent and high-impact opportunities
-
Spark discussion for prioritization and feasibility assessment
From ideas to decisions: Why we chose? What we did?
Information Architecture (IA)
Before jumping into screens, we first needed to understand the structure of our solution. We created an Information Architecture (IA) diagram to align the team on how users would interact with the system and where key features would live. Information Architecture was created:
-
To define clear navigation paths for vetting officers and compliance leads.
-
To ensure core tasks were easy to access and logically grouped.
-
To avoid repeating the same fragmented experience from the previous system.
%201_edited.jpg)
IA improvements
Our new IA fundamentally restructured the fragmented experience:
-
Consolidated functions like data entry, document tracking, communication into task-based hubs
-
Replaced SharePoint’s nested folders with linear, permission-based navigation paths
-
Grouped high-frequency actions (approvals/status updates) under unified workflows. This eliminated the context-switching that caused 20+ hours of weekly manual work.
USABILITY TESTING & ITERATION
Visualizing the solution
-
After completing extensive research, brainstorming, and prioritization, the design phase began.
-
Started with quick paper sketches to rapidly explore layouts and workflows without constraints.
-
Selected the best ideas and translated them into low-fidelity wireframes.
-
Focus remained on refining structure and user flow, prioritising function over visuals.
-
This approach helped bring abstract ideas into tangible form efficiently and iteratively.
.jpg)
Testing on lo-fi wireframe
Once the wireframes were in place, we shared them with stakeholders and internal users to gather quick feedback. These early conversations helped me uncover usability gaps, unclear labels, and missing steps in user flows.
Through 3 structured feedback rounds, we refined the layouts by:
-
Clarifying screen-level actions (like document uploads and approvals).
-
Reorganizing key components to reduce cognitive load.
-
Adding contextual hints to prevent errors in manual tasks.
Low-fidelity to mid-fidelity wireframes
With early feedback shaping the core wireframes, it was time to bring more visual clarity and hierarchy into the design.
"I translated validated lo-fi concepts into mid-fidelity wireframes, incorporating priority features from our matrix like the RBAC permission selector and bulk action bar.
At this stage, I started applying a grid, basic visual hierarchy, and consistent component placement to give stakeholders a stronger sense of how the tool would look and feel in action without yet focusing on branding or final UI polish.
More Testing, more refinement
Once mid-fidelity designs were ready, we ran a second round of structured feedback this time using interactive prototypes to walk users through real tasks like:
🕵️ Vetting officer flow
-
Review incoming requests
-
Create/ update clearances, statues and reports
-
Send/ track the approvals, notifications
Goal: Ensure vetting officers can follow and update requests without missing critical information.
🔐 Admin flow
-
Configure access for different user roles
-
Monitor activity through audit log
-
Manage overall vetting operations
Goal: Ensure applicants can complete the requests independently with minimal confusion.
Testing outcomes addressed in final designs
These tests revealed three key improvement areas to address in final designs:
-
Status visibility: Users still struggled to identify stalled applications
-
Bulk actions: Officers requested multi-select for high-volume updates
-
Audit trails: Compliance team needed exportable change logs
Design Decisions
We went to dashboard style design because as we know by now that In the old system, users had to dig through SharePoint folders and forms, Excel sheets, and email threads just to understand the status of a request. There was no single view to track the vetting pipeline, view performance, or prioritize actions.
The ideas that we explored were,
-
A traditional table-based layout (like SharePoint list view)
-
A Kanban-style flow (grouped by status)
-
Dashboard with metrics, filters, and status widgets
Layout Option
What It Offers
Why We Explored It
Why It Was Not Selected
1. SharePoint-style Table
Familiar tabular layout for managing records
Users were already using SharePoint; minimal learning curve
Was part of the original problem lacked scalability, filtering, and overview capabilities
2. Kanban-style Flow
Visual representation of record status (e.g., cards by stage)
Helps in quick visual scanning and status progression
Doesn’t scale well with 10K+ records, cluttered UI, lacks summary-level insights
3. Dashboard Layout
Unified view: real-time metrics, filters, search, and tables
Solves performance, clarity, and prioritization needs in one interface
✅ Selected – Provided clear data insights, improved decision-making, and enabled scaling
Was part of the original problem lacked scalability, filtering, and overview capabilities
Doesn’t scale well with 10K+ records, cluttered UI, lacks summary-level insights
Note: The above images included are for reference only and were sourced via Google
Provided clear data insights, improved decision-making, and enabled scaling
Final choice was the dashboard layout as,
-
It allows users to quickly filter by fiscal year, status, or role
-
Help officers spot where action was needed without opening individual records
-
Creates confidence and control over large-scale operations (10K+ records)
Problem 1: Scalability & Performance Breakdown
Context: Once the record count crossed 5,000, the SharePoint system would slow down or crash because by default the sharepoint limit is 5000 records which inturn causes delays and crashes during loading or filtering of clearance records.
