This document discusses challenges with managing customer identities and compares different approaches companies take to address these challenges. It outlines the issues with building a custom solution ("homegrown" approach) or stitching together existing systems ("Frankenstein" approach) and argues that a specialized cloud-based customer identity and access management (CIAM) platform ("buy it, don't build it" approach) provides the best value through lower total cost of ownership and improved customer experiences. An example compares the costs of a custom solution versus a CIAM platform for a company with 1 million customers and 5 application integrations.

1. Don’t Let your Corporate Strategy
be Hostage to your IT Strategy

2. 2
Don’t Let your Corporate Strategy be
Hostage to your IT Strategy
In Forrester’s recent report, “2017 Predictions: Dynamics That Will Shape The Future In The
Age Of The Customer”1
there are some startling strategic planning assumptions.
Among them:
Digital innovation is being demanded by every business unit wanting to capitalize on an
increasingly mobile customer base that expects dynamic and personalized experiences
across an expanding range of touchpoints.
This reality has recently transformed IT’s role to that of the main driver of new growth
initiatives, prompting a shift in perspective and strategy for CIOs. As Sapphire Ventures
managing director Jai Das recently noted in TechCrunch, “Chief Information Officers who are
able to implement web-scale IT infrastructure via an enterprise cloud platform and push their
IT infrastructure to the speed of modern business will become Chief Innovation Officers.”2
Successful enterprise digital transformations often begin with a well-planned and executed
approach to managing customer identities. While legacy IAM might seem like a natural starting
point for meeting this challenge, customer identity and access management (CIAM) has
significantly different requirements and outcomes when compared to employee-facing IAM.
“The consequences of a customer-led,
digital-centric market are becoming clearer
and starker.”3
“More than one-third
of businesses will
restructure to shift to
customer-obsessed
operations.”
“Business heads will
see doubled attrition
rates as CEOs dig
in and appoint
leaders with both
digital and customer
competencies.”
“In 2017, the basic fabric
of trust is at stake as
CEOs grapple with
how to defend against
escalating, dynamic
security and privacy risk.”
1 Forrester, 2017 Predictions: Dynamics That Will Shape The Future In The Age Of The Customer
2 TechCrunch, How Chief Information Officers Become Chief Innovation Officers, Jai Das
3 Forrester, 2017 Predictions: Dynamics That Will Shape The Future In The Age Of The Customer

3. 3
So, what are the big challenges when
managing customer identities?
User
Experience
Legacy IAM systems are designed primarily around security for good reason, but to
create the personalized and engaging user experiences today’s customers demand, you
must not only store customer information in a centralized and secure manner, but also
ensure that this data is available for use in real-time across the entire business.
Scale For the largest enterprises, the digital identities of employees, partners and vendors are
measured in hundreds of thousands, but customers of those same companies are often
measured in hundreds of millions. To deliver a user experience that keeps your brand
competitive there must be no compromise in performance at any time for any layer in
your stack, regardless of the volume, variety, or velocity of incoming data streams.
Data
Structure
The vast majority of customer-generated information is unstructured, and doesn’t
play well with traditional hierarchical databases and directories. To optimize your
omni-channel marketing, sales, and service initiatives, you must be capable of making a
wide variety of customer data from many sources actionable for your business.
Integrations Authentication integrations with business applications like Google and Workday often
provided by IAM systems are entirely different from those needed to support customer-
facing interactions and activities. If you’re building out your own solution or piecing
one together from other third-party services, each technology that you adopt for
business initiatives means custom coding and expensive connectors. Besides exorbitant
development costs, this process can also significantly slow your time to market.
Security Web and mobile APIs have become the backbone of digital business. This is a reality
that legacy IAM still grapples with when trying to manage consumer data, since it was
primarily designed for employee and vendor access. To deliver an impactful yet secure
customer experience, standards like SAML, OpenID Connect and OAuth should be used
to secure high volume API transactions, on both client and server sides. Personal data
should be encrypted and passwords hashed, and advanced methods should available
for authenticating customers. Finally, strong rules and permissions-based access control
and audit logging are vital to ensuring that your IT organization maintains granular
administrative control of your system.
Privacy and
Compliance
With employee-facing IAM, since the business effectively owns all the information being
managed, so privacy is mostly about securing data from breaches. However, new, more
stringent data protection regulations such as the European Union’s GDPR mean that
managing consumer data privacy, consent and control is no longer a “nice-to-have”
for customer-facing global businesses. Also, integrating vital social network login
functionality means keeping up with ever-changing third-party privacy policies. Manually
managing these tasks not only eats up significant IT bandwidth but incurs undue risk
for your business.

