SaaS User Management Without the Headache
Quick, how many logins do you have? If you had to guess, you might say somewhere in the range of 10-20. However, you’d be surprised by how many websites require login credentials. On average, a consumer has at least 25-30 password-protected accounts, and for business users, that number can spike to over 190. That makes SaaS user management one of the most critical functions of an application.
As an individual, it can be overwhelming to manage that many usernames and passwords. That, of course, is assuming that you aren’t taking the easy (and insecure) route of using the same details for each account. For a business, with thousands or millions of users, it’s all but impossible.
So, with that in mind, we’re going to look at the problems plaguing the modern user acceptance model, and how apps like FusionAuth can help. We sat down with Brian Pontarelli, founder of FusionAuth, to get insight into why this component is so frustrating.
Problem #1: Security Breaches
If you follow the news, you’ve heard about massive data breaches for some of the largest companies in the world. At their worst, they can put millions of user’s information at risk, including credit history, card numbers, addresses, and passwords. That makes SaaS user management a critical “must execute” function.
However, while those big breaches make national headlines, it’s the smaller ones that go unchecked, and that’s where the real problem lies. If you have an account with a small business, your data is much more likely to get hacked. Most owners have no system in place for verification and heightened security, meaning that accounts are ripe for hacking.
The real problem here is convenience. Yes, it would be more secure to require multi-channel authentication and for users to enter login details every time. However, from a customer perspective, that is so cumbersome that it will turn users off of the idea of coming back.
According to Brian, that’s where the future of SaaS user management lies. Whether it’s FusionAuth or some other system, the critical point will be merging convenience and security in a way that makes sense. Fortunately, technology is advancing rapidly enough that solutions are already becoming available.
Problem #2: No Standardized Systems
For a brief period, most websites and users were more than satisfied with letting Google and Facebook manage their accounts. The option to login via either platform was simple and alluring, and above all, safe.
Unfortunately, as more and more information revealed how these companies were using that data, consumers are beginning to be concerned about the practice. What that means, however, is that individuals have to manage even more passwords and login details. Since most people tend to reuse passwords, the issue of security is now even more critical.
Thankfully, that is changing with a world-class SaaS user management framework. Currently, businesses have to piecemeal a solution from a variety of programs and apps, but a standardized system can be a game-changer. Now, companies can hand over processes to a third party and get better results for themselves and their customers.
Problem # 3: Scaling and Data Management
When a website has only a handful of users, it’s easy to gather data on them and pull it up as necessary. However, when a site has thousands or millions of accounts, it’s impossible to manage them with any kind of speed or efficiency.
To make matters worse, SaaS user management solutions that work for a dozen users won’t work well for scaling. Take the case study of Pokemon Go. When the app launched, the servers were overwhelmed immediately, which meant that most players had to wait forever to log in. While the problem has since been solved, it took months to get a solution up and running.
So, when building a SaaS user management model, companies need to make sure that they can scale effectively without losing convenience and security.
The Future of SaaS User Management
While apps like FusionAuth are making it easier for businesses, technology will only expedite better solutions. According to Brian, here are some options that will become more widespread in the future.
- Keystroke Validation – when a bot tries to enter a password, it’s not using a keyboard. Systems can tell when someone is typing, which can prevent unauthorized hacks.
- Geotagging – you can potentially make areas like your home safe for logging in since chances are a burglar or hacker won’t try to gain access inside your house.
- Biometrics – smartphones and mobile devices make it easy to use fingerprint and facial recognition as an added layer of security. Many mobile versions of sites have this feature already.
- Physical Security Keys – rather than typing passwords, you can have a key that will “unlock” your device. As long as you have the key and a PIN, you don’t have to worry about entering passwords for individual accounts.