Navigating Your CIAM Program: A Guide for Pharma and Energy

Nate Szytel
January 8, 2024

For Pharmaceutical and Energy companies, an effective identity program not only ensures security but also streamlines user experiences. Whether it’s for login flows, data integration, or administrative purposes, setting up an effective identity service and its associated software components is a critical process. To guide you, let’s delve into the intricacies of an identity program, exploring its components and considerations for implementation.

1. Defining Supported Use-Cases

An identity program caters to a myriad of use-cases, including login/registration/profile flows, progressive profiling, user directory lookup, data integrations, customer care, and data insights. Additionally, it addresses the dichotomy between traditional password-based systems, social logins, and emerging passwordless authentication methods. The choice between mobile and email as primary identifiers and pre-registration use-cases for invite workflows also falls within its realm. This step is to clearly define the supported use-cases so that when new apps come to the table, you can offer a set of guidelines. This will not only be essential for steamlining the onboarding process, but is critical to define and provide the best support possible.

2. Selecting Software Components

The software selection process involves assessing various options such as Identity Providers (IDP), Email Service Providers (ESP), Short Message Service (SMS) platforms, among others. The selection criteria are heavily influenced by use-case complexity, integrations, preferred B2B or B2C functionalities, and connectors like webhooks. Moreover, choosing from approved vendors for email services, threat management systems, and other critical components plays a pivotal role. Once step 1 (defining your supported use-cases) is complete, you have a better idea of what you’ll need from these software choices.

3. Understanding Tiers and Associated Costs

To streamline adoption and support, it is helpful to define the types of onboarding by using tiers such as standard, complex, and custom. The standard tier usually facilitates quick setup and operational readiness. However, costs associated with onboarding, architecture design, provisioning, maintenance, and infrastructure must be carefully evaluated for each tier. The ‘Complex’ tier might still fit within your supported use-cases, but require external elements like a data migration or is heave on the consulting/architecture. A ‘Custom’ tier on the other hand is a good catchall for those apps who will clearly need connectors that don’t yet exist.

4. Considering Extras and Operational Integration

In addition to base costs, extras and add-ons like migration assistance, consulting services, and hyper-care support can enhance the implementation process. Operational integration, encompassing change management protocols, ticketing systems, and vendor interfaces, is equally crucial for seamless operations. Getting ahead of these add-ons and clearly scoping and pricing them is a way for the apps to ensure they have the right budget and expectations.

5. Personnel Requirements and Adoption Strategies

Operating an identity program demands a skilled team. From critical incident support and DevOps to architecture design and engineering for customizations, personnel with diverse expertise are needed. Furthermore, gaining adoption requires robust marketing and communication strategies to educate users and stakeholders about the program’s benefits. Building marketing material such as a program name and logo plus testimonials is a good way to start the word-of-mouth engine. The more information about your program exists internally, the easier it is for various teams to make the case to fit you into a sprint.

6. Managing Offboarding and Dormant Activity

Offboarding applications is often overlooked but equally crucial. Some apps may intentially be temporary such as a seasonal campaign or event. However, once the app is no longer in production or no longer being used, the app team may not remember to let you know. And therefore there can be credentials to your service just floating around in the ether. Removing dormant credentials from the system ensures security and mitigates potential risks associated with unused accounts. Clearly setting policies such as — ‘if app is dormant for x weeks’ or ‘if activity is less than x’ then auto-deprovision the credentials. Another popular option is to require an annual attestation from each app in order to keep the creds alive.

In conclusion, implementing an identity program involves a thorough understanding of supported use-cases, careful software selection, cost evaluation, operational integration, personnel planning, adoption strategies, and proper offboarding protocols. By navigating these aspects thoughtfully, organizations can establish a robust identity program that not only ensures security but also enhances user experiences across various digital platforms. Please leave a comment if there is anything I missed or if there is a topic you’d like me to dive into further.

Lastly, building an identity program is like building a house and Next Reason is your general contractor. We not only have the expertise to understand the process and the details from end-to-end, but we work with your various software vendors to orchestrate the entire process. Send me an email if you have any questions or want to learn more —

Blog Post Category:

Related articles

back to all articlesArrow to the right

Get in touch today

To request a quote, schedule a 30-minute demo or submit an RFP, kindly complete the form, or reach out to us directly.

Thanks for contacting us!

We will get back to you as soon as possible.
Meanwhile, follow us on social media or visit our blog!
Oops! Something went wrong while submitting the form.