'7 Minutes' with Ubisecure CEO Simon Wood

European roots make Ubisecure well-positioned to help U.S. companies navigate identity- and access-related GDPR challenges.

Lorna Garey

July 7, 2017

11 Min Read
7
Shutterstock

**Editor’s Note: “7 Minutes” is a feature where we ask channel executives from startups – or companies that may be new to the Channel Partners audience – a series of quick questions about their businesses and channel programs.**

Last month Ubisecure, the identity and access management (IAM) and security software company, updated its channel program with a goal to be 100-percent partner-driven within three years. Ubisecure’s focus is on systems integrators, MNOs and service providers; current partners include Avenade, Capgemini and CGI. Ubisecure provides IAM solutions that can manage customer as well as employee logins, and it has an offering in the emerging identity as a service, or IDaaS, space.

Wood-Simon_Ubisecure.jpg

Ubisecure’s Simon Wood

It’s competing with specialists such as SailPoint, Okta, Ping Identity and SecureAuth, as well as the likes of CA, Microsoft, IBM and Oracle for an access control market that analysts say is growing: By 2019, more than 80 percent of organizations will use access management software or services, up from 55 percent today, according to Gartner. Allied Market Research says global sales will reach $2.8 billion by 2020. Customers need IAM to control and audit access to systems, applications and data, on premises and in the cloud, no matter what device authorized customers, partners or employees are using.

One selling point for Ubisecure, which is based in the U.K. and Finland, is expertise to help customers navigate the EU’s General Data Protection Regulation. The GDPR applies to all organizations that offer goods or services to EU residents, or that collect and analyze their personal data. Enforcement begins May 25, 2018, and heavy fines may be imposed for noncompliance. Ubisecure CEO Simon Wood says helping SIs, MSPs and CSPs build GDPR support into their services is a core component of Ubisecure’s on-premises and cloud-based offerings.

“Our role as a CIAM provider is to empower digital business,” said Wood. “When a business adopts our technology, they are empowering their own customers though a modern self-service model, providing frictionless registration, and giving the ability to manage the authorizations and consent to services and specific information content or web services.”

Ubisecure is also working with the GSMA on Mobile Connect, an interesting area for MNOs.

Wood was named CEO in January; he was formerly CTO with GlobalSign.

Channel Partners: Tell us what customers love about your product or service. What’s the secret selling sauce?

Simon Wood: Ubisecure has been a leader in the customer identity & access management (CIAM) space for over a decade. With that commercial, technical and standards experience comes world-class expertise in the CIAM arena that we share with our partners through our Partner 2020 program.

As for our products, our platform supports a broad range of IAM functionality, such as privacy by design, web single sign-on, self-management, identity federation and more, but has also been optimized for large-scale B2B or B2C use cases and regulatory-driven compliance use cases like GDPR and PSD2 [Revised Payment Service Directive, another EU reg coming online in 2018]. We are also very active in …

… the emerging GSMA Mobile Connect space, where our identity-brokering solution allows mobile network operators to provide Mobile Connect identity services (using your mobile phone to register, authenticate, use single sign-on) to digital services like retail, utility, government and finance websites and mobile services.

Our partners love the fact that with our technology they can transform their customer’s business processes into digital processes, create new processes, generate new revenue streams and create massive cost savings. The ROI of using Ubisecure CIAM technology is fast. One of our award-winning solutions with a mobile network operator created an ROI of 130 percent after the launch of their self-service portal, and one of our earliest customers, a national tax authority, has enjoyed cost savings in excess of €100 million since deploying a solution using our CIAM technology.

And this is global. We enable and empower companies from local SMEs to large multinationals. We enable our customers to go digital, and that’s why they like us.

CP: Describe your channel program — metal levels, heavy on certifications, open or selective, unique features?

SW: Our channel program, Ubisecure Partner 2020, has just been through a major update and is now a global vehicle servicing the growing ecosystem of Ubisecure partners and customers. Our typical partner profile is a system integrator with a good understanding of identity management and whose business is to help customers plan, deploy, operate and maintain their IAM solutions. We offer partners the products and APIs to build CIAM functionality into their own offerings, and we collaborate on sales, marketing and deployment with partners running identity practices.

For 2017 we have made the strategic decision to move Ubisecure to being partner-centric and focused. We aim to be 100-percent channel driven over the next three years. This avoids conflict with the channel and helps Ubisecure scale — meaning we get to spend more time developing revenue-generating features that provide new advantages and benefits to our partners and their customers.

It is easy to join the Ubisecure partner ecosystem initially as an associate partner. All you need is proven competence or products related to the identity and access management space. But we do encourage partners to enroll for the higher level of certified partner. Certified partners receive extensive CIAM training for their employees and consultants along both technical and commercial tracks via the Ubisecure IAM Academy and receive other commercial advantages. The IAM Academy (leading to partner certification) covers all aspects of the IAM and CIAM market, as well as a technical deep understanding of the platform and use cases.

We recognize that our partners have different roles in the identity ecosystem. To this end, we provide Ubisecure Partner 2020 programs in three categories: first, Implementation Competence Partners; second, CIAM Vision and Guidance Partners, and then third, technology and services for partners with their own Ubisecure interoperable products or services. We work with the different partner types closely to align our offerings and go to market, to best help each partner achieve their business goals.

CP: Quick-hit answers: Percentage of sales through the channel, number of partners, average margin. Go.

