Back in the day, I wrote a customer ID management component as part of the wholesale order entry/inventory management system I built for Salomon Ski. The system was designed to support retail shops ordering boots, skis, gloves, etc. in bulk ahead of the upcoming ski season and as needed to replenish stock during the season.
The ID management component I developed handled the usernames (IDs), passwords, and access control lists that determined who had access to which transactions and to what data. Initially the system was live for use by internal support staff, who took orders by phone, email, and snail mail, but later the system was opened up to customers for direct online access.
That was many years ago now, and out-of-the-box products were not really something we considered. It was not a difficult development task, but getting all of the roles defined and mapped was kind of challenging.
It was also something I had to constantly revisit and tweak because I had forgotten something or hadn’t got something just right, or there was a new employee role or a new type of customer to be added. And of course, when the system was opened up for external access, security requirements became much stricter.
Seems like a simple enough thing, but every application needs basically the same component, and the company had five or six of them already, at least. And of course, more and more applications were being developed, and including Web access.
At some point, we started to wonder whether it would be cheaper and easier to just buy a customer identity and access management (CIAM) solution rather than maintain all the code ourselves. We faced the question of whether we should develop our own centralized solution to reduce the obviously redundant development and maintenance efforts.
Intuition would tell you that it is cheaper to buy a shared CIAM system than build one since a software company can amortize its cost across multiple customers. Unfortunately, I moved to a different company before a decision was made, so I can’t tell you what they ultimately decided.
Thanks to a recent commissioned study conducted by Forrester Consulting on behalf of WSO2, however, we now have empirical proof that it’s cheaper and easier, and by a significant margin.
Forrester Consulting interviewed four customers who had recently adopted WSO2 Identity Server as a general solution to the CIAM problem. Based on the results of the interviews, they estimated a 332% ROI over three years of adopting and using a centralized product compared to building and managing a solution for each application independently. Developer effort around integrations was reduced by 60%, and time to market accelerated by 12 weeks.
Beyond the simple measure of cost savings, the Forrester Consulting study found that the customer experience was improved, and development staff were more productive in delivering application functionality to production.
Prior to using the WSO2 Identity Server product, the study stated that interviewed customers “managed customer identity at the application level. This promoted an inconsistent customer experience, placed an inordinate burden on developers or staff tasked with login functionality or integrations, and exposed the organization and its customers to security risks.”
The study also noted that, “After the investment in WSO2 Identity Server, the interviewed organizations were able to modernize and consolidate their customer identity and access management capabilities, saving developer time, accelerating market offerings, and fostering a frictionless customer experience. Additionally, they were able to keep their level of spend flat while growing from 500,000 to 2,000,000 customer identities under management.”
Download this study for an analysis of the total value of the WSO2 Identity Server for the enterprise customers interviewed.