Customer identity management is nuanced, and determining which features you need based on your companyâs needs isnât black and white. Some authorization capabilities may be necessary for enterprises, but maybe your start-up can get by without all the advanced functionality. This test is designed to help you map out your customer identity needs and what features you should prioritize.
| Maturity assessment
Let's begin by gathering some basic information.
How many users do you have?*
What industry are you in?
How do you authenticate today?*
What options do users have when logging into your application?*
How do you authenticate your non-human identities?*
How is your login box UI managed today?*
What level of roles and permissions are you able to offer?
How do you manage trials and subscriptions today?*
What types of security do you already have built into your identity solution?
Do you have sufficient visibility into your identity security incidents?*
Which of these Security features do you have today?
How do you manage sessions today?
Which of the following are you able to offer to your customers?
Can you automate sending pre-fabricated emails to users?*
How do you manage users today?*
Do you offer your customers the ability to manage their own identity settings?*
Can you integrate your own code to your CIAM platform?*
Does you CIAM product supports OOTB 3rd party integrations?*
What are your deployment options?*
Whatâs your Geo distribution?*
Does your platform offer multi-tenancy capabilities?*
Odds are youâre just getting started. Your application is lacking some of the basic authentication and authorization features your customers will need to access your app. But thatâs okay! Everyone has to start somewhere.
Youâve got the basics down and thatâs all youâve needed so far. Your app allows users to login and might even have some roles and permissioning capabilities. But youâre company is looking to go up-market or your customers are starting to ask for more identity capabilities.
Odds are youâre far beyond a basic login box. Youâve developed a mature identity system that is meeting the needs of your growingly complex customer base. However, you realize that as you continue to go up-market, youâre going to need robust identity feature sets to provide the appropriate level of security and usability to your customers.
Youâre providing advanced Identity features to your customers! The question is how are you doing it? If youâre leveraging a homegrown solution, youâre probably spending unnecessary engineering effort on maintaining and building new identity features. Youâre not in the identity business.
Odds are youâre just getting started. Your application is lacking some of the basic authentication and authorization features your customers will need to access your app. But thatâs okay! Everyone has to start somewhere. Hereâs what you should be considering
Youâve got the basics down and thatâs all youâve needed so far. Your app allows users to login and might even have some roles and permissioning capabilities. But youâre company is looking to go up-market or your customers are starting to ask for more identity capabilities. Hereâs what weâd recommend you focus on:
Make sure you have the basics covered of; a UI friendly login box, email and password logins, and social logins if youâre feeling ambitious.
Your customers are going to want easier and more secure ways to access your application. You should start investing in: Social Logins, SSO, and Passwordless.
You probably are leveraging social logins at this point and may even be dipping into passwordless authentication. The most important thing here is usability and flexibility. You also need to carefully consider how you will be authenticating your non-human identities using different machine 2 machine authentication practices. Weâd expect you to start implementing Secrets and Tokens into your authentication process.
Looks like youâre already providing all the fundamentals and advanced login features. Make sure you are empowering your customers to control their login setting through a self-service portal, this will save your engineering team time and resources!
This should be your next area of focus. Start thinking about the different types of users your application will service. Will each user need access to every part of the app? SHOULD each user have access to every part of your app. Start by breaking permissions into a couple of user roles and expand from there.
Start investing in how different users will access your platform. By this point you should already have RBAC, but what about ABAC and full Entitlements? The flexibility you provide here, the more your customers will trust your product.
Hopefully your platform already has RBAC and ABAC at this point (if not GET ON THAT). You should start looking at more advanced ways to provide authorization for your customers. How could you leverage entitlement functionality to create custom subscriptions? How could you empower your customers to manage their own Authorization? These are the things that will carry you into larger deals.
Youâre offering your customers advanced RBAC and ABAC, you might even be dabbling in entitlements. By combining these features you can actually create advanced subscription management. Instead of your engineers setting up trials and different subscription packages, you can manage all of that work through entitlements and various permissions.
Focus on creating a process first. Have engineers responsible for regularly checking logs and recording their findings. From there look at ways to automate this process.
As your customer use cases grow larger and more complexâŚdonât skimp on security. At the bare minimum you should be starting to incorporate MFA, but you should also think about incorporating different security engines into your product. This way you can help prevent breaches.
Security is probably top of mind for you. The last thing you want is to experience a breach or for your customers to experience a breach. Youâre probably already leveraging MFA and may have a few security engines like bot detection or impossible travel to help safeguard access to your application. For the future youâre going to want to focus on visibility, empowering your customers to take security into their own hands, and adding advanced security features like Step-up security to better protect your platform.
Security can make or break an enterprise deal. At this point youâre providing much more than just MFA, but how can you continue to optimize security and stay on top of new industry standards? Make sure youâre implementing things like step-up security and keeping up with the latest security engines to protect your customers and their data.
This shouldnât be top of mind for you yetâŚbut know that you will eventually need to implement things like SSO into your platform.
Youâll want to make sure youâre supporting a multi-tenant structure as you begin to scale your business. Other capabilities like SSO and SCIM will become necessary as you acquire larger clients.
If youâre not offering SSO, then that should be priority number one. Most companies in this category are beginning to work with larger enterprises with complex use cases. This is where things like hierarchical tenant support and support for multi-apps becomes key. Youâll want to invest serious time here, otherwise youâll be playing catch up in the middle of a deal your company canât afford to lose.
Features like SSO and SCIM are table stakes for your customer base. But as you grow and your customers grow, how will you support their more advanced use cases? As you develop more products youâll need multi-app support for your identity features. As your customers grow into complex tenant management, youâll need hierarchical support for the way they distribute their services.
