Portfolio/DreamShield

Case Study

Designing DreamShield Security at DreamHost

Turning invisible protection into a trusted, visible product experience — reducing uncertainty, improving self-serve, and supporting retention.

Security UXSaaS PlatformProduct DesignUX StrategyDashboard DesignRetention

Project Overview

Project

DreamShield Security Add-on (DreamHost)

Type

Security Product Experience + Retention Strategy

Role

Senior UX Designer / Strategist

Timeline

3 Releases / Multi-phase

Scope

End-to-end security experience: email notifications → in-panel dashboard → per-site remediation → global visibility in Websites grid

Deliverables

Research synthesis · Competitive analysis · UX strategy · System design · Wireframes · High-fidelity UI · UX writing

Post-launch impact

3 Releases

Multi-phase evolution

Shipped incrementally — reliability, then visibility, then differentiation.

1 / day

No notification fatigue

Alert cap per domain — daily scans with no notification fatigue.

In-panel

Security moved in-product

Security moved from email-only into a persistent dashboard.

Retention

Clean states reframed

Clean states reframed — silence turned into renewal-value proof.

Overview

DreamShield protected thousands of websites through automated malware scanning and security monitoring — but users rarely saw evidence of that protection. The product relied primarily on email notifications, while the in-product experience was a simple status page with little context or guidance. As a result, customers struggled to understand the value they were paying for.                                                               

My goal was to redesign the dashboard so users could understand their website's security health, take action when needed, and continuously see the value DreamShield was providing.

Insights & Problems

Four problems were driving customer churn

Through my research, I identified several core UX and business problems behind customer churn — each one chipping away at trust and renewals.

The Old Experience

Before — Everything's looking good clean state with no scan history
Clean state gave no visibility into ongoing protection. Users only saw "Everything's looking good" without scan history or evidence of active protection.
Before — scan results showing raw technical information without context
Technical alerts lacked context and guidance. Scan results exposed raw technical information without explaining what happened or what to do next.
01

Invisible Protection = Churn

When the product worked perfectly and blocked threats, clean states created silence rather than confidence. Because customers couldn't see ongoing protection, they questioned the product's value at renewal time

IMPACT — Doubt at renewal time
02

The Notification Spam Loop

Upgrading to daily scanning introduced a massive UX risk: under the old logic, a customer with multiple hacked sites could receive multiple warning emails every day until the issue was resolved — training customers to ignore alerts.

/day

A customer with 5 hacked sites got 5 separate emails every single day until resolved.

IMPACT — Alert fatigue, ignored emails
03

Email-Only Experience

Security lived entirely in email alerts rather than inside the product itself, making the experience fragile and disconnected from the hosting panel.

Inbox
Panel (empty)
IMPACT — Fragile, off-platform
04

Technical Jargon Overload

Alerts used terminology like No WAF on http or No HTTPS with no plain-language explanations or clear next steps, leaving non-technical users overwhelmed.

No WAF on httpNo HTTPS
IMPACT — Overwhelm & inaction

The Cost

Together, these eroded trust and drove customers to churn at renewal.

Customer churn
Research

Users didn't need more security — they needed to see it

To understand how customers experienced website security, I synthesized four sources to map where confidence and clarity were breaking down.

Previous DreamShield research

Customer support documentation

Internal product planning

Competitor dashboards — GoDaddy, HostGator

"Users didn't need more security features — they needed better visibility into the protection they already had."

Process

A security experience that didn't exist yet

DreamShield had strong backend infrastructure but a weak user experience. Because the product was practically invisible when it worked, this wasn't a redesign — it was the creation of a visible, actionable product experience that previously did not exist.

My Focus · Release 2

The strategic shift from a minimal static page to a dedicated in-panel dashboard — making security visible, contextual, and actionable for the first time.

Static page
In-panel dashboard

A Phased Strategy, Not a Big Redesign

Release 1

Smart Suppression Logic

Daily scanning without fatigue — alerts fire only for new issues and cap at 1 email per day, per domain.

Release 1.1

Weekly Digest Strategy

One weekly digest per account covering issues, scan history, and proactive context — solving "clean = silence."

My Focus

Release 2

Product-First Shift

Led the move from email-only to a dedicated in-panel DreamShield dashboard.

Release 3

Status-Based Mental Model

A clear green / yellow / red system (Secure, Warning, Critical) replacing ambiguous messaging.

The New Experience

DreamShield secure state dashboardDreamShield attention needed dashboard

Four Design Moves

01

Establishing a Clear Mental Model

Users had no way to read their security status at a glance. We built a green / yellow / red system — replacing ambiguous messaging with a scannable, universally understood model that cut cognitive load.

● Secure● Warning● Critical
02

Making Protection Visible

When DreamShield worked, users saw nothing. We surfaced continuous evidence of protection — so a clean state felt like a result, not an absence.

Last scan2h ago · clean
Active monitoringOn
Service healthOperational
03

Turning Alerts into Guidance

Technical error messages gave users no path forward. Every alert now follows one consistent pattern, removing friction the moment users need clarity most.

