JUNO - DViz IT Security Power BI Dashboard Design Concepts Challenge 3

Welcome to the "Juno - DViz -IT Security Ops Power BI Dashboard Design Concepts Challenge 3".

In this challenge, we are looking to create dashboard visualizations for IT Security.
Read the challenge specification carefully and watch the forums for any questions or feedback concerning this challenge. Let us know if you have any questions in the challenge forum!

This is the 3rd challenge in the JUNO DViz series.

Round 1

Submit your initial designs for a checkpoint feedback

• As part of your checkpoint submission, you must upload your submission to MarvelApp so we can provide direct feedback on your designs. Please include the MarvelApp URL in your notes.txt
• Make sure all pages have the correct flow. Use the proper file numbers, (1, 2, 3, etc.)

Round 2

Submit your final designs with all checkpoint feedback implemented.

• As part of your Final submission, you must replace your checkpoint submission with the final submission into MarvelApp so we can provide direct feedback on your designs. Please include the MarvelApp URL in your notes.txt
• Make sure all pages have the correct flow. Use the proper file numbers, (1, 2, 3, etc.)
• If you're not submitting in the Checkpoint/Round 1, you are not eligible to submit in the Final/Round 2

CHALLENGE OVERVIEW:
Our client is a large global insurance company focused on these core business segments: Global Life and General Insurance. 

Users of this IT Application Operations will be used by the COO and their main intention is to get a quick look at the dashboard and get an outlook of the overall application operations across different countries in Europe (Belgium, Netherlands, France, Finland, Sweden, Norway, South Africa, and Russia).

AUDIENCE:
Chief Operating Officers (COO)

DESIGN GOALS & PRINCIPLES
Below are some of the goals:

• These datasets require a design that can display a lot of table data, in lots of rows.  While this is true, try not to have too much information on your screen, you can make them compelling by making the visualization interactive and enable users to walk through or drill into the different insights.
• Elegant, clean, simple, user-centered look and feel with modern aesthetics
• Use color, visual comparison, and drill-down charts to highlight comparison.
• The overall design and user experience
• Engaging and easy-to-use/interact UI
• How well does your design align with the objectives of the challenge?

EXPLORATION SCORE
In terms of expectations, we would like to measure the concept against the following in the one to ten scales (ask the client to rate each of the parameters):

Creativity: 10
1: barely new ideas
10: a utopic product but with features that can be fully implemented

Aesthetics: 8
1: low-fidelity design, wireframe or plain sketch
10: top-notch finished looking visual design

Exploration: 8
1: strictly follow an existing reference or production guideline
10: open to alternative workflows/features not listed here that would help the overall application

Branding: 8
1: don’t care at all about the branding just functionality
10: without a properly branded product there is no success

BRANDING GUIDELINES
Please use the branding that has been provided in the forums

POWER BI REQUIREMENTS

• All principles of good UX design e.g. minimize user clicks, make the experience more intuitive, minimal time to reach desired selection criteria, store user selections for multiple reports and performance, good color and font themes, etc, these are all critical success factors for this challenge.
• Needs to follow Power BI Design Best Practices and also take a look at the Design Tips
• Please do some research on the Power BI software and get familiar with its purpose, limitations, and what's possible.
• You can reference this video about Power BI.

REFERENCE
Example dashboards design reference for your considerations:
- https://powerbi.microsoft.com/en-us/
- https://community.powerbi.com/t5/Data-Stories-Gallery/bd-p/DataStoriesGallery
- https://docs.microsoft.com/en-us/power-bi/service-dashboard-create
- https://id.pinterest.com/steffuhnee/power-bi-dashboards/?lp=true

TARGET DEVICE
Desktop: 1366px width and height 768px

REQUIRED FEATURES:

• Intuitive experience for end customers
• Developer friendly and easy to build designs
• Easy to translate to Microsoft Power BI reports.
• Allow a different variety of charts and data visualization. Think about filtering, sorting, and exporting the data.
• User will be accessing this dashboard on a Monthly, Quarterly (once in a week) basis

SCREEN REQUIREMENTS
For this challenge, we are looking for the below screens to be created in your submission. The functionality details listed below need to be included in your solution:
Please don’t show any maps in your designs as COO for that specific country will view data only specific to that country. Below is the list of countries for which we will be using the dashboard.

• BENE: Belgium & Netherlands
• NORDIC > drill-down to a single country in Nordic: Denmark, Norway, Sweden, Finland, and Iceland, as well as the Faroe Islands
• France
• Russia
• Netherlands

01 IT SECURITY:

Servers
All server related KPI's will be shown in one section

Security Posture - Server Patching
Reference: Please see Page 5 in Sample data.pdf

• These are missing patches that reflect vulnerabilities and therefore risks on our systems & if exploited these could lead to a security incident/compromise.
• So, basically, we measure how many server patches are outstanding on the servers that are paid for by commercial insurance.
  • Need visualization that shows the number of vulnerabilities by business units/function (Active, Exception, and Total)
  • Need visualization that shows the number of vulnerabilities by Application (Active, Exception, and Total)
  • Need visualization that shows the number of vulnerabilities by Severity (severity is indicated in number 3, 4, 5, TORRP (this is the highest level of  severity)/ these can be shown as color codes
  • Need visualization that shows the number of vulnerabilities & Exceptions by monthly cycle.

