shopify traffic stats

Okta@Home

A case study looking into how Okta, an enterprise identity management security company, can expand into the consumer market.

Okta@Home
As part of my product management training in the San Francisco Summer 2016 Product School cohort, I completed a case study looking into how Okta, an enterprise identity management security company, can expand into the consumer market. This entry covers the process of company research, product feature discovery, validation, UX mockups, a Product Requirements Document, and Go To Market (GTM) planning showing many of the skills and tools learned during the course.

1. Company, Personas, & Key Metrics

Okta (https://www.okta.com/company/vision/)

Core Value:

“Our vision is to be the system that enables any company to adopt any technology.”

Okta allows professionals to securely access their applications and tools anytime, anywhere, on any device. Okta’s products help both IT professionals and developers quickly integrate Okta’s solutions into their environments to empower their end-users to be productive by providing:

  • Complete identity management for IT professionals
  • Continually verifying trust relationship between end-users, tools, and companies
  • Easing the authentication process for end-users across all their tools and devices

What Product(s) Do They Have:

Okta has a set of products that serve both IT professionals (i.e. your typical enterprise team dedicated towards managing identity and security at medium to large sized companies) and to product teams creating software (i.e. developers who want to easily hook into services providing secure identity management for all its users and their tools, without writing lots of custom code). These two ends form the relationship between end-users, the tools they use to get their job done, the company that manages these users and tools, and the long list of other companies that develop and sell these tools.

Okta provides:

Universal Directory (a source of truth of users), Provisioning (managing the creation and removal of users and their relationships to company tools), Adaptive MFA and Mobility Management (continued verification of trust between users, their devices, and their tools). Additionally for product developers, Okta provides: Social Authentication (easily integrate popular social networking login frameworks to your own tools), Inbound Federation (securely share trust relationships with your tools customers and company partners), AD and LDAP Integration (seamlessly integrate with any existing legacy identity management tools you already use).

How Do They Make Money:

Okta charges per user in your enterprise (typically ranging from $1-$8 / user / month) with different features available at different tiers. For large 5,000+ enterprises, the cost is  directly negotiated with possible volume discounts.

Societal/Technical Trends Around Their Product(s):

Okta is at the forefront of the following trends:

  • BYOD (bring your own device): any device used anywhere for any employee
  • Cloud based: Okta is part of a new wave of enterprise products ripping out high touch traditional management solutions that are proprietary and/or managed on premise (i.e. high cost of managing the hardware infrastructure and software configuration related to identity when it is installed within an enterprise’s environment). In the last 2-4 years even ‘late majority’ enterprises on the adoption curve are now willing to push identity management into the cloud.

    --> Breadth of integration: Okta has focused on integrating with as many applications and tools as possible early on, which only increases the benefits of having a flexible cloud implementation
  • Security concerns: In the last 2-4 years the press has heavily covered security issues (think data breaches and customer financial loss) as users are so heavily invested (data and money) in online applications at work and at home. This general increase in awareness has created a healthy funding environment, while also creating several competitors. Security may not quite be top of mind of users outside of the work environment, but certainly within the walls of an enterprise security is now a top priority at most companies.

Additionally since Okta was not only early in providing solutions in this space, but aggressive in creating a integrations and a platform, Okta is seen very favorably in end-user reviews.

Key Personas & Use Cases

Because Okta is an end-to-end solution in a very complex enterprise setting (i.e. a many to many to many relationship between users, tools, companies), they likely have several personas (too many to list here). However there are some key personas that must have been the basis for the original product and some that will make specific sense for product ideas I have:

Angie (Internal employee - IT Administrator at Rentr, 500-1000 person company)

Key Characteristics:

  • 40 years old
  • Upper middle class
  • 1 child, married
  • BS in Electrical Engineering
  • 15 years industry experience

Goals:

  • Keep employees productive
  • Minimize security risks and breaches at BizGo
  • Reduce time and costs spent on internal technical logistics
  • Wants to be seen as partner and enabler for colleagues, not an obstacle or time sink

Pain Points:

  • Manual time her team spends on responding to employee issues
  • Barrage of password resets everyday preventing her team working on longer term goals
  • New employees have long spin up time before they are integrated with all company tools
  • Can’t push company policies on all devices and applications the employee uses
  • Occasionally small 2-4 person consultants work on special projects with internal development team for short month long windows, but they spend a week setting them up with the same tools as the rest of the team

Billy (Internal employee - HR Director at BizGo, 15000 person company)

Key Characteristics:

  • 52 years old
  • Upper class
  • 3 children, married
  • BA in Psychology

Goals:

  • Make a great impression on new employees so they are set up for success in the company
  • Wants HR team to be seen as friendly enabler vs. company policy enforcer
  • Wants contractors/consultants to feel ‘at home’ when working temporarily with his company

Pain Points:

  • Can’t onboard new employees quickly so they can begin using their new devices and software tools immediately
  • Employees on extended leave of absence or leaving the company are immediately prevented access from core company tools and data even before they get the chance to turn in all their devices

Regina (App Developer at TrnKey, 10 person company)

Key Characteristics:

  • 28 years old
  • Middle class
  • Single, no children
  • BS degree in Computer Science

Goals:

  • Needs to get as many users on TrnKey app as possible
  • Has TrkKey app on the latest technologies in front end web development
  • Wants to hire more developers to help scale app

Pain Points:

  • While TrnKey continually gets users to check the website or download the app, TrnKey is having a low user sign up conversion rate
  • Company only has 2 developers and no time to support user issues with password resets or login issues

John  (Internal Employee - Social Media Marketer at FanGram, 250 person company)

Key Characteristics:

  • 30 years old
  • Middle class
  • Single, no children
  • BA in International Relations
  • Early adopter of all social and communication services

Goals:

  • Stay connected with FanGram’s users on several social marketing channels (Instagram, Facebook, LinkedIn, Snapchat) on any of his work or personal devices
  • Create discussions with FanGram’s registered users daily at work and home
  • Wants to maintain a unique, casual, and personal brand for the company despite working with several companies (sponsors) during promotions

Pain Points:

  • Managing all his passwords for several internal marketing and sales tools and social websites is a pain
  • Has to share the login information for the social marketing accounts on Facebook, Instagram, etc with social marketing team manually so they can all post on behalf of FanGram
  • Often times someone on the team forgets social media account password and initiates a reset, but not everyone is aware of the password change
  • He occasionally forgets to switch between his personal and work accounts for social media accounts when posting content, usually when he is on his mobile phone

Some actual Okta product reviews for persona sourcing

Key Success Metrics

Because Okta is an end-to-end solution in a very complex enterprise setting (i.e. a many to many to many relationship between users, tools, companies), they likely have several key metrics for each segment they serve, overall metrics for company success, and some holistic metrics:

Platform success metrics:

  • # of developer apps integrated / month (is Okta growing at a steady pace at being integrated as an identity manager for new developer applications)
  • # of single sign on platforms integrated / month (is Okta’s Application Network growing at a steady pace at integrating with existing services)

Product health success metrics:

  • # of logins / platform integrated (are users actually using Okta on these platforms?)
  • # of applications / company (are companies integrating all their tools with Okta?)
  • % customers using universal directory product (are companies using Okta as their source of truth for identity management and ripping out legacy products?)

Customer metrics:

  • average # of hours between user deleted and user deprovisioned from all apps (is the product helping companies save time handling outgoing employees/contractors?)
  • average # of hours between user added and user provisioned for all apps (is the product helping companies save time handling incoming employees/contractors?)
  • # of manual support tickets / user (are companies saving money and time using Okta?)
  • # of password resets / user (are companies seeing fewer password resets and saving time and money?)

End-user success metrics:

  • # of logins / application / user (are end users actually using all the tools available to them?)
  • average # of consecutive logins without entering password / user (are users able to increase their productivity?)

Additionally, Okta would likely source NPS style data from its customers and use customer forums at conferences such as Oktane to overlay qualitative data over the aforementioned quantitative data.

Competitive Landscape

The Identity and Access Management sector serves both end users (B2C) and enterprise customers (B2B). Okta has focused on developing a cloud based end to end solution that handles security and trust between applications and users. Okta has also focused on the logistical management of handling end users within an enterprise and connecting Okta’s platform with the long tail of enterprise applications.

Okta’s competitors generally either started as legacy enterprise on premise solutions (Windows, IBM, Salesforce, Ping Identity PingOne), consumer focused password managers (One Login, LastPass, and others), or cloud based competitors with a true overlap of capabilities (Centrify). Traditional distinctions between on-premise and cloud based identity management have blurred, and will likely be gone entirely in the future.

However, the line is also blurring between enterprise identity management (where Okta currently has a solution) and consumer identity management (think end user password managers, where Okta currently does not have a solution). In 2015, enterprise company LogMeIn acquired LastPass and now has a strong play in both consumer and enterprise identity management. Likewise, consumer and enterprise company Intel Security acquired  consumer focused PasswordBox providing another example of a dual consumer and enterprise identity management play.

Other ongoing areas for improvement for Okta are its reporting capabilities and integration with traditional onsite Identity Management solutions.

2016 Gartner MQ Report for Identity and Access Management as a Service

Main competitor list:

LastPass Enterprise

OneLogin

Ping Identity PingOne

Windows Azure Active Directory

Centrify

IBM

Salesforce

(many more players as well)

2. Identifying Opportunities

Product Goal:

To increase end-user retention and engagement with Okta’s identity management solution by allowing users to manage their online identity outside of the enterprise setting.

This increased end-user engagement will strengthen the mutually beneficial relationship between Okta’s Application Network (OAN) platform and Okta’s developer platform. This will help organically grow the customer base and sales as the developer platform grows to handle increased end-user demand of specific apps that are key in personal identity management.

Long term, this measured foray into the consumer space will help build a universally managed identity for a user across their work and personal lives and ensure Okta is the platform that delivers the entire experience.

Key Success Metrics

Initial feature success:

  • % of existing users at a company to enable Okta’s new personal identity management feature (Okta@Home)
  • # of logins / Okta@Home user (are Okta@Home users actually using the feature once enrolled?)

Impact of Okta@Home on growing Okta’s overall platform metrics:

  • # of developer apps integrated / month (is Okta growing at a steady pace at being integrated as an identity manager for new developer applications; compare to baseline before Okta@Home release)
  • # of single sign on platforms integrated / month (is Okta’s Application Network growing at a steady pace at integrating with existing services; compare to baseline before Okta@Home release)

Retention over time:

  • # of Okta@Home logins / user after terminating work with an Okta enterprise customer (are users still using Okta@Home in the personal life if they leave the enterprise company?)
  • Net Promoter Score of users who enabled Okta@Home

Opportunity Hypothesis

I believe Okta end-users experience poor security and identity management experiences outside of the enterprise because the current consumer solutions are unknown and focus on password management. Alleviating that pain will help these users protect and manage their identity at home. End-users productivity would increase away from work as they use familiar enterprise tools at home, but they would have to accept allowing Okta to handle their personal application’s identity information and limit these integrations to those available in Okta’s Application Network.

Validation:

This feature is already on the company internal roadmap according to COO (see 0:46):

http://video.cnbc.com/gallery/?video=3000219255

Sales engineers and support have seen this question frequently from existing users:

https://support.okta.com/help/answers?id=906F0000000XZCNIA4

Two enterprise competitors have acquired consumer focused password managers to have plays in both enterprise and consumer identity management:

  • LogMeIn acquired consumer leader LastPass in October 2015. LastPass already had an integrated enterprise and consumer play, however it does not provide the true end to end identity management that Okta does for enterprise.
  • Intel acquired consumer focused PasswordBox in December 2015. It has alread been integrated and rebranded as Intel Security TrueKey. Although this is mostly a consumer play, because Intel produces hardware for enterprise, this solution could potentially morph into an enterprise solution. It is priced at $20/year (about $1/mo).

Why is this the most important thing for the company to work on next?

While Okta has done well in the enterprise segment so far, they have little to no foothold on identity management in the consumer space. Just as the last wave of BYOD (bring your own device) blurred the line of personal vs work devices to the point that virtually all major consumer devices are now present in the workplace, the same is happening with applications and services. Most applications are not mutually exclusive among enterprise and consumer spaces; social apps can be used for work (Instagram, Facebook, Tumblr, etc) or productivity apps can be used for projects at home (GitHub, Slack, Office365, etc).