4. 4
We have seen companies approach these challenges
in three different ways:
The “Homegrown” Approach
(Build something yourself to consolidate disparate data silos.)
This approach is usually chosen to maximize security and control, but can severely
limit the scope of the resulting system and comes with a number of pitfalls that grow over
time. Considerable resources are required to retrofit legacy, brick-and-mortar identity
management systems for handling customer data, and then additional technologies must
be connected to help monetize it. The end-result is often an inflexible system with limited
capabilities that is difficult and expensive to maintain.
Also, this approach may leave companies beholden to the system’s original, in-house
developers, who may have relatively little knowledge of CIAM principles, likely never
created proper documentation and may take their knowledge with them when they
leave the organization. Integrating new technologies with a homegrown system requires
additional custom coding and pricy connectors, with the burden of ongoing maintenance
and compliance resting solely on the IT organization, creating continuous cost and risk.
The “Frankenstein” Approach
(Stitch together existing IAM systems.)
In this approach, companies may leverage an existing enterprise data warehouse
(EDW) or CRM system’s IAM capabilities to unify their data, or deploy an off-the-shelf
IAM solution to do the job. This may offer a significant reduction in labor costs, and will often
result in a better-performing system than the homegrown approach. However, high service-
to-license ratios mean savings on labor are more than offset by perpetual product license
and maintenance fee structures that are designed for a relatively small numbers of business
users, rather than millions of customers.
If most or all of a system is comprised of on-premises as opposed to SaaS solutions, then
upgrades must occur manually, at considerable expense. Also affecting cost of ownership
is the fact that custom connectors will be required to add new technologies for marketing,
sales and services initiatives.

5. 5
The “Buy it, Don’t Build it” Approach
(Implement a specialized, cloud-based system that is built to manage customer identities.)
Increasingly, businesses adapting to the digital marketplace are opting to hand
off CIAM functionality to a provider who specializes in managing customer identities.
Best-of-breed cloud CIAM platforms are built with a focus on user experience, scalability,
flexible implementation, and API-based security. These solutions consistently deliver
the best bang-for-buck CIAM outcomes, with drastically reduced labor, licensing and
maintenance costs.
A specialized CIAM platform can get you to market in a fraction of the time of custom
deployments and offers superior flexibility for adjusting to new market trends and
technologies, allowing you to offload maintenance as well as compliance and security risks.
The Bottom Line: What You Pay and What You Get
When adding up the costs of building and maintaining a custom CIAM solution, going with
a specialized provider starts to make a lot of sense. Here’s a simple example of how these
two approaches stack up for total cost of ownership.

6. 6
INFRASTRUCTURE
15 new servers
LICENSING
Perpetual, based on
processors or cores
SUPPORT MAINTANANCE
25% of licensing cost
DEPLOYMENT
16-24 person-weeks
CUSTOMER EXPERIENCE
4 person-weeks
BACK-END
APPLICATION INTEGRATION
20 person-weeks
INFRASTRUCTURE
None – cloud-based
LICENSING
Users or logins per year
SUPPORT MAINTANANCE
Included in service
DEPLOYMENT
4-6 person-weeks
CUSTOMER EXPERIENCE
OOTB Customizations
BACK-END
APPLICATION INTEGRATION
Pre-built with fee per application
CIAMIAM
COSTDRIVERS
$
COSTDRIVERS
$
IAM Versus CIAM: An Example
(Assuming 1 Million Customers and Five Integrations)
CIAM is much less expensive to implement for large-scale systems than DIY solutions, with
a streamlined implementation that gets you to market in a fraction of the time. Add the factor
of outcome — a better performing, more scalable, flexible and secure system — and it’s
easy to see why enterprises are turning to specialized CIAM providers to manage consumer
identities and drive superior customer experiences.

7. © 2017 Gigya, Inc. | 2513 Charleston Road #200, Mountain View, CA 94043 | T : (650) 353.7230 | www.gigya.com
Gigya, the Gigya logo, and Customer Identity Management Platform are either registered trademarks or trademarks of Gigya Incorporated in the United States and/or other countries. All other
trademarks are the property of their respective owners. Gigya does not own any end user data or maintain any other rights to this data, other than utilizing it to make Gigya’s services available
to our clients and their end users. Gigya acts as an agent or back-end vendor of its client’s website or mobile application, to which the end user of our client granted permissions (if applicable).
Gigya facilitates the collection, transfer and storage of end user data solely on behalf of its clients and at its clients’ direction. For more information, please see Gigya’s Privacy Policy, available at
http://www.gigya.com/privacy-policy/.
Gigya_White_Paper_Gigya_DIY_v_CIAM_201704
The Leader in Customer
Identity Management
About Gigya
Gigya’s Customer Identity Management Platform helps companies
build better customer relationships by turning unknown site visitors
into known, loyal and engaged customers. With Gigya’s technology,
businesses increase registrations and identify customers across
devices, consolidate data into rich customer profiles, and provide
better service, products and experiences by integrating data into
marketing and service applications.
Gigya’s platform was designed from the ground up for social
identities, mobile devices, consumer privacy and modern marketing.
Gigya provides developers with the APIs they need to easily build
and maintain secure and scalable registration, authentication, profile
management, data analytics and third-party integrations.
More than 700 of the world’s leading businesses such as Fox, Forbes,
and ASOS rely on Gigya to build identity-driven relationships and to
provide scalable, secure Customer Identity Management.
To learn how Gigya can help your business manage customer
identities, visit gigya.com, or call us at 650.353.7230.