Case Study
Designing DreamShield Security at DreamHost
Turning invisible protection into a trusted, visible product experience — reducing uncertainty, improving self-serve, and supporting retention.
Project Overview
Project
DreamShield Security Add-on (DreamHost)
Type
Security Product Experience + Retention Strategy
Role
Senior UX Designer / Strategist
Timeline
3 Releases / Multi-phase
Scope
End-to-end security experience: email notifications → in-panel dashboard → per-site remediation → global visibility in Websites grid
Deliverables
Research synthesis · Competitive analysis · UX strategy · System design · Wireframes · High-fidelity UI · UX writing
Post-launch impact
3 Releases
Multi-phase evolution
Shipped incrementally — reliability, then visibility, then differentiation.
1 / day
No notification fatigue
Alert cap per domain — daily scans with no notification fatigue.
In-panel
Security moved in-product
Security moved from email-only into a persistent dashboard.
Retention
Clean states reframed
Clean states reframed — silence turned into renewal-value proof.
Overview
DreamShield protected thousands of websites through automated malware scanning and security monitoring — but users rarely saw evidence of that protection. The product relied primarily on email notifications, while the in-product experience was a simple status page with little context or guidance. As a result, customers struggled to understand the value they were paying for.
My goal was to redesign the dashboard so users could understand their website's security health, take action when needed, and continuously see the value DreamShield was providing.
Four problems were driving customer churn
Through my research, I identified several core UX and business problems behind customer churn — each one chipping away at trust and renewals.
The Old Experience
Invisible Protection = Churn
When the product worked perfectly and blocked threats, clean states created silence rather than confidence. Because customers couldn't see ongoing protection, they questioned the product's value at renewal time
The Notification Spam Loop
Upgrading to daily scanning introduced a massive UX risk: under the old logic, a customer with multiple hacked sites could receive multiple warning emails every day until the issue was resolved — training customers to ignore alerts.
A customer with 5 hacked sites got 5 separate emails every single day until resolved.
Email-Only Experience
Security lived entirely in email alerts rather than inside the product itself, making the experience fragile and disconnected from the hosting panel.
Technical Jargon Overload
Alerts used terminology like No WAF on http or No HTTPS with no plain-language explanations or clear next steps, leaving non-technical users overwhelmed.
The Cost
Together, these eroded trust and drove customers to churn at renewal.
Users didn't need more security — they needed to see it
To understand how customers experienced website security, I synthesized four sources to map where confidence and clarity were breaking down.
Previous DreamShield research
Customer support documentation
Internal product planning
Competitor dashboards — GoDaddy, HostGator
"Users didn't need more security features — they needed better visibility into the protection they already had."
A security experience that didn't exist yet
DreamShield had strong backend infrastructure but a weak user experience. Because the product was practically invisible when it worked, this wasn't a redesign — it was the creation of a visible, actionable product experience that previously did not exist.
The strategic shift from a minimal static page to a dedicated in-panel dashboard — making security visible, contextual, and actionable for the first time.
A Phased Strategy, Not a Big Redesign
Release 1
Smart Suppression Logic
Daily scanning without fatigue — alerts fire only for new issues and cap at 1 email per day, per domain.
Release 1.1
Weekly Digest Strategy
One weekly digest per account covering issues, scan history, and proactive context — solving "clean = silence."
Release 2
Product-First Shift
Led the move from email-only to a dedicated in-panel DreamShield dashboard.
Release 3
Status-Based Mental Model
A clear green / yellow / red system (Secure, Warning, Critical) replacing ambiguous messaging.
The New Experience
Four Design Moves
Establishing a Clear Mental Model
Users had no way to read their security status at a glance. We built a green / yellow / red system — replacing ambiguous messaging with a scannable, universally understood model that cut cognitive load.
Making Protection Visible
When DreamShield worked, users saw nothing. We surfaced continuous evidence of protection — so a clean state felt like a result, not an absence.
