Reinventing Identity and Access Management in the Cloud
Mavens is a leading Salesforce.com implementation partner, headquartered in Chicago with offices throughout the U.S. and Europe. Founded to build cloud software connecting people to cures, it advances this mission by serving life sciences and healthcare companies around the world, including eight out of top 10 pharmaceutical companies.
Successful drug brands loom large in the collective memory. Ask an average person on the street about Nexium, Lipitor, Adderall or Tamiflu and they quickly recall the symptoms and diseases these drugs treat. These drugs owe their popularity to the marketing activities of drug manufacturers. Every time a new drug enters the market, the manufacturer launches a slew of websites, apps, newsletters, and promotional campaigns to communicate the benefits of the drug to patients, doctors, and consumers.
What sets these marketing initiatives apart is that pharma industry lives by the ‘more is better’ mantra. There are multiple websites for explaining a drug's benefits and side effects, providing advice to affected communities, and documenting clinical findings. The complexity of building and maintaining all these properties is further multiplied by regulatory requirements. Drug manufacturers are obliged to obtain visitors' consent, alert them to a variety of legal notices, and securely store their records for later auditing.
To keep up with these requirements, pharma companies typically work with a dozen contractors, build apps and sites across a wide range of technologies, and deploy them to a mix of self-hosted servers and cloud providers. It's no wonder that such working setup results in high development costs and extremely long implementation cycles. Even a simple microsite can take as much as four months to build and get approved. Confronted with this reality, Mavens wanted to overhaul the way pharma marketing is done.
A single source of truth
The high technological costs faced by the pharma industry are often blamed on regulatory requirements. Authenticating visitors and getting their consent can indeed constitute a significant chunk of the development budget. But what makes pharma marketing campaigns truly costