For Pharmaceutical and Energy companies, an effective identity program not only ensures security but also streamlines user experiences. Whether it’s for login flows, data integration, or administrative purposes, setting up an effective identity service and its associated software components is a critical process. To guide you, let’s delve into the intricacies of an identity program, exploring its components and considerations for implementation.
An identity program caters to a myriad of use-cases, including login/registration/profile flows, progressive profiling, user directory lookup, data integrations, customer care, and data insights. Additionally, it addresses the dichotomy between traditional password-based systems, social logins, and emerging passwordless authentication methods. The choice between mobile and email as primary identifiers and pre-registration use-cases for invite workflows also falls within its realm. This step is to clearly define the supported use-cases so that when new apps come to the table, you can offer a set of guidelines. This will not only be essential for steamlining the onboarding process, but is critical to define and provide the best support possible.
The software selection process involves assessing various options such as Identity Providers (IDP), Email Service Providers (ESP), Short Message Service (SMS) platforms, among others. The selection criteria are heavily influenced by use-case complexity, integrations, preferred B2B or B2C functionalities, and connectors like webhooks. Moreover, choosing from approved vendors for email services, threat management systems, and other critical components plays a pivotal role. Once step 1 (defining your supported use-cases) is complete, you have a better idea of what you’ll need from these software choices.
To streamline adoption and support, it is helpful to define the types of onboarding by using tiers such as standard, complex, and custom. The standard tier usually facilitates quick setup and operational readiness. However, costs associated with onboarding, architecture design, provisioning, maintenance, and infrastructure must be carefully evaluated for each tier. The ‘Complex’ tier might still fit within your supported use-cases, but require external elements like a data migration or is heave on the consulting/architecture. A ‘Custom’ tier on the other hand is a good catchall for those apps who will clearly need connectors that don’t yet exist.
In addition to base costs, extras and add-ons like migration assistance, consulting services, and hyper-care support can enhance the implementation process. Operational integration, encompassing change management protocols, ticketing systems, and vendor interfaces, is equally crucial for seamless operations. Getting ahead of these add-ons and clearly scoping and pricing them is a way for the apps to ensure they have the right budget and expectations.
Operating an identity program demands a skilled team. From critical incident support and DevOps to architecture design and engineering for customizations, personnel with diverse expertise are needed. Furthermore, gaining adoption requires robust marketing and communication strategies to educate users and stakeholders about the program’s benefits. Building marketing material such as a program name and logo plus testimonials is a good way to start the word-of-mouth engine. The more information about your program exists internally, the easier it is for various teams to make the case to fit you into a sprint.
Offboarding applications is often overlooked but equally crucial. Some apps may intentially be temporary such as a seasonal campaign or event. However, once the app is no longer in production or no longer being used, the app team may not remember to let you know. And therefore there can be credentials to your service just floating around in the ether. Removing dormant credentials from the system ensures security and mitigates potential risks associated with unused accounts. Clearly setting policies such as — ‘if app is dormant for x weeks’ or ‘if activity is less than x’ then auto-deprovision the credentials. Another popular option is to require an annual attestation from each app in order to keep the creds alive.
In conclusion, implementing an identity program involves a thorough understanding of supported use-cases, careful software selection, cost evaluation, operational integration, personnel planning, adoption strategies, and proper offboarding protocols. By navigating these aspects thoughtfully, organizations can establish a robust identity program that not only ensures security but also enhances user experiences across various digital platforms. Please leave a comment if there is anything I missed or if there is a topic you’d like me to dive into further.
Lastly, building an identity program is like building a house and Next Reason is your general contractor. We not only have the expertise to understand the process and the details from end-to-end, but we work with your various software vendors to orchestrate the entire process. Send me an email if you have any questions or want to learn more — firstname.lastname@example.org