The ideas that we explored were,
-
Optimize SharePoint lists with indexing
-
Archive old data manually every 6 months
-
Use Dataverse with dynamic filtering & pagination
-
Build a separate dashboard tool like Power BI (external view)
Layout Option
What It Offers
Why We Explored It
Why It Was Not Selected
1. Optimize SharePoint Lists with Indexing
Faster load time for smaller datasets using native SharePoint features
Simple fix within existing platform; no learning curve
Failed to handle over 5,000 records due to SharePoint threshold limitations
2. Archive Old Data Manually (every 6 months)
Reduces volume of live data by offloading outdated records
Reduce strain on system to improve performance
Labor-intensive, not scalable, and didn’t support real-time filtering or access
3. Power BI Dashboard (External Tool)
Advanced data visualization and high performance for large datasets
Known for handling large-scale dashboards with rich visualizations
Users had to switch tools; lacked editing capability; complex integration and license issue
3. Microsoft Dataverse + paginated dashboard
Real-time performance, security, and seamless experience with high data volume
Built for scale, native integration with Power Platform, supports filters & pagination
✅ Selected – Scalable, secure, and provided smooth filtering without changing platforms
Failed to handle over 5,000 records due to SharePoint threshold limitations
Users had to switch tools; lacked editing capability; complex integration and license issue
Note: The above images included are for reference only and were sourced via Google
Scalable, secure, and provided smooth filtering and pagination without changing platforms
Final choice was the Dataverse-backed solution with pagination as,
-
Dataverse support millions of records without performance degradation
-
Gave officers instant access to what they need, without crashing
Problem 2: Manual & Error-Prone Processes
Context: Officers spent 20+ hours/week copying data between templates. Multiple clearance types per person were hard to track, and form mismatches led to lot of error rate.
The ideas that we explored were,
-
Add Templates for Every Clearance Type Manually
-
Pre-filled Excel Sheets
-
Identity-Based Auto-Fill
-
Central Form with Dynamic Sections
-
Linked Clearance Summary Table (per identity)
Layout Option
What It Offers
Why We Explored It
Why It Was Not Selected
1. Add Templates for Every Clearance Type Manually
Standardized forms for different clearance types
Seemed like a structured way to reduce form mismatch
Labor-intensive, unscalable with increasing clearance types, and prone to versioning issues
2. Pre-Filled Excel Sheets
Users receive semi-completed templates to reduce typing
Could save time by preloading common fields and familiarity for clients
Still required manual validation, increased error chances, and lacked integration
3. Identity-Based Auto-Fill
Auto-fills fields like Name, Email, etc. using identity
Reduce repetitive data entry and ensure consistency
Solved only part of the issue — didn’t handle multiple clearances or group them effectively
4. Central Form with Dynamic Sections
One form adapts based on clearance type and user input
Offered a unified interface for different use cases
Became complex to maintain; users found it overwhelming without contextual separation
5. Linked Clearance Summary Table (per identity)
Groups all clearances under one identity and pulls shared fields automatically
Improved tracking and reduced duplication
✅ Selected – Reduced input errors, boosted consistency, and streamlined user experience
Still required manual validation, increased error chances, and lacked integration
Scalable, secure, and provided smooth filtering and pagination without changing platforms
The final choice was identity-based auto-fill with linked clearance summaries was selected because,
-
Eliminated repetitive data entry by auto-filling known identity fields like Name and Email
-
Grouped all related clearance types under one identity, reducing the need to switch between templates
-
Improved data consistency and reduced errors, which drastically cut down officer workload and sped up processing time
Problem 3: Compliance & operational risk
Context: The previous process lacked clearly defined user roles and access controls, making it risky for managing sensitive information. All users worked on the live version, with no test environment and no role-based permissions — leading to accidental edits and security concerns.