Okta’s overall vision is to ‘enable any company to adopt any technology’ and make sure ‘people can access their tools more smoothly and securely than ever before’. The division between enterprise and consumer is blurring due to applications playing in both spaces; it is vital that Okta stay a leader in the space to ‘enable any person to adopt any technology’. Productivity at work can greatly be affected by productivity at home. Security threats can originate in the consumer space and enter the workplace (e.g. a personal device that has corporate access can be compromised outside of the office and present many challenges). Given these trends multiple competitors have made strategic acquisitions in the last year to be able to straddle both ends of the line.

Okta’s existing product offers many of the key technologies required to enter the consumer space. The existing product already allows for creating a personal identity management section that is private from an employer. By enabling users to continue this capability independent of their employer will help Okta have better end-user retention and ultimately drive growth in Okta’s Application Network and developer integration platforms.

3. Product Requirements Document

Title: Okta@Home

Overview

Okta’s overall vision is to ‘enable any company to adopt any technology’ and make sure ‘people can access their tools more smoothly and securely than ever before’. Okta@Home will help evolve this vision to ‘enable any person to adopt any technology’. Just as the last wave of BYOD (bring your own device) blurred the line between consumer and work devices to the point that most consumer devices are now present in the workplace, the same is happening with applications and services. Most applications are NOT mutually exclusive among enterprise and consumer spaces; social apps can be used for work (Instagram, Facebook, Tumblr, etc) or productivity apps can be used for projects at home (GitHub, Slack, Office365, etc).

Okta@Home will help end-users with identity management in any environment, allowing them to achieve productivity gains. Okta’s existing product offers many of the key technologies required to enter the consumer space. The new feature will expand upon the current capability to create and manage personal login information within the end-user portal, but allow and separate access to this information independent of the company’s Okta portal. This will help Okta achieve increased end-user retention and ultimately drive a symbiotic growth between Okta’s Application Network and developer integration platforms.

This feature has been Okta’s roadmap internally for many years and even communicated externally by our COO. Sales engineers and the support team have fielded this question from end-users several times; many end-users do not take advantage of the product’s current ability to manage personal information due to a lack of awareness or lack of clarity on what happens to this information if they are no longer working at their Okta enabled employer.

The Okta portal does currently allow end-users to create personal tabs and manage their own personal websites:

However, many users are not aware of this capability and have no assurances of what happens to this information if they leave their current employer. Furthermore, while the personal information for these websites have already been isolated from employer traffic in the backend, users are still apprehensive of what personal information is shared with employers. Expanding on this current capability by making access to this personal tab independent of their work domain combined with better messaging can help increase end-user engagement and retention.

Competitor Landscape

Two enterprise competitors have acquired consumer focused password managers to have plays in both enterprise and consumer identity management:

  • LogMeIn acquired consumer leader LastPass in October 2015. LastPass already had an integrated enterprise and consumer play, however it does not provide the true end to end identity management that Okta does for enterprise.
  • Intel acquired consumer focused PasswordBox in December 2015. It has already been integrated and rebranded as Intel Security TrueKey. Although this is mostly a consumer play, because Intel produces hardware for enterprise, this solution could potentially morph into an enterprise solution. It is priced at $20/year (about $1/mo).

User Win

Okta end-users experience poor security and identity management experiences outside of the enterprise because the current consumer solutions are unknown and focus on password management. Alleviating that pain will help these users protect and manage their identity at home. End-users productivity would increase away from work as they use familiar enterprise tools at home, but they would have to accept allowing Okta to handle their personal application’s identity information and limit these integrations to those available in Okta’s Application Network.

Clarity on messaging regarding the ability to use this feature without sharing personally identifiable information with end-user’s employers and the ability post-employment is CRITICAL. Any limitations on Okta’s catalog of integrated apps for personal use are much easier to manage as the catalog grows over time and this feature will specifically help receive feedback in that regard.

