Skip to main content
IAM vs. CIAM CIAM Buyer's Guide Contact Us
Janrain respects your privacy and will treat the personal data you choose to share with us in accordance with our privacy policy.

What Okta’s IPO means for the CIAM industry

By Bryta Schulz | Posted on April 03, 2017

What Okta’s IPO means for the CIAM industry

The identity and access management (IAM) market has officially broken through with Okta’s IPO filing (and Ping’s $600 million acquisition prior to that). And while securing access to applications and devices in the enterprise has become a big-money enterprise in itself, the IAM market has barely scratched its growth potential. There is an even bigger–but no less important–need for secure access in the consumer world for customers connecting to brands via the web and smart phones today. And of course, this need will grow by leaps and bounds with the addition of the 30+ billion Internet of Things (IoT) devices that are expected to be in the marketplace by 2020.

This grand opportunity is, of course, not lost on IAM vendors, many of which have already been working to blur the line between consumer and employee identities. And the move has some merit. As organizations draw their employees–and to a certain extent business partners–further into the cloud, their customer relationships are often drawing consumers into the cloud as well. It makes sense for an IAM vendor to want to extend its management of business identities to that of customer identities given the challenges seem the same on the surface.

The problem is those challenges are in fact, not the same.

Customer Identity and Access Management (CIAM) and the Identity of Things requires significantly greater scale than enterprise IAM (think 100s of millions or billions rather than 100s of thousands of identities), not to mention an ability to manage distributed environments and understand consumer expectations and behaviors. Here at Janrain, we have been helping our clients enable their customers seamless movement around the web with no friction to the end user–something enterprise IAM vendors have never been called on to do – yet … And with the IoT opportunity, CIAM vendors like Janrain are much better equipped to scale exponentially and enable B2B, B2C and B2C2T use cases.

Look at regulation for example. In May of 2018, the European Union’s General Data Protection Regulation (GDPR) is set to go into effect. Billed as the most important change in data privacy regulation in 20 years, the purpose of GDPR is to protect the personal data of European citizens by giving control of their data back to the consumers. This regulation will affect any organization that has customers in Europe, regardless of where the business operates, and penalties for violations will be stiff: €20M or 4% of global revenue, whichever is higher. While lawmakers are now working to repeal the FCC rules that were passed last year to give consumers greater security, transparency and control over their data, the pendulum is in motion. We believe the trend toward user-controlled data—not enterprise-controlled data—is clear. Adhering to the ever changing personal data regulations of 196 countries–not to mention the individual permissions of the world’s 4 billion connected population across billions of devices–is a far cry from adhering to the enterprise access rules of thousands of employees.

Given these limitations, we expect IAM vendors to start looking to acquire or merge with smaller CIAM vendors to overcome limitations in scale and expertise. But even then, they will only be gaining the capabilities of smaller players that lack the vast expertise of established CIAM pioneers.

For more information on the topic, check out the webinar we presented with Forrester Research that demonstrates how customer IAM is fundamentally different from employee IAM.

Popular Posts

About the author

Bryta Schulz

VP, Marketing

As Vice President of Marketing, Bryta Schulz leads Janrain’s global marketing initiatives. Schulz brings 20+ years of experience marketing innovative enterprise, software as a service (SaaS), security and payments solutions. She has held positions at a number of top global technology companies including Xerox, RSA, Symantec and Thales. Schulz is a senior marketing, product and go-to-market executive with a record of driving product adoption, revenue and shareholder value at both early stage and publicly traded companies. Prior to Janrain, Schulz was the Senior Vice President of Marketing at Vindicia, where she was a key member of the management team, successfully driving rapid growth of the sales pipeline and spearheading the company’s global expansion. Schulz holds a Master of Arts in Translation from the Johannes Gutenberg University Mainz and a Master of Business Administration from the University of Reutlingen.

View all posts by Bryta Schulz