The ideas that we explored were,
-
Use SharePoint Permissions
-
Manual Approval Before Updates
-
Power Apps Role-Based Access Control
-
Separate Staging and Production Environments
-
Dataverse Row-Level Security
-
Audit Log for Changes
Layout Option
What It Offers
Why We Explored It
Why It Was Not Selected
1. Use SharePoint Permissions
Control access by SharePoint group roles
Familiar and built-in to Microsoft ecosystem
Not flexible enough for complex role hierarchies; hard to manage for non-admins
2. Manual approval before updates
Reduces volume of live data by offloading outdated records
Reduce strain on system to improve performance
Labor-intensive, not scalable, and didn’t support real-time filtering or access
3. Role-based access control
Define roles (e.g., Requestor, Manager, Admin) to restrict who sees/edits what
Fully integrated with app logic; highly customizable
✅ Selected – flexible and secure
4. Separate staging (test) and production environments
Allows testing without affecting live data
Enables safer deployments and experimentation
✅ Selected – critical to prevent disruptions in production
4. Dataverse row-level security
Restrict data access at individual record level
Precise control over who can see or change specific records
✅ Selected – offered granular protection of sensitive clearance data
5. Audit log for changes
Tracks every edit for traceability
Supports compliance and helps diagnose issues
✅ Selected – Included in final solution part of operational transparency
Not flexible enough for complex role hierarchies; hard to manage for non-admins
offered granular protection of sensitive clearance data
The final choice was the multi-layered compliance solution as,
-
Role-based access within Power Apps
-
Row-level security in Dataverse
-
Separate staging and production environments
-
Action audit log for traceability
FINAL DESIGN
After multiple iterations and rounds of feedback, we arrived at the final, high-fidelity designs clean, functional, and ready for development.
This phase was about more than just visual polish. It was about ensuring every interaction was intuitive, every element served a purpose, and the tool looked as seamless as it felt.
🧩 Key design highlights:
-
High-level, real-time snapshot: The dashboard offers an at-a-glance view of the tracking process, improving visibility and responsiveness.
-
Performance and usability improvements: It addresses bottlenecks from the old system, enhancing speed and user experience.
-
Key metrics displayed: Shows clearance statistics, record counts, and status summaries.
-
Filter by fiscal year: Users can refine data views without loading full datasets.
-
Searchable and sortable gallery: Enables quick scanning of clearance records, reducing manual navigation.
-
Error reduction: Minimises manual errors through streamlined access and interaction.
-
Designed for clarity and efficiency: Prioritises user-friendly design to support faster, more informed decision-making.
-
Supports productivity: Helps users act on critical information quickly, avoiding delays caused by system limitations.
To solve scalability and performance issues, we migrated the data storage to Microsoft Dataverse, which can support millions of records without performance degradation. This ensures smooth filtering, sorting, and browsing even with high volumes of clearance data eliminating system crashes experienced in the previous tool.
Identity Records with FY-Based Filtering
-
The Identity Records section provides a centralised view of the total number of clearance records.
-
A built-in fiscal year filter allows users to toggle between 2024–25 and 2025–26 records.
-
Enables cross-year tracking and historical reference without navigating away from the screen.
-
Enhances usability by keeping all relevant data accessible in one place.
Identity Record Status Date Filtering
-
Provides a quick breakdown of identity records by status.
-
Displays real-time record counts for each status category.
-
Includes a date filter to narrow down records by specific timeframes.
-
Enables users to track status trends over time.
-
Helps focus on relevant records without digging through large datasets.
Clearance Details Table
-
Provides immediate visibility into active clearance records without needing to drill down.
-
Includes a search bar for quick filtering of records.
-
Each column supports sorting.
-
Makes it easy to organise data based on user priorities and streamline access.
Identity Records Dashboard
This Dashboard offers an interactive overview of identity records with real-time status counts. Users can filter records in the table by status with a simple click for quick access to relevant data. Pagination controls allow smooth navigation through large datasets with customizable rows per page. An export feature enables generating reports and visuals, addressing scalability and performance issues by improving data handling and access speed.
Status Summary with Filter
Export Data
-
Shows counts for each identity record status
-
Clicking a status filters the table to display only records matching that status
-
Supports quick and targeted data exploration
-
Provides visual summaries of identity records
-
Includes filtering capabilities for customized views
-
Supports thorough data analysis and informed decision-making
Pagination Controls
-
Pagination is included for streamlined data presentation
-
Displays total number of records to provide clear dataset overview
-
Allows configuration of rows per page to suit user preferences
-
Facilitates efficient navigation through extensive data collections
Identity Record Form
This screen includes a top banner displaying key user details at a glance, to quickly understand record context without scrolling. When basic information like name and email is entered, related fields automatically populate using existing data. This reduces manual input and minimizes errors. These features streamline workflows and address the manual effort and error-prone processes in the legacy system.