Success Metrics For Feature

[MVP/NOT MVP] metric [current baseline / target]

Initial feature success and adoption will focus on:

[MVP] % of existing users at a company that enable Okta@Home (are users aware of the feature?) [0% - 5%]

  • existing enterprise users that enable Okta@Home / total existing enterprise users

[MVP] # of entries added in new Okta@Home feature / user (are users actually setting up and interacting with the feature) [0% / 3%]

  • total number of Okta@Home entries made / total # of Okta@Home users

[MVP] # of logins / Okta@Home user per day (are Okta@Home users actually using the feature once enrolled) [current baseline / +5%]

  • total number of Okta@Home logins in one day / total # Okta@Home users
  • Compare this to baseline of users not enrolled with Okta@home or against the Okta@Home cohort before feature is release

The feature will be released for free for current Okta end-users. Real world product usage and success will create better telemetry that will dictate what data advanced analytics can be upsold into both enterprise and consumer spaces. Some examples would include a per seat premium upsell to enterprises, third parties, or advertisers to get anonymous aggregated data on what apps are popular outside of work, how they overlap with enterprise work, and better security enhancements to manage them. On the consumer side, charging per user (or per household) if the end-user is not working for an Okta enterprise customer may also be a possibility, but less likely in the near term.

Impact of Okta@Home on growing Okta’s overall platform metrics:

[MVP] # of developer apps integrated / month (is Okta growing at a steady pace at being integrated as an identity manager for new developer applications; compare to baseline before Okta@Home release) [current baseline / +10%]

[MVP] # of single sign on platforms integrated / month (is Okta’s Application Network growing at a steady pace at integrating with existing services; compare to baseline before Okta@Home release) [current baseline / +10%]

Retention over time:

[NOT MVP] # of Okta@Home logins / user after terminating work with an Okta enterprise customer (are users still using Okta@Home in the personal life if they leave the enterprise company?) [0% / 5%]

  • total # of Okta@Home logins for non-enterprise users / total number of non enterprise users

[MVP] Net Promoter Score of users who enabled Okta@Home [current baseline / +5%]

  • vs baseline NPS of those who did not enable feature

Personas and Scenarios

The main persona this feature targets is John, a Social Media Marketing internal employee at FanGram (a social sports interactive mobile app). Jon is 30 years old, single with no children, and has a BA in International Relations. He is an early adopter of all social and communication services both for personal entertainment and to succeed at his job. He works with a team to provide live content updates on various sporting events using Instagram, Facebook, LinkedIn, and Snapchat. He manages several marketing campaigns at a time and tracks success with Marketo and salesforce applications. Sporting events and updates are a 24/7 cycle and he often finds himself using these services at home both for work and personal entertainment. He uses a Macbook Air, iPad Pro, and iPhone at work and home to get all his content updates out; sometimes it is an official company marketing campaign account on Instagram, other times it is a content update on his personal Snapchat account creating casual discussions with FanGram’s users. Currently all his work related accounts are managed by Okta when he logs in via VPN or at work. However, his personal Instagram and Snapchat accounts are not managed by Okta and he occasionally posts personal content on his work social accounts and vice versa. Furthermore, because he has legitimate work reasons to use his personal Snapchat and Instagram his IT manager, Angie, is concerned that his personal accounts are insecure and vectors for security threats to enter the enterprise. He uses simple passwords for his personal Snapchat and Instagram accounts, and tends to avoid using them at all work for now, instead using them outside of the work environment when not on VPN.

However, last week John logged onto his FanGram Okta portal and noticed a new feature, Okta@Home on the familiar portal he uses everyday. A new section was highlighted showing this feature, already integrated to his current portal indicating a feature tour was ready for him to use. Upon clicking on the Okta@Home feature highlight, John was introduced to a tour clearly indicating how the feature worked, that it was optional, and that it was separate from his company accounts and would be accessible even if he leaves FanGram. On the sidebar, a simple recommendation and search bar populated personal apps he might already be using and other he can add. He feels pretty happy about Okta when using it for all his work accounts, so while he trusts Okta to manage his personal accounts he decides to only add 2 of his many personal accounts at the end of the tour. His devices immediately get the updated personal account information, and the end of the tour shows his personal Okta portal he can access even away from work. He clicks on the portal and is surprised to see that it doesn’t have FanGram anywhere on the page or domain. After a few days of trying the feature out, John loves the ability to push all his live sports content updates anytime at work or at home, even when he isn’t on the company VPN since he has a direct personal login with Okta. John proceeds to add the rest of his top personal accounts (10 more) over the rest of the week, though Snapchat wasn’t offered. He clicks on an ‘add me’ widget for Snapchat so that Okta and developers get feedback that users are requesting Snapchat integration.

