.svg)
Should you build or buy a customer secure sign-on solution?Β
If youβre reading this, chances are youβve already decided your org needs a secure identity management solution for your customer-facing apps.
And we think that deserves a virtual fist bump. Understanding why implementing a unique customer identity and access management (CIAM) solution is critical in the first place β and not trying to retrofit your workforce identity and access management (IAM) solution to serve an audience that behaves entirely differently (AKA your customers) β is an essential mindset shift thatβll make your customers happy and help your bottom line.
So congrats on making that first leap.
Now that youβve decided your brand needs a new (or better) secure sign-on solution, youβve got a few choices. You can buy a vendor-supported solution, build or rebuild one yourself or use an open-source tool.
There are pros and cons to all those options, but today weβre going to focus on the classic βbuild versus buyβ dilemma and cover several questions you need to ask yourself before deciding between those two choices.
So you want to build your own identity and access management provider β¦
We understand why building and maintaining your own secure sign-on solution in house sounds enticing β¦ at least at first.
But when you decide to build a CIAM tool as your customerβs digital journey continues evolving at just about every turn, you often end up having to choose between accelerating your time to market or securing your digital products.
Thatβs a tradeoff no org should have to make.
Thatβs why itβs so essential to evaluate the right criteria when youβre deciding whether to build or buy a CIAM offering, making sure you carefully consider what βfuture youβ will need.
To start, we created a handy chart that maps evaluation criteria to both the βbuyβ and βbuildβ scenarios, along with our take as to what level of effort is required depending on which path you choose:
.png)
Now letβs take a closer look at each criteria.
How long will it take me to get to market?
A great commercially available CIAM solution should be fairly quick to deploy to your customer-facing apps.
Weβre talking about a setup time in hours or days, not weeks or months.
For example, we recently deployed Strivacity at a gaming and entertainment company across more than 100,000 customer accounts. From start to finish, it took five days.
Most home-grown CIAM projects take months to build and deploy β¦ which is fine if youβve got the luxury of taking your time to get to market. But most companies donβt. They also usually need their developers focused on their revenue-generating products, not distracted by other projects like becoming an expert in secure sign-on functionalities.
How much effort will deploying and maintaining this require?
Initial development costs are one thing, but how much time do you want your team to spend maintaining this solution?
Customer journeys change often. As your org scales and you start to acquire more and more new types of customers, youβll end up having to create additional (and different) journeys so that youβre providing an exceptional experience for every person whoβs interacting with your brand.
This takes β you guessed it β a ton of time. Do you want your team focused on learning about customer identity technologies and capabilities? Or should they be working on improving your revenue-generating products and keeping your company competitive in its market?
How rich do I want the features to be?
Itβs pretty simple.
More features = more time spent on development.
Again, many of the features youβll develop for launch day wonβt be sufficient for what your customers will need six months or a year from now. With a commercially available CIAM tool, you can add new features and workflows with a few clicks. If you build CIAM on your own, each new feature means another lengthy development project for your team, or a potentially large consultant fee if itβs something youβll need to outsource.
How much money can I (or do I want to) spend over time to support this tool?
Beyond the army of developers youβll need to build your own CIAM tool, consider how much you want (or will need to) spend in order to support the offering.
For example, youβll need to account for costs associated with hosting your solution either on-premises or in the cloud, ongoing monitoring for reliability and security purposes, CI/CD management and quality assurance, to name a few.
A major benefit of using a commercially available CIAM platform is that youβll automatically be keeping pace with market changes to identity and access management solutions: think about new tech standards, the latest security features and the like. Not to mention that youβll be able to divert your development team and your purchase orders to other needs.
What kind of licensing costs will I incur?
This oneβs pretty straightforward: If you build your own tool, you wonβt need to worry about licensing.
However, thereβs lots to consider aside from licensing costs as youβre deciding whether to build or buy a CIAM solution.
The bottom line
Building a CIAM tool in house requires significant resources. Thereβs the initial development and deployment effort (plus having the right people on staff to do those things), security and compliance requirements to consider as well as the time and costs associated with maintaining and improving the solution over the long run.
Of course youβll need to do all of that in addition to focusing on your orgβs most strategic, revenue-generating priorities.
Yes, weβre biased, but we think it makes a ton of sense for most companies to buy a CIAM solution instead of creating their own. When you choose a commercially available CIAM tool like Strivacity, youβll get to market faster, scale quickly when itβs time and provide your customers with the friction-free, personalized experiences that they expect and deserve.
Have other questions about building or buying a CIAM solution? Get in touch.
