MULTI ORG ACCOUNT MANAGEMENT

Securing Atlassian’s most complex enterprise customers in the cloud and GENERATING ~$1.5M ANUALLY IN GUARD SECURITY SUBSCRIPTIONS

1 year

Timeline

1 Senior Product Designer

1 Product Designer (me!)

1 Senior Product Manager

1 Content Designer

10 x Software Engineers

Team

01 PROBLEM & GOAL

Problem: Atlassian's largest enterprise customers that operate as parent companies (Microsoft, Sony, Samsung) weren’t able independently claim and secure their Atlassian accounts amongst their subsidiaries. Our administration only let one subsidiary control account security for an entire organisation, even when dozens of independent subsidiaries need to manage their own subset of accounts.

The goal: Enable decentralised customers with multiple subsidiaries like Sony to independently claim and manage their accounts, each with their own security controls, without blocking each other.

02 BUSINESS OPPORTUNITY

Enabling multi org account management had the potential to unlock Atlassian Guard subscriptions that were previously inaccessible with an estimated opportunity of $18.4M annual revenue from 1.4 million paid subscriptions.

When an account is claimed, Admins can apply higher security controls only accessible from a paid Guard subscription.

03 STATUS QUO

We were not designing a brand new experience from scratch to allow multi org account management. We looked at the existing experience as a starting point to see where we could enable key experiences. We needed to ensure:

  • Admins from different organisations can verify the same domain

  • Admins from different organisations to claim their own subset of Atlassian accounts

  • We carefully guide Admins to avoid blocking each other from claiming their accounts

Existing experience for verifying a domain

Existing experience of claiming accounts

Existing experience for changing claim settings

04 THE PROCESS

This project started out with lots of complexity with understanding how user security works in Atlassian’s context and architecture. This was my first project at Atlassian, so familiarising myself with identity providers, permissions and roles was a challenge at first. Thoroughly mapping this out helped greatly. Things became clearer when we eventually made our way to a feedback loop where we integrated design changes from user testing, design crits and reviews all the way to shipping.

I completed an audit of the existing domain verification and account claiming experience

Before going into designing screens, I extracted the core flows that needed to be designed with constant consultation with PM and Engineering and Architects

We presented designs many times to Leadership teams asking for more feedback, while also practicing our storytelling skills with fun role playing!

We journey mapped out all of the gnarly and complex scenarios once we allow multiple organisations to claim accounts

We conducted usability testing with several admins to understand areas to improve and refine the experience. Participants expressed the need for more guidance around terminology, which is crucial for an experience that affects thousands of Atlassian accounts

I integrated feedback from crits, reviews and usability testing to ensure the experience was easy ready for implementation. One of these changes was changing the hierarchy of elements to communicate which configuration was the best for their organisation’s setup.

05 FINAL SOLUTION

Admins of different subsidiaries can now verify the same domain with additional guidance to begin claiming their own accounts.

Each admin is guided when claiming accounts with recommended configurations based on their organisation’s setup to avoid blocking another subsidiary.

If another subsidiary has blocked others from claiming accounts, this is clearly communicated through a warning banner, restricting the Admin to complete the flow and provides a direct link to contact support for help

08 IMPACT

  • Two weeks after shipping, multi org account management had 157 domains verified by multiple organisations and 325 organisations actively claiming new accounts.

  • In that short window, we enabled admins to bring 42,762 previously unmanaged Atlassian accounts from shared domains under centralised control, unlocking stronger security policies and governance.

  • This uplift in managed accounts represents an estimated ≈$128k in additional monthly Guard revenue (~$1.5M/year)

  • I was unable to gather numbers to date, so this number is on the lower end! Accurate numbers are expected to be significantly higher.

  • Admins of decentralised organisations were excited about the release of this feature!

09 LEARNINGS

  1. Mapping everything is worth it: I was immediately keen to jump into designs, but untangling the webs of the security architecture became a practice I would keep for the rest of my time in the Admin Design team. While it felt like it took a long time and stakeholders weren't sure why designs weren't ready ASAP, it was vital to turning the complexity into a simple experience for our customers.

  2. Storytelling will accelerate alignment and close decisions faster: Presenting this project through multiple personas and admin scenarios was crucial to communicating the value to stakeholders who didn’t have much context. It also helped obtain buy-in for design decisions to keep us moving… it's also fun to role play with your team!

  3. Being vulnerable about confusion while leading will strengthen team relationships: While mentoring our Junior Content Designer, I realised that being open about ambiguity and confusion helps team members empathise with the difficulty of grasping tough concepts. I initially expected to understand everything within months, but this wasn't the case—and I was even more worried while mentoring at the same time. Being honest about still figuring things out built trust and connection.