Meanwhile, John’s IT manager, Angie, logs into her Okta management console. Angie is FanGram’s IT administrator, is 40 years old with a BS in Electrical Engineering and has 15 years of IT and security experience. She constantly strives to keep her employees productive while shielding them from security threats. She switched the company’s internal identity management system to Okta last year and has been quite happy with the results. She has far more free time to work on larger IT issues with her team, and no longer gets a barrage of password reset requests wasting large chunks of her day. Moreover, she has a good understanding of what applications are being used at work daily. Not surprisingly, her colleagues use all the latest social media and communication technologies since FanGram is a social sports application. However, she knows a lot her colleagues, like John, have to use FanGram work and personal accounts at work. Currently she has no control over Snapchat, nor any idea how much it is used by her employees at work. Also, her employees use the personal Instagram and Facebook accounts to get work done in the office as well.

Today, much to her surprise, Angie has a new report widget greeting her on the Okta management console. It shows a bird’s eye view of aggregated statistics (usage rates and password issue rates) on tools that are used both at work and at home by FanGram employees. There are no drill down reports for individual users, but she can finally see some high level statistics showing what are the top 10 services her employees use that intersect at work and home. This valuable information gives her data to show both to HR to keep HR policy up to date and to her CSO to make sure her department gets adequate funding to help employees use these services.

Features In

  1. [MVP] As an Okta end-user, in order to gain awareness of what personal identity management services are available, I want to be directed to the new Okta@Home feature on my familiar company’s Okta portal, so that I can seamlessly be introduced to the new feature as part of my daily work routine
  2. [MVP] As an Okta end-user, in order to understand how I can use the tool for my personal work independent of my current company, I want the Okta@Home feature tour to clearly describe the new direct portal and separated traffic, so that I can be confident that my employer will not be able to identify me from my personal activity and that I can continue to use this feature if I leave my current company.
  3. [MVP] As an Okta end-user, in order to get me to the right apps I use based on my current context, I want my Okta end-user portal to autodetect whether I’m at home (off VPN) or at work (VPN or on network), so that I can get to my apps quickly without having to manually enter and go to the right domain.
  4. [MVP, internal] As an internal Okta data analyst, in order to build additional value propositions for securing and managing a unified identity, I want to collect separated telemetry data on end-user Okta@Home logins, so that I can build sell new services on this feature and ensure the feature is being used efficiently.
  5. [NOT MVP, plusser] As an Okta end-user, in order to make it easy to setup a few accounts to try out with Okta@Home, I want to have a recommendation of which apps to add to my Okta@Home account at the end of the feature tour, so that I can start trying out the feature right away without having to go search and add apps later.
  6. [NOT MVP] As an Okta end-user, in order to get all my personal accounts onto Okta, I want to have the ability to directly request new apps to be integrated from my Okta@Home portal, so that I can continue to use Okta@Home for the latest apps.
  7. [NOT MVP] As an Okta management console user, in order to understand how my colleagues are using tools to get their jobs done, I want to see an anonymized aggregate report widget showing application usage and login statistics, so that I can have hard evidence for budget planning and policy enforcement on the latest apps.

Features Out

  1. Automate on-boarding of Okta@Home users at new Okta companies. [This is a fantastic feature idea and should be considered soon once Okta@Home shows some sustained usage].
  2. Password scanning: Automatically scan personal passwords for strength and reuse. [Not necessary in v1, and integrating in Okta platform kind of defeats the purpose of this feature]
  3. Automatic breach management: Automatically refresh all personal account passwords if user is victim of data breach or security incident. Push anonymized information to enterprise context to help protect work environment as well. [Not clear on how this would work yet and feature needs more bake time for clarity]
  4. Manage user security questions (or get rid of them by creating facade over them). [Not clear on how this would work yet and feature needs more bake time for clarity. Also, Okta integration may reduce the need for this entirely]
  5. Allow users to have family/household capability for Okta@Home. [Need to determine revenue stream first and validate v1 of the feature before considering this]
  6. Create a data services product that can sell to third parties or advertisers based on usage/demographic/etc stats on aggregate home user identity info. [This is worth considering, but we must have users first before there is data to sell]
  7. Create a data services product that can upsell back into the enterprise on breach and login issues that could enter the workplace from home usage. [This is worth considering, but we must have users first before there is data to sell]

