Benchmark your organisation by answering these 10 multiple choice questions and we’ll send you a personalised report to help protect and grow your revenue streams.
1
{{Question01}}
Complex, labour intensive and outdated
On-premises, custom built.
Complex and labour intensive
Cloud based, custom built.
Safe
On-premises, third party.
Safe and future proof
Cloud based, third party.
2
{{Question02}}
A lot
All of the time of a dedicated developer or team of developers.
Quite a lot
Portion of a developer(s) time being pulled or allocated from other teams.
A little
Minimum dev effort to integrate/ update our customer identity system.
Virtually none
Typically no material development effort to integrate/ update our customer identity system.
3
{{Question03}}
Very basic
Basic level security leveraging only username and password.
Basic
Leveraging MFA to protect users against account takeovers.
Advanced
Risk modelling & adaptive intelligence using biometrics (e.g. Face ID) and behavioural inputs to assign risk/ step up authentication.
Very advanced
Continuous authentication, across extended/ indefinite user sessions utilising advanced risk modelling and internal/ external risk sensors.
4
{{Question04}}
Very basic
Basic username & password, or social authentication and basic credential policies.
Basic
Single sign-on across multiple applications, advanced sign-in policies, enabling users to sign-in with external identities.
Advanced
Passwordless authentication enables users to sign-in without passwords increasing security while enhancing user experience.
Very advanced
Omni-channel authentication integration enabling users to authenticate across channels.
5
{{Question05}}
Very basic
Self-serve, but limited ability for admins to create and manage users.
Basic
Self-serve with ability to manage customer profiles through a cloud-based user store or through an API.
Advanced
Extendable self-serve with integration with external or 3rd party services to modify & validate profiles.
Very advanced
Ability to incrementally build customer profiles over the customer’s lifetime.
6
{{Question06}}
Basic HTTP
HTTP Basic Authentication, cookie-based.
Basic API
API keys created by and for specific users, not related to their username/ password.
Standard API
API authorisation through industry standards like SAML & OAuth and integration with API gateway(s).
Advanced API+
API authorisation combining OAuth grant type, user group membership, and external data sources.
7
{{Question07}}
Cannot handle
Cannot handle any increases in traffic.
Can handle minimal
Can handle minimal increases in traffic.
Can handle moderate
Can handle moderate increases in traffic.
Can handle anything
Can handle substantial increases in traffic.
8
{{Question08}}
Expandable but very hard work
No out of the box 3rd party integrations, some feasible with significant effort.
Expandable but hard work
Limited integrations, takes considerable effort to build additional ones with partners.
Expandable
Easily extendable, tightly integrated, and enables a multi-vendor approach.
Very expandable
Very extendable, offering seamless customer experiences, more app functionality, and embedded security from day one.
9
{{Question09}}
Some
It differs – follows some industry standards/ best practices but does not have 3rd party validation of compatibility/ interoperability.
Nearly
Varies in some areas, but is influenced by industry standards/ best practices.
Yes, mostly
Closely aligns with industry standards/ best practices but takes effort to keep aligned with specs/ standards.
Yes, completely
Aligns exactly to the industry standards/ best practices, always updated to the latest specs.
10
{{Question10}}
Managed by Dev
Managed exclusively by developers.
Managed by Dev with IT/Sec knowledge
Managed by developers. IT and Security are informed, but don't participate in design and have limited knowledge.
Managed by IT/Sec, built by Dev
Managed by IT and Security, built by the Dev team. Challenges with expertise, scaling, and automating security.
Managed by IT/Sec/DevSecOps
Managed by IT and Security (DevSecOps). Users access using the same identity they use for other components, like SaaS apps/ email.