UX Research Internship — Cisco Meraki
RBAC Enhanced Granularity
Improving role-based access control by balancing security needs with real-world usability for small and mid-sized organizations.
Role
UX Research Intern
Focus
Security, Trust, Access Control
Methods
Interviews, Workflow Analysis, Synthesis
Timeline
Summer 2025
Role-based access control (RBAC) helps organizations ensure the right people have the right level of access. In practice, however, access controls often fall at extremes: permissions are either too restrictive, slowing work, or too broad, increasing security risk.
As organizations grow and responsibilities become more distributed, administrators need more nuanced ways to manage access without adding unnecessary complexity.
The goal of this research was to identify which access control permissions are most critical to expose beyond existing role definitions, and how these permissions should be structured to support both security and usability.
I conducted generative UX research focused on small and mid-sized business administrators. My work included subject-matter expert interviews, customer research sessions, and workflow walkthroughs to understand how administrators manage access, assess risk, and make permission-related decisions. Sessions also included feedback on early concepts exploring different approaches to permission grouping.
Generative Research
SME Interviews
Thematic Analysis
User Sessions
Workflow Analysis
Design Sprint
Collaborative Partners
Data Science
Quantitative Insights
Engineering
Technical Feasibility
Product
Strategic Alignment
Design
UI/UX Patterns
I synthesized findings by mapping user needs and concerns across key admin workflows and product areas. Insights from SMB customers were analyzed alongside broader organizational patterns to surface risks, mental models, and opportunities for improved access control design.
1
Administrators across segments need more granular control than high-level roles alone can provide.
2
Over-permissioned dashboards introduce meaningful security risks that are often not immediately visible.
3
Research with smaller organizations helped clarify core access control pain points that scale to larger teams.
Prioritize granular control over high-risk features
Establish an entry point for enhanced access management by focusing on features that carry the highest security implications for SMBs.
Support flexibility in permission groupings
Ensure the system reflects real organizational roles and workflows by allowing administrators to bundle permissions in ways that match their unique operational needs.
Informed product direction for enhanced RBAC capabilities
Helped align design, product, and engineering teams around key user needs
Contributed to a focused UX research sprint exploring access control improvements
This project reinforced the importance of grounding security decisions in real user workflows and demonstrated how thoughtful research can translate complex systems into actionable product direction.
Note: Details and artifacts have been generalized to respect confidentiality.
Context
Research Goal
My Role & Methods
Synthesis Approach
Key Insights
Recommendations
Impact
Reflection
© 2026 Grace Myers