UX and Mockups

Feature Discovery
On-boarding/Tour
Introduction Video
Feature Magic
Feature Adoption inserted into on-boarding
Easy Search/Drag+Drop UX to add new apps

Go To Market Plan

4Ps

Product: The initial MVP launch will focus on creating value for the end-user (persona John) to simplify their personal identity management and have them match their workplace productivity at home. The second phase will use data analytics to build new messaging stressing the value of a unified identity to help enterprise professionals (persona Angie) stay on top of trends and security issues being brought into the workplace from external sources.

(Concerns , weaknesses, risks) One of the biggest challenges will be to convince users that an enterprise company can be trusted to handle their personal login information. We do have data that show our users already trust Okta with personal information. However it is imperative that end-users understand in the MVP launch that their personal login behaviors are not communicated in an identifiable way to their employers. Direct to consumer features are not a speciality of Okta, however this release will focus on our already existing enterprise end-users which serve as a fantastic captive audience to try this feature with. If we cannot convince them, we know we have work to do before going direct to consumer in the future.

(Competition): Two competitors have entered this space before us (Intel Security and LogMeIn), however neither has demonstrated success already nor has the full end-to-end identity management Okta does. The challenge will be to extend our holistic identity management from the enterprise space to the consumer space in a focused manner.

Price: Initially the price for the feature will be free for existing Okta enterprise users. Once we collect data and being providing actionable data analytics to support security features this data can be upsold back to enterprise customers as a per seat ($1-$2 per seat/mo) premium service. Additionally, after hitting mass adoption with our users, Okta@Home can be directly sold to consumers at competitive rates of approximately $1-2 a month.

Place: Initial target personas are a captive audience, who already use Okta as part of their daily work routine.

Promotion: No initial sales advertisement is necessary as this will be a free feature. However, soon after data collection and analytics (~3-6 month build out), these data based services will be upsold and communicated to our IT customers and developer platforms as part of their standard sales cycle and channels. This will include our own Oktane conference, security blogs, and review sites (CSO, etc.).

Messaging

This is initially targeted to existing Okta enterprise end-users. This is a fantastic opportunity to see the success of this feature with a captive and informed audience before considering direct to consumer channels. After seeing sustained usage from this group, the feature could eventually be released to the general public.

Persona messaging:

John [MVP] (Internal Employee - Social Media Marketer at FanGram, 250 person company)

Key Characteristics

  • 30 years old
  • Middle class
  • Single, no children
  • BA in International Relations
  • Early adopter of all social and communication services

Goals

  • Stay connected with FanGram’s users on several social marketing channels (Instagram, Facebook, LinkedIn, Snapchat) on any of his work or personal devices
  • Create discussions with FanGram’s registered users daily at work and home
  • Wants to maintain a unique, casual, and personal brand for the company despite working with several companies (sponsors) during promotions

Pain Points

  • Managing all his passwords for several internal marketing and sales tools and social websites is a pain
  • Has to share the login information for the social marketing accounts on Facebook, Instagram, etc with social marketing team manually so they can all post on behalf of FanGram
  • Often times someone on the team forgets social media account password and initiates a reset, but not everyone is aware of the password change
  • He occasionally forgets to switch between his personal and work accounts for social media accounts when posting content, usually when he is on his mobile phone

Messaging

  • Use one service that solves all your identity management needs
  • Keep yourself as safe at home as your IT team does at work
  • Transition seamlessly from work and personal productivity tools

Angie [not MVP] (Internal employee - IT Administrator at Rentr, 500-1000 person company)

Key Characteristics

  • 40 years old
  • Upper middle class
  • 1 child, married
  • BS in Electrical Engineering
  • 15 years industry experience

Goals

  • Keep employees productive
  • Minimize security risks and breaches at BizGo
  • Reduce time and costs spent on internal technical logistics
  • Wants to be seen as partner and enabler for colleagues, not an obstacle or time sink