Security Posture - Server Configuration (incl password settings)
Currently, we have the below data as a table, in this challenge we are expecting to see a Visualization:

• High level: It will have any of these options “Access Control, Compliance and Retention, Service Management”
• Theme: It will have any of these options “Access Control Arrangements, Controls for service accounts, etc”
• Total number of servers
• Total Qualys Controls
• Controls Passed (0 to 100% - can be color-coded to red or green based on the percentage), and
• Controls Failed (0 to 100% - can be color-coded to red or green based on the percentage)

Security Posture - Server Security Tools
Reference: Please see Page 6 in Sample data.pdf
Without these tools in place and the standards met systems are more vulnerable to compromise and issues cannot be as quickly identified and addressed

• Need Visualization that shows the number of servers in different countries grouped by business units, and shows the status (0 to 100%) across various security tools.

Workstations
All workstation related KPI's will be shown in one section

Security Posture - Workstation Patching

• Missing patches reflect vulnerabilities and therefore risks on our systems - if exploited these could lead to a security incident/compromise. Can inform risk awareness and aid prioritization of actions to address.
• Show the visualization for the below column (use some sample data for your visualization)
  • Region
  • Business Unit
  • Total Assets
  • Total Scanned
  • Total Severity 4 & 5 Vulnerability
  • TORRP Total Vulns

Security Posture - Workstation Configuration (e.g. encryption)

• This is the same as “Security Posture - Server Configuration” mentioned above instead of servers it will be with respect to workstations

Security Posture - Workstation Security Tools

• This is the same as “Security Posture - Server Security Tools” mentioned above instead of servers it will be with respect to workstations.
• Need Visualization that shows the number of servers in different countries grouped by business units, and shows the status (0 to 100%) across various security tools.

Security Posture - Application Security (Veracode)
Sample Data: Please see AppCheck - DynamicMP List).xlsx

• Highlights were externally facing websites or applications may be vulnerable to attack. Can inform risk awareness and aid prioritization of actions to address.
• Veracode is a 3rd party platform that records the results of automated application security tests
• This may include too much detailed information, so the below headings would be enough to include in the dashboard:
  • Applications (Property)
  • Region
  • Country
  • Incapsula Status: This shows the status of whether the application has been onboarded to the application security technology "Incapsula”
  • Scan data
  • Results from scan - red (high)/amber (medium)/green (low) status
  • Compliance with the policy applied - Yes/No

Security Posture - end of Life software
Reference: Please see Page 5 in Sample data.pdf

• Software out of support typically cannot be updated leaving it vulnerable to compromise - additionally, older software often becomes incompatible with newer systems and can prevent other applications, systems or hardware from being updated. Can inform decisions on the need for investment in upgrades, etc.
  • Need a visualization that shows the number of servers running on that software which is outdated, and this needs to be shown for the business unit.

Phishing

• Need to show the EMEA Click rate vs the susceptibility rate/need to show the trend over time
• All the below need to be shown as % for the current financial year
  • Show the susceptibility rating
  • Show global click rate
  • Show EMEA click rate
  • Show CI (commercial insurance) Click rate
• CI click rate
  • Show the CI click rate for various countries by a group of months
  • These click rate will be shown as a percentage
• CI Stand-Alone Countries
  • Show the number of recipients, Clicked Link (%), Clicked & reported (%), Reported only (%) and other (%) by countries (Belgium, Denmark, Finland, France, Netherlands, Norway, Russia & Sweden)

Exceptions
Reference: Please see Page 1 & 2 in Sample data.pdf

• This highlights the gaps that have been risk accepted including rationale and timeframe. Help with the assessment of overall risk exposure.
• Show the number of exceptions by these countries (Belgium, Denmark, Finland, France, Netherlands, Norway, Russia & Sweden)
  • Exceptions need to be shown by Security Toolkit (SEP, PAR, TANIUM)
  • Exceptions need to be shown by Vulnerability Management (Config, Patch, and Scan)
  • Show the total numbers from the above.

IMPORTANT

• Keep things consistent. This means all graphics styles should work together
• All of the graphics should have a similar feel and general aesthetic appearance

MARVEL PROTOTYPE

• We need you to upload your screens to Marvel App
• Please request for marvel app in the challenge forum
• You MUST include your Marvel app URL (in your marvel app prototype, click on share and then copy the link & share it with your notes/comment on this link while you upload)

SUBMISSION AND SOURCE FILES
Submission File

• Submit all JPG/PNG image files based on Challenge submission requirements stated above

Source File

• All source files of all graphics created in either Adobe XD or Sketch or Figma and saved as an editable layer

Declaration File 
Declaration files document contains the following information:

• Stock Photos Name and Source Links from an allowed sources
• Stock Art/Icons Name and Source Links from an allowed sources
• Fonts Name and Source Links source from an allowed source
• MarvelApp share link for review

FINAL FIXES
As part of the final fixes phase, you may be asked to modify content or user click paths