Customer identity management is nuanced, and determining which features you need based on your company’s needs isn’t black and white. Some authorization capabilities may be necessary for enterprises, but maybe your start-up can get by without all the advanced functionality. This test is designed to help you map out your customer identity needs and what features you should prioritize.
| Maturity assessment
Let's begin by gathering some basic information.
How many users do you have?*
What industry are you in?
How do you authenticate today?*
What options do users have when logging into your application?*
How do you authenticate your non-human identities?*
How is your login box UI managed today?*
What level of roles and permissions are you able to offer?
How do you manage trials and subscriptions today?*
What types of security do you already have built into your identity solution?
Do you have sufficient visibility into your identity security incidents?*
Which of these Security features do you have today?
How do you manage sessions today?
Which of the following are you able to offer to your customers?
Can you automate sending pre-fabricated emails to users?*
How do you manage users today?*
Do you offer your customers the ability to manage their own identity settings?*
Can you integrate your own code to your CIAM platform?*
Does you CIAM product supports OOTB 3rd party integrations?*
What are your deployment options?*
What’s your Geo distribution?*
Does your platform offer multi-tenancy capabilities?*
Odds are you’re just getting started. Your application is lacking some of the basic authentication and authorization features your customers will need to access your app. But that’s okay! Everyone has to start somewhere.
You’ve got the basics down and that’s all you’ve needed so far. Your app allows users to login and might even have some roles and permissioning capabilities. But you’re company is looking to go up-market or your customers are starting to ask for more identity capabilities.
Odds are you’re far beyond a basic login box. You’ve developed a mature identity system that is meeting the needs of your growingly complex customer base. However, you realize that as you continue to go up-market, you’re going to need robust identity feature sets to provide the appropriate level of security and usability to your customers.
You’re providing advanced Identity features to your customers! The question is how are you doing it? If you’re leveraging a homegrown solution, you’re probably spending unnecessary engineering effort on maintaining and building new identity features. You’re not in the identity business.
Odds are you’re just getting started. Your application is lacking some of the basic authentication and authorization features your customers will need to access your app. But that’s okay! Everyone has to start somewhere. Here’s what you should be considering
You’ve got the basics down and that’s all you’ve needed so far. Your app allows users to login and might even have some roles and permissioning capabilities. But you’re company is looking to go up-market or your customers are starting to ask for more identity capabilities. Here’s what we’d recommend you focus on:
Make sure you have the basics covered of; a UI friendly login box, email and password logins, and social logins if you’re feeling ambitious.
Your customers are going to want easier and more secure ways to access your application. You should start investing in: Social Logins, SSO, and Passwordless.
You probably are leveraging social logins at this point and may even be dipping into passwordless authentication. The most important thing here is usability and flexibility. You also need to carefully consider how you will be authenticating your non-human identities using different machine 2 machine authentication practices. We’d expect you to start implementing Secrets and Tokens into your authentication process.
Looks like you’re already providing all the fundamentals and advanced login features. Make sure you are empowering your customers to control their login setting through a self-service portal, this will save your engineering team time and resources!
This should be your next area of focus. Start thinking about the different types of users your application will service. Will each user need access to every part of the app? SHOULD each user have access to every part of your app. Start by breaking permissions into a couple of user roles and expand from there.
Start investing in how different users will access your platform. By this point you should already have RBAC, but what about ABAC and full Entitlements? The flexibility you provide here, the more your customers will trust your product.
Hopefully your platform already has RBAC and ABAC at this point (if not GET ON THAT). You should start looking at more advanced ways to provide authorization for your customers. How could you leverage entitlement functionality to create custom subscriptions? How could you empower your customers to manage their own Authorization? These are the things that will carry you into larger deals.
You’re offering your customers advanced RBAC and ABAC, you might even be dabbling in entitlements. By combining these features you can actually create advanced subscription management. Instead of your engineers setting up trials and different subscription packages, you can manage all of that work through entitlements and various permissions.
Focus on creating a process first. Have engineers responsible for regularly checking logs and recording their findings. From there look at ways to automate this process.
As your customer use cases grow larger and more complex…don’t skimp on security. At the bare minimum you should be starting to incorporate MFA, but you should also think about incorporating different security engines into your product. This way you can help prevent breaches.
Security is probably top of mind for you. The last thing you want is to experience a breach or for your customers to experience a breach. You’re probably already leveraging MFA and may have a few security engines like bot detection or impossible travel to help safeguard access to your application. For the future you’re going to want to focus on visibility, empowering your customers to take security into their own hands, and adding advanced security features like Step-up security to better protect your platform.
Security can make or break an enterprise deal. At this point you’re providing much more than just MFA, but how can you continue to optimize security and stay on top of new industry standards? Make sure you’re implementing things like step-up security and keeping up with the latest security engines to protect your customers and their data.
This shouldn’t be top of mind for you yet…but know that you will eventually need to implement things like SSO into your platform.
You’ll want to make sure you’re supporting a multi-tenant structure as you begin to scale your business. Other capabilities like SSO and SCIM will become necessary as you acquire larger clients.
If you’re not offering SSO, then that should be priority number one. Most companies in this category are beginning to work with larger enterprises with complex use cases. This is where things like hierarchical tenant support and support for multi-apps becomes key. You’ll want to invest serious time here, otherwise you’ll be playing catch up in the middle of a deal your company can’t afford to lose.
Features like SSO and SCIM are table stakes for your customer base. But as you grow and your customers grow, how will you support their more advanced use cases? As you develop more products you’ll need multi-app support for your identity features. As your customers grow into complex tenant management, you’ll need hierarchical support for the way they distribute their services.