Pain Points

  • Manual time her team spends on responding to employee issues
  • Barrage of password resets everyday preventing her team working on longer term goals
  • New employees have long spin up time before they are integrated with all company tools
  • Can’t push company policies on all devices and applications the employee uses
  • Occasionally small 2-4 person consultants work on special projects with internal development team for short month long windows, but they spend a week setting them up with the same tools as the rest of the team

Messaging

  • Gain visibility in what data and apps enter your company’s workplace from external sources
  • Keep your employees safe even when they are away from the office
  • Understand security risks your employees experience before they enter the workplace

GTM Planning

Pre-Launch

Internal soft launch (2 weeks):

The initial soft launch will be an internal dogfood by Okta employees. Since this accurately replicates a core experience of the final launch, we can test the launch process as our customers would. 10% of Okta employees will start to use the feature. These employees will be be chosen at random from an overall pool identified using consumer style apps across multiple devices (Windows, MacOS, Android, Apple phones, tablets, and computers) already at work via the existing Okta reporting module. Meanwhile the data center team and support teams will be prepared to monitor increased usage of their services. After a 1 week trial, the feature will be released to the entire Okta workforce to more clearly understand datacenter and support costs. The feature will not have explicit pre-launch communication, outside of our normal update notes and communication. This will mimic how the feature is launched to our customers to determine if organic user growth is occurring. This is a unique launch because we are going after existing customers using the product and therefore we do not need to spend resources acquiring. After another 1 week trial and incorporating launch feedback we will continue onto a beta launch with our closest customers.

Launch

Beta (2 weeks, 3 customers):

The beta launch will focus on our closest 3 customers from different industry verticals (healthcare, consulting, and consumer technology companies). Each company will be given advanced notice of the feature launch, but direct end-user communication to their employees is not necessary as they will organically discover the feature as part of their normal daily Okta login routine. The beta customers will use their existing reporting app to choose 10% of their employees at random based on highest personal app usage and device mix at work from existing reports. After a 1 week trial, the feature will be released to all employees at our beta partners for another 1 week trial. Again datacenter and support teams will monitor increased usage to plan for scaling across all our customers. NPS surveys will be used in both trials to ensure the feature is a hit with the selected users. Furthermore, beta forums will help IT managers at these companies manage the new feature and understand the long term reporting capabilities of a unified identity.

At this point the feature is technically in the wild, we will begin to contact our industry and PR contacts about the new feature and possibly coordinate the feature launch with our next Oktane conference. Additionally, news outlets (CIO) and analysts (Gartner) can be contacted so our feature is inconsideration for the next round of product reviews and recommendations.

Full launch (2 weeks, all customers):

Our final launch will follow the same approach as above, but be directed to our entire customer base. We will randomly select 10% of end-users at each customer to view the beta feature (based on device mix and app usage). The data center and support teams will monitor usage of their services by comparing the selected end-user and non-selected end-user cohorts to monitor any issues over a 2 week period. Finally, after passing all tests, the feature will be rolled out to the entire user base. NPS surveys will be used in both trials to ensure the feature is a hit with the selected users.

Post-Launch

Post launch will be focused on building new value propositions from the new data received. Internally we will scale our data analytics capabilities and begin to transition this from a feature update to our new ‘unified personal identity’ message (enable any person to adopt any technology). We will want to continue to push Okta’s Application Network as a unique value proposition for our customers and show how Okta@Home has driven growth in integrated applications. We will take this message back to our existing channels with platform developers, encouraging them to build their applications with Okta from the start so they can provide the best experience for their customers.

We will directly turn some of our internal metrics into messaging pieces:

[MVP] # of developer apps integrated / month (is Okta growing at a steady pace at being integrated as an identity manager for new developer applications; compare to baseline before Okta@Home release) [current baseline / +10%]

[MVP] # of single sign on platforms integrated / month (is Okta’s Application Network growing at a steady pace at integrating with existing services; compare to baseline before Okta@Home release) [current baseline / +10%]

[MVP] % of existing users at a company that enable Okta@Home (are users aware of the feature?) [0% - 5%]

  • existing enterprise users that enable Okta@Home / total existing enterprise users

[MVP] # of entries added in new Okta@Home feature / user (are users actually setting up and interacting with the feature) [0% / 3%]

  • total number of Okta@Home entries made / total # of Okta@Home users