SW: The Ubisecure Identity Platform is deployed in two forms — Identity Server (where the customer runs Ubisecure IAM software on-premises or from their own private cloud environment) or Identity Cloud (which is deployed from a cloud instance specifically dedicated to provide managed IAM and CIAM services). Many of our partners run …

… Identity Cloud as part of their SaaS solutions for their customers, and other partners help deploy Identity Server software on-premises as part of their customer’s business transformation initiatives.

Currently around 50 percent of our sales and delivery for those on-premises and cloud implementations happens through partners, but we expect that to increase to almost 100 percent over the next three years.

We currently work with around 20 system-integrator and consultant partners around the world.

The reseller program provides a substantial margin on licenses to the partner, but the good thing about working with Ubisecure is that license revenue is just one element in the total revenue stream a Ubisecure partner can expect. In addition, our channel-centric delivery model offers partners the potential of more revenue (multiples of the license revenue, in fact) from the wider SI work and operational supporting services needed by the customer for a successfully delivered project.

CP: Who are your main competitors, and what makes your offering better?

SW: Our competitive landscape has traditionally been employee-focused IAM solutions, with many well-known names in the enterprise software space. But as our customers have found, it is very risky to try and solve your customer identity management challenges with solutions that are originally designed around employee identity issues. Most companies have more customers than employees, making scalability requirements very different for CIAM use cases compared to traditional IAM cases. We have developed our platform around scalability by building a data model that supports large volumes of identities, and we’re now seeing an increasing number of SIs turning to Ubisecure to layer our capabilities on top of existing IAM solutions.

Our key differentiators in the pure CIAM space come from looking at how we’ve built the functionality of our Identity Platform around business value. We have many years of experience in understanding customer identity problems in terms of both business pain and technology risk. As a result, the business value of using Ubisecure impacts both the top and bottom line. We organize the impact in four different areas: customer experience; operational efficiency; security and privacy; and meeting regulatory requirements.

  • Impacting customer experience means increasing customer capture, conversion, and engagement with a consistent customer experience across all channels and devices.

  • Impacting operational efficiency means minimizing operating costs by streamlining resource-heavy workflows, using scalable self-service identity management, and linking the CRM contract information with identity data.

  • Impacting security and privacy means improving controls around PII (personally identifiable information), enforcing per service security and authorization policies, employing multi-factor authentication and building in privacy by design.

  • Impacting regulation compliance such as GDPR and PSD2, where controls around authentication, data collection, handling, sharing and consent control require modern identity solutions. We’ve seen the need to manage PII (personally identifiable information) consent become an incredibly hot topic due to GDPR, which goes into effect in 2018.

CP: How do you think your technology portfolio will change in the next three years?

SW: We have been operating in the API economy before the term was widely used, so we naturally see …

…having more and more integrations to third-party services. Also, despite the fact that there are very mature and solid identity standards widely in use, there is much room for evolution and innovation. We will continue being part of the standardization and development of our industry and further develop the common principles for both interaction and integration.

We are also seeing CIAM benefits gaining wider traction with the uptake of new technologies like GSMA’s Mobile Connect, and of course, due to the impact of the upcoming GDPR regulation.

We are investing in Mobile Connect and the features needed for the growing number of global use cases, and we already have several pilots using the technology around the world, including a pilot in Canada in collaboration with EnStream (a joint venture of Canada’s national mobile operators) that was recognized as a GSMA Global Mobile Awards 2017 finalist.

Mobile Connect is an interesting new technology that provides a simple and rich user experience for mobile subscribers to use their smartphones to register and authenticate to participating e-services — think of how much easier life will be if, with a quick click on your mobile phone, you can register and then subsequently authenticate (log in) to an e-commerce or utility website. Right now, we’re expected to fill out yet another form and trust that yet another website will look after our personal information. It’s exciting to see the Mobile Connect solution gain traction, and we have big plans around this technology with our mobile ecosystem partners.

We also expect to make GDPR-driven consent management as easy as possible for both the consumer and the business holding the consent itself. We believe this regulation will have a massive effect on the way that CIAM is positioned in the marketplace.

CP: How do you expect your channel strategy to evolve over that timeframe?

SW: CIAM is a hot topic. We’ve explained that there are several driving forces behind it, and our technology is very attractive both for our partners and customers. We will see our partner network grow further, especially as we expand internationally. We will also see more and more specialized partners in all our three partner categories.

We are also developing our partner and developer community by facilitating service spaces and infrastructure for partner collaboration across our ecosystem. This means partners can benefit from a marketplace with integration, service components or plug-ins developed from within the partner ecosystem. Hence, there will be more revenue streams as well as license commissions and fees, service subscriptions, consultancy work and support and maintenance.

CP: What didn’t we ask that partners should know?

SW: We have found that, especially for new partners, it is crucial that Ubisecure actively seek leads and prospects to bring to the partner so that we can handle the first cases together. This is quite a unique approach to partnerships that we find to be very successful. After the partner has ramped up knowhow, they will be able to actively seek new opportunities on their own, but that does not mean we will stop bringing opportunities to the table.

In each selected market, we’re always looking for new customers to bring to our partners. We create a business plan together and drive it forward.

Each customer will bring consulting, deployment, integration and, after deployment, maintenance revenue for our partner. On top of that, we give a very healthy commission from the sale.

Read more about:

Agents

About the Author

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like