WHAT HAPPENEDOutdated software detected
WHY IT MATTERSOpens a known exploit path
HOW TO FIXUpdate now →
04

Extending Security Across the Panel

We integrated DreamShield status directly into Manage Websites, so users could see the health of every site at a glance — without opening each one.

portfolio.comSecure
shop.mybrand.comWarning
blog.mybrand.comSecure
Wireframes & UI Breakdown

Designing for clarity at every level

Persistent Global Visibility

DreamShield status integrated into the top-level Manage Websites grid, so security became a signal across every domain.

Per-Site Security Hub

Individual site views show scan history, WP / PHP versions, and outdated plugins — with one-click upgrade CTAs.

Surfacing Hidden Infrastructure

Surfaced previously hidden tools — IP range blocking and searchable country blocking — into user-controllable UI.

Remediation-Forward Copy

Rewrote alerts to lead with guidance instead of fear — plain language, why it matters, and direct actions.

Lo-Fi Exploration · Per-Site Security Hub

Scroll the frame to explore
DreamShield · lo-fi wireframe
Lo-fi DreamShield wireframe — full scrollable view

Lo-Fi Exploration · Manage Websites Global View

Lo-fi Manage Websites — Grid view with DreamShield status badges

Low-fidelity wireframe of the top-level Manage Websites view, structure only. The one decision under test: surfacing DreamShield status as a shield on every site card (Grid) and a dedicated column (List), plus promoting DreamShield in the nav — so security reads as a persistent signal across all domains.

Testing & Iterations

Measuring success by behavior, not clicks

I defined a measurement framework focused on customer outcomes, then iterated the alert pattern that drove the most friction.

1

Time-to-Resolution

2

Churn Rate Delta

3

Alert Interactions

4

Action Conversions

SSL · Pro Services

5

Visit Frequency

Iteration · DreamShield Dashboard

The biggest change wasn't a single component — it was the whole security page. Testing the earlier build surfaced four recurring problems, which drove the final, more legible dashboard.

VS · EARLIER BUILDTested with users
Earlier build DreamShield dashboard before iteration
FINAL · SHIPPEDAfter iteration
Final shipped DreamShield dashboard after iteration

Plain-language results 

Jargon columns (WAF / SSL "No Changes") became "No Threats Found" with a simple Files Scanned count.

Plain-language results 

The status row grew from 4 to 6 checks — adding Daily Scans and Safe Browsing as visible evidence.

Plain-language results 

Added a last-scan timestamp and a Scan My Site action, so protection reads as live, not static.

Plain-language results 

A flat feature list became an icon-led, expandable two-column grid that's easier to skim.

Zoom In · Alert Copy

V1 · RAW ALERT
No HTTPS

Surfaced the raw flag with no explanation or path forward — users didn't know why it mattered or what to do.

V2 · GUIDED FIX

Your site isn't using HTTPS

WHY IT MATTERSVisitors' data isn't encrypted; browsers flag your site as "Not Secure."
HOW TO FIXAdd a free SSL certificate in one click.
Add SSL Certificate →

High-Fidelity UI & System Delivery

Designing the DreamShield Security Experience

The final UI brings DreamShield's core security moments into one connected experience: scan visibility, protection status, certificate health, firewall controls, and plan management. The walkthrough below shows how these elements come together in a clearer, more actionable dashboard.

FINAL UI · PRODUCT WALKTHROUGH

Security Dashboard Walkthrough

This walkthrough shows the final DreamShield experience across the website security area, combining scan results, protection status, certificate visibility, firewall controls, and plan management into a clearer dashboard.

panel.dreamhost.com/websites

Final prototype — a guided walkthrough of the DreamShield security dashboard and key protection states.

Outcome & Learnings

Turning Invisible Protection Into Product Value

Before

Protection was invisible — users only saw "Everything's looking good" without proof DreamShield was actively working.

Security information was fragmented — important updates lived in email, with no central place to review website health.

Technical language created uncertainty — jargon made it harder to understand what mattered or what action to take.

After

Security became visible at a glance — health, history, and active protection were surfaced directly in the dashboard.

One dashboard became the source of truth — scan results, certificates, firewall status, and protection checks in one place.

Alerts became actionable — each state explained what happened, why it mattered, and what the user should do next.

Key Takeaway

Security must be visible to be valued.

DreamShield evolved from a silent background utility into a more visible and differentiated security experience. By making protection easier to see, understand, and act on, the product better aligned with customer expectations and retention goals.

Security must be visible to be valued

Invisible protection does not build confidence. Users need ongoing evidence that the product is working.

The right amount of detail is a design decision

Too much technical detail creates fear; too little creates indifference. Guided clarity helps users understand what matters and what to do next.

Email is a signal, not a product

Email can support security communication, but the in-app dashboard needed to become the real source of truth.

Phased strategy beats the big redesign

Reliability came first, then visibility, then differentiation. Shipping in phases made each release easier to test, learn from, and build upon.

Interested in working together?