Turning Alerts into Guidance
Technical error messages gave users no path forward. Every alert now follows one consistent pattern, removing friction the moment users need clarity most.
Extending Security Across the Panel
We integrated DreamShield status directly into Manage Websites, so users could see the health of every site at a glance — without opening each one.
Designing for clarity at every level
Persistent Global Visibility
DreamShield status integrated into the top-level Manage Websites grid, so security became a signal across every domain.
Per-Site Security Hub
Individual site views show scan history, WP / PHP versions, and outdated plugins — with one-click upgrade CTAs.
Surfacing Hidden Infrastructure
Surfaced previously hidden tools — IP range blocking and searchable country blocking — into user-controllable UI.
Remediation-Forward Copy
Rewrote alerts to lead with guidance instead of fear — plain language, why it matters, and direct actions.
Lo-Fi Exploration · Per-Site Security Hub
Lo-Fi Exploration · Manage Websites Global View
Low-fidelity wireframe of the top-level Manage Websites view, structure only. The one decision under test: surfacing DreamShield status as a shield on every site card (Grid) and a dedicated column (List), plus promoting DreamShield in the nav — so security reads as a persistent signal across all domains.
Measuring success by behavior, not clicks
I defined a measurement framework focused on customer outcomes, then iterated the alert pattern that drove the most friction.
Time-to-Resolution
Churn Rate Delta
Alert Interactions
Action Conversions
SSL · Pro Services
Visit Frequency
Iteration · DreamShield Dashboard
The biggest change wasn't a single component — it was the whole security page. Testing the earlier build surfaced four recurring problems, which drove the final, more legible dashboard.
Plain-language results
Jargon columns (WAF / SSL "No Changes") became "No Threats Found" with a simple Files Scanned count.
Plain-language results
The status row grew from 4 to 6 checks — adding Daily Scans and Safe Browsing as visible evidence.
Plain-language results
Added a last-scan timestamp and a Scan My Site action, so protection reads as live, not static.
Plain-language results
A flat feature list became an icon-led, expandable two-column grid that's easier to skim.
Zoom In · Alert Copy
High-Fidelity UI & System Delivery
Designing the DreamShield Security Experience
The final UI brings DreamShield's core security moments into one connected experience: scan visibility, protection status, certificate health, firewall controls, and plan management. The walkthrough below shows how these elements come together in a clearer, more actionable dashboard.
FINAL UI · PRODUCT WALKTHROUGH
Security Dashboard Walkthrough
This walkthrough shows the final DreamShield experience across the website security area, combining scan results, protection status, certificate visibility, firewall controls, and plan management into a clearer dashboard.
Final prototype — a guided walkthrough of the DreamShield security dashboard and key protection states.
Turning Invisible Protection Into Product Value
Before
Protection was invisible — users only saw "Everything's looking good" without proof DreamShield was actively working.
Security information was fragmented — important updates lived in email, with no central place to review website health.
Technical language created uncertainty — jargon made it harder to understand what mattered or what action to take.
After
Security became visible at a glance — health, history, and active protection were surfaced directly in the dashboard.
One dashboard became the source of truth — scan results, certificates, firewall status, and protection checks in one place.
Alerts became actionable — each state explained what happened, why it mattered, and what the user should do next.
Key Takeaway
Security must be visible to be valued.
DreamShield evolved from a silent background utility into a more visible and differentiated security experience. By making protection easier to see, understand, and act on, the product better aligned with customer expectations and retention goals.
Security must be visible to be valued
Invisible protection does not build confidence. Users need ongoing evidence that the product is working.
The right amount of detail is a design decision
Too much technical detail creates fear; too little creates indifference. Guided clarity helps users understand what matters and what to do next.
Email is a signal, not a product
Email can support security communication, but the in-app dashboard needed to become the real source of truth.
Phased strategy beats the big redesign
Reliability came first, then visibility, then differentiation. Shipping in phases made each release easier to test, learn from, and build upon.

