In this blog, Arie Timmerman, Technical Consultant at iWelcome, shares four key topics to take into consideration when implementing cloud versus on-premise Consumer Identity and Access Management (CIAM) solutions.
Rapid time to service. Excellent scalability. Lower cost of ownership. Cloud-based CIAM solutions have many benefits compared to on-premise installations.
A common pitfall however is to think of cloud solutions as on-premise solutions minus the hassle of deploying servers, setting up a network and installing software. It is different and should be treated as such. Implementation trajectories of cloud solutions follow another approach.
Accelerate your implementation project by considering the following 4 guiding measures.
1. Think first, act later
Cloud solutions provide a ready-to-use package of functionalities allowing you to start adopting best practices immediately. If you are planning to adhere to standards this is great as you can ramp up your implementation. However, if you are used to your organisation-specific processes and are unwilling to revise these, things become more complex.
Adopting cloud solutions force adhering to formal standards and common best practices.
With on-premise solutions, one can afford assuming specific functionality simply exists. If your assumptions turn out to be incorrect, many possibilities exist to adapt the software to your needs. The possibilities for extending are limited with Software-as-a-Service solutions because you do not run nor own the software code: there is no room for hacky workarounds.
On-premise solution implementation trajectories focus on changing software. Cloud solutions implementing trajectories focus on changing business processes.
2. Know the boundaries
Implementing on-premise solutions is like claying a sculpture while configuring a cloud solution is like building a Lego figure.
Cloud solutions are equipped with many configuration options allowing a broad range of set ups. Yet, unlike tailored software it is not always straightforward to realise your dreams by letting a developer program it. And that is often a good thing.
Dreams and hopes might turn out to be impossible to realise, unrealistic or have very little chance of succeeding. Instead, the key to success is to adhere to best practices.
With special-purpose consumer identity and access management products, there should not even be a need for extensive customisations. Packed with a wide set of well-thought-out processes, adhering to best practices helps to build future-proof identity management solutions. You will end up with a beautifully designed and welcoming fortress instead of a nice air castle that is never realised.
3. IDaaS is not a general-purpose technology
Some argue “Digital identity is at the centre of everything” and others claim that “Identity is everything”. In any case, one cannot conclude that identity solutions should or can be used to solve every identity-related problem.
It is tempting to misuse the identity store for storing information barely related to identifying and authenticating users. While it can make sense to store a customer number in an identity store, it never makes sense to store shipping order information in it.
A common pitfall is to use an identity solution as the authoritative store for all customer data and to expect customer relationship management (CRM) functions from it. For sure, an identity store contains essential customer information – such as a unique user identifier and basic contact information – but you will never be able to extract the number of conversions and the conversion rate for your site or app from an identity solution.
4. Make sure you understand identity concepts
The fact that you migrate to a ready-to-use cloud solution does not absolve you from the need to know what CIAM is about. If you buy a car you need to understand how to drive it.
The consequence of neglecting the need to understand identity concepts often leads to adopting a minimal subset of the provided functionalities. If you finish your implementation trajectory and end up with a system providing username-password authentication only, you should ask yourself if it was worth the investment.
Cloud consumer identity solutions really start making an impact when used for delegating authentication responsibilities with federation; when used to improve the user experience via omni-channel authentication; when used for single sign-on and single logout. These are not necessarily the easiest to understand functionalities but definitely the ones creating the most value from a digital transformation.
Investing in training upfront and partnering with specialised organisations ensures a successful integration of cloud consumer identity solutions.
Feel free to repost this blog on your website or social channels! But when you do so, please be so kind to mention the source and give us a notice via firstname.lastname@example.org.
Technical Consultant at iWelcome
After finishing his Master in Business Information Technology, Arie gained over five years of experience in Identity & Access Management, working for large consultancy firms as Capgemini and PwC. Within iWelcome, Arie is involved in IDaaS client implementation projects as technical consultant.