1 Introduction
Salesforce, based in San Francisco with offices around the world, was founded in 1999. The company started with Customer Relationship Management Software as a Service, but through acquisitions and development now offers a plethora of sales, marketing, analytics, storage, and application solutions. Salesforce Identity is not only the IAM foundation for Salesforce, but also is offered to customers as IDaaS and for CIAM solutions.
Traditional IAM systems are designed to provision, authenticate, authorize, and store information about employee users. User accounts are defined; users are assigned to groups; users receive role or attribute information from an authoritative source. IAM systems are generally composed of user identities stored in directories, credentials, authenticators, authentication and authorization services for Web Access Management (WAM), identity federation for cross-domain support, and IAM governance functions.
Historically, IAM systems have generally been deployed on-premise, in an inward-facing way to serve a single enterprise. Over the last decade, many enterprises have found it necessary to also store information about business partners, suppliers, and customers in their enterprise IAM systems, as collaborative development and e-commerce needs have dictated. Many organizations have built extensive identity federations to allow users from other domains to get authenticated and authorized to external resources. Traditional IAM scales well for environments of hundreds of thousands of users.
Today, many organizations have identity requirements that transcend the limitations of legacy IAM architectures. Some companies predominantly use cloud-based resources for most all their business needs: data storage, collaboration, CRM, ERP, travel & expense reporting, etc. In many of these cases, these organizations have opted to offload IT and business application support to these third-party service providers for cost reasons. For those customers, Identity-as-a-Service (IDaaS) can be a good option, as it adheres to the cloud utilization model, and many IDaaS solutions are tightly integrated with common SaaS apps.
Consumer Identity and Access Management (CIAM) is the fastest growing segment within the overall category of IAM. Business drivers such as Digital Transformation, Know Your Customer, customer- focused UX improvement initiatives are leading many organizations to rapidly seek and deploy specialized CIAM solutions. Many businesses and public sector organizations are finding that they must provide better digital experiences for and gather more information about the consumers who are using their services.
Enterprises want to collect, store, and analyze data on consumers to create additional sales opportunities and increase brand loyalty. Consumer IAM systems are designed to provision, authenticate, authorize, collect and store information about consumers from across many domains. Unlike regular IAM systems though, information about these consumers often arrives from many non- authoritative sources. CIAM systems generally feature weak password-based authentication, but also support social logins and other authentication methods. Information collected about consumers can be used for many different purposes, such as authorization to resources, or for analysis to support marketing campaigns, or Anti-Money Laundering (AML) initiatives. Moreover, CIAM systems must be able to manage millions of identities, and process potentially billions of logins and transactions per day.