IdM is different for SMBs
One of the interesting discussions to come out of our CAB meetings (see my last post) was a discussion on how identity management is a whole different ballgame for Small and Medium Businesses. As a start-up, Thor Technologies could only focus on a specific segment of the market rather than trying to satisfy everyone. And the market we ended up being strong in was the Financial Services market. We were dealing with customers that played to our strengths – very sophisticated requirements, high degree of product flexibility needs and (most importantly to a startup) big budgets. As time went by, we found ourselves entering other markets and finding what other industries already knew – the SMB market is a very different beast.
With the SMB market, the keyword is “Out-Of-The-Box“. The system should be able to get up and running with minimal work and as quickly as possible. Quite the opposite of our previous customers. And in some sense, this didn’t quite fit in with what we knew as identity management – unique business processes and approval workflows, customized enterprise infrastructure and diverse user communities. It took some time to arrive at the two things that we needed to do in order to support the SMB market – OOTB Content and key Usability features.
The essence of OOTB Content is that whatever we provide – connectors, workflows, policies – has to meet the most common use cases. And if customization is required, then there must be easy-to-use tools to do so with minimal effort. The content discussion was a raging debate at the CAB. Larger customers would argue for more features and more flexibility, and couldn’t care less about content since anything we came up with would need to be heavily customized for their unique environments anyway. Smaller customers on the other hand cared about the content and the content generation/manipulation tools. It is an interesting balancing act. How do we preserve the highly flexible nature of our products without sacrificing usability?
The answer lies in the creation of a unique functional abstraction model that builds on itself. Those wanting maximum flexibility dig into the lower layers of the abstraction, while those wanting minimal configuration deal with the higher layers. It is an elegant solution that OIM has had for quite a while. Moving forward, we are not only enhancing it, but pushing this concept into the entire IdM product line. This is extremely important for Oracle, as the SMB market is a major focus for our business. In fact, Oracle Identity Management has a dedicated page for the SMB market, with some valuable resources. Check it out.
It would be useful to hear from the community what they view as the most pressing needs in IdM for the SMB market. As mentioned, IdM products have not traditionally catered very well to this market (for the reasons alluded to above). Now, however, that is changing, not just within Oracle but in other vendors like Novell and Sun as well, all of which have made significant changes to their roadmaps for this reason. There is still a lot to be done though, as the typical cost ratio of license to implementation is still heavily skewed to the implementation side (and not because license is cheap).
P.S.: In writing this post, I visited the link for Oracle IdM for SMBs, and noticed that they currently have a special pricing offer for SMB customers. It seems to be time-limited however, so check it out. While there, you can also read the success story of Silicon Image, an SMB deployment that I described in a previous post.
I view the SMB space as companies with <$1B in revenue, with a few hundred to several thousand employees.
These companies want what the Fortune 10 want, without the price tag and without the associated overhead of Day 2 issues � Training, support, and management of infrastructure and applications. They also want most of the configuration and/or customization to be baked into the offering.
Nishant solicited some feedback, so here it is –
Where I think companies will be successful in rolling out identity management solutions will be related to how many best practices are baked into the offering. I also strongly believe that mid-market companies will want to eat the identity elephant in bites, that is to say to roll things out in phases for a fixed cost.
They will also likely want to host some or all of their identity/access management solutions with a hosting company such as NaviSite, who can offer the infrastructure (ping, power, pipe) as well as the expertise to manage a deployment and in many cases provide the implementation services as well. They will also want to outsource the care and feeding (patches, OS, DB, capacity management, backups, etc) of their environment since they want to spend as little time as possible managing infrastructure.
Where I see Oracle, Sun, IBM and others having the best reach in this market are to offer Identity solutions that are useful (processes and configuration thought out and included), managed by others (outsourced), and at a price point that is calculated per user, and spread out monthly so the infrastructure is not an asset to be depreciated, but a service that is an expense.
This gives the SMB companies solid functionality, intrinsic value beyond the feature set, and a way to enable trust inside and outside their companies.