Streamlining isolated cloud infrastructure for regulated industries

Reducing noisy neighbors and enhancing security - a budget-friendly way to control where your virtual machines are launched.
Product thumbnail
Regulated industry
Conception to launch
Interaction design

TL;DR

Problem
Problem: Regulated customers needed simple, isolated compute with predictable performance.
Solution
Solution: DVH provisioning with guardrails, compatibility checks, and familiar OCI patterns.
Impact
Impact: Enabled HIPAA-eligible workloads; opened new deal flow and regional expansion.
8-12
Contracts signed
8
Team lunches expensed
3
Regions opened

Context

The Dedicated Virtual Machine Hosts project started in June 2018. By the design phase, essential backend work like rack installations and agent deployments was done. While the technical base was set, defining customer interaction with this feature was key. The aim was to make this specialized service intuitive and user-friendly.
Company
Oracle Cloud Infrastructure
My Team
Senior and junior engineers, back-end development, content, project management, legal and compliance
Timeline
Project start: June 2018 | LA launch: April 2019 | GA launch: August 2019
Tools used
Sketch to PDF export, Jira, Confluence, Slack, and whiteboards
My Role
Senior UX designer
Impact
Launched in 3 regions, enabled HIPAA-compliant workloads, $5–10M in year-one revenue

Problem

OCI customers needed the performance and security of bare metal with the flexibility of virtual machines. Existing solutions often required costly workarounds to meet compliance. A solution was needed to offer isolated compute environments while keeping provisioning simple for cloud teams.

Solution

The design aimed to simplify provisioning and management of isolated compute instances, making it as easy as launching a standard VM. This ensured compliance without extra operational burden, allowing customers to run VMs on dedicated servers, meeting isolation and licensing needs.

The deep dive

Jobs to be done

In enterprise and technical design, we rarely have fully detailed personas for each feature. Instead, I focus on jobs to be done: the specific tasks and outcomes real users need. They’re here to get something working, solve the problem, and move on with their day.
  • Security and compliance officers: When a workload handles regulated data (PHI, cardholder data, or SOC 2–scoped systems), I want to run VMs on dedicated hosts with enforced single-tenant isolation, so I can satisfy HIPAA/PCI DSS/SOC 2 and pass audits without co-tenancy risk.
  • Cloud infrastructure architects: When performance must be predictable and free from noisy-neighbor effects, I want to allocate capacity on dedicated hosts with fixed OCPU and memory and no overcommit, so I can guarantee steady latency and throughput.
  • IT operations managers: When I stand up or retire environments, I want to provision, scale, drain, and decommission VMs on dedicated hosts through a simple lifecycle, so I can manage capacity safely with fewer manual steps.
  • Licensing managers: When software is licensed by physical host, core, or socket, I want to pin VMs to specific dedicated hosts and keep an auditable VM-to-hardware mapping, so I can stay compliant and control license spend.

Constraints and considerations

Compliance standards necessitated full physical isolation, which inherently limited the availability of certain standard OCI features, such as instance pools, autoscaling, burstable instances, capacity reservations, and confidential computing
The solution needed to seamlessly integrate into the existing Compute product catalog to avoid overwhelming the user with a completely new interface or paradigm.
Provisioning and lifecycle management flows had to match established OCI patterns to minimize the user’s learning curve.

Key contributions and design approach

The project commenced after months of backend development, meaning the hardware, networking, and shape catalog were already established and locked. My initial approach involved comprehensive discovery, which included running whiteboarding sessions with engineers to thoroughly understand the technical boundaries and collaborating with the Product Manager to clarify all compliance requirements. This deep dive into existing constraints was crucial for designing a solution that was technically feasible and legally compliant.

A key design innovation was simplifying complex technical data for the user. Instead of displaying the total number of OCPUs (which included those reserved for virtual machine management), the design specifically highlighted only the “usable OCPUs” and available memory. This approach significantly reduced cognitive load and helped users make informed decisions quickly, without getting bogged down in what couldn’t be used. This was achieved through tight collaboration with backend engineers to ensure the UI could accurately surface these actionable insights.

Furthermore, the design ensured DVH was integrated into the existing Compute catalog using established OCI patterns, which minimized the learning curve for current users. I also added expandable shape compatibility tables, allowing users to confirm workload fit before provisioning. For features that were inherently unsupported, such as instance pools, rather than presenting an abrupt error, the UI was designed to gently guide the user away from incompatible options, helping them stay on task without friction.

A whiteboarding exercise about dedicated virtual machine hosts

Impact and outcomes

The launch of Dedicated Virtual Machine Hosts proved highly successful, contributing to significant business and operational benefits. It was launched in 3 regions and notably enabled customers to run HIPAA-compliant workloads. In its first year, the feature generated $5–10 million in revenue and led to 8-12 signed contracts. The solution effectively provided customers with the desired fully isolated compute environment, successfully addressing specific compliance, regulatory, and licensing requirements.

Future vision

Given additional resources, several areas could enhance the Dedicated Virtual Machine Hosts offering, including conducting in-depth interviews with users who specifically chose OCI for DVH to uncover additional use cases and needs. Developing an easy downloadable certificate or other artifact for users to verify the secure hosting of their data, particularly to meet requirements for some compliance scenarios. Exploring ways to integrate currently unsupported features like autoscaling and instance pools with DVH, as these remain limitations.

What I learned

This project provided invaluable experience in bridging the gap between technical limitations and user expectations. A significant learning was how to gently guide users within the UI when encountering incompatibilities, such as the lack of support for instance pools, rather than presenting abrupt errors. I also gained a deeper understanding of the importance of shifting the user’s focus from raw technical data to actionable insights by, for example, displaying only usable OCPUs instead of total OCPUs, which reinforced the critical need for designing not just for clarity, but for direction.

Other case studies

Product thumbnail
Oracle Cloud Infrastructure
Making cloud automation easier for non-technical users
Product thumbnail
New Relic Inc
Detangling error management for mobile application development
Product thumbnail
New Relic Inc
Simplifying automated testing to improve application quality more

Open to Senior/Lead roles. Hire me for platform, observability, and compliance-heavy workflows. (Remote/Seattle/Open to relocation)