Quick Glance Banner
-
A top banner is displayed on the screen
-
The banner summarizes key identity details
-
Enables the vetting officer to review essential information quickly
-
Eliminates the need to scroll through the entire form
Auto-Fill Based on User Details
-
When user details such as name and email are entered, related fields like Date of Birth, location, employee ID, and other essential information are automatically populated
-
Auto-fill functionality draws from existing records to ensure data accuracy and efficiency
Clearance Summary Table
The clearance summary table displays all clearance records linked to a selected identity record, eliminating the need to manually track them across templates. Users can filter by column, making it easy to find specific clearance types. Pagination and total record count ensure smooth handling of large record count. This improves usability and addresses both manual effort and performance limitations of the legacy system.
Clearance Summary table
-
A dedicated table listing appears when the “Clearance Summary” button is clicked
-
The table displays all clearance records associated with the selected identity record
Clearance Form Screen
The Clearance Form screen ensures clearances can only be created when a valid identity record exists, maintaining data integrity. A horizontal tab menu provides access to related sections like Identity Details, Risk Alerts, and Payment Logs. Tables or forms that are present in these tabs and only visible when clearance is created. This solves issues related to manual errors and inconsistent data entry seen in the legacy system.
Tabs with Controlled Access
-
The screen contains a horizontal tab menu accompanied by additional buttons
-
The Identity Details tab shows linked identity information
-
-
All other tabs stay disabled until a clearance is successfully created
Conditional Access to Clearance Form
-
The Clearance Form and its navigation tab are displayed only when a valid identity record is present
-
Prevents users from creating clearance records independently
-
Ensures a structured and logical data flow throughout the system
Audit Logs
The Audit Logs screen provides a transparent view of every action taken across the system, capturing who made the change, their role, and the exact timestamp. It ensures accountability by maintaining a detailed activity trail for all forms and dashboards. This helps mitigate compliance risks and supports smoother audits by replacing guesswork with clarity.
Audit Summary table
-
Tracks every change made across all forms and dashboards
-
Identifies who made the change
-
Records the role of the person making the change
-
Captures the exact timestamp of the change
Design Impact Summary
Problems
Design Solution
Result
Performance slowed with 5,000+ records
Frequent manual errors during data entry
Users struggled to locate key info quickly
No audit trail to track changes
High manual effort to match identity & clearance
Disorganized flow led to incomplete records
No clear tracking of status over time
Users had to rely on exports for filtering
Migrated to Microsoft Dataverse, optimized filtering & sorting
Enabled auto-fill fields based on user input
Introduced Overview Dashboard with real-time stats & FY filters
Added Audit Logs with user roles & timestamps
Built linked Clearance Summary Table to Identity Records
Enforced conditional access & structured forms
Designed status dashboards & date filters
Added search, filter, and pagination within app
Seamless performance with 10,000+ records
Reduced input errors, improved accuracy
80% faster access to records
Improved compliance, easier audits
Saved 20+ hours per week in manual tracking
Ensured data integrity, reduced missing info
Easier trend analysis & prioritization
Real-time filtering without Excel exports
IMPACT
Supports 10,000+ Records Smoothly
Migrating to Dataverse and redesigning data logic drastically improved system scalability ensuring fast performance even with large datasets.
80% Faster Access to Records
Optimized dashboards and split logic between Identity and Clearance records reduced load times, enabling quick filtering and search.
20+ Weekly Hours Saved
Manual copying and status tracking were replaced with automated filters, export tools, and smart UI saving time and reducing errors.
REFLECTION
What Did I Learn?
-
User roles matter deeply: Designing for three different roles (Requestor, Vetting Officer, Admin) required empathy and close collaboration with each group. Their mental models and goals were very different.
-
Iteration is essential: The first version of our wireframes missed several real-world scenarios. Feedback rounds helped surface blind spots we didn’t catch in early assumptions.
-
Simple is powerful: What felt like small UX decisions (like auto-filling relevant form fields) made a big difference in usability.
What Can Be Improved?
While the new tool significantly improved efficiency and usability, there’s still room to grow especially with emerging technologies.
AI Integration
-
AI-driven document screening: Automatically fill the missing data or inconsistent information in uploaded files to reduce manual review time.
-
Smart predictions: Based on past requests, AI could suggest their past information likely outcomes (e.g., “Requires More Info” or “Likely Approved”) to help vetting officers prioritize.
-
Intelligent task reminders: AI could trigger nudges for pending approvals, delayed requests, or missing uploads reducing bottlenecks.
Advanced Visual Dashboards
As per the current business scope, reporting features are not part of the initial release and will be developed in the second phase of the project. There’s a significant opportunity to evolve this into a powerful decision-making hub enabling advanced reports with multi-level filtering, export options, and custom views for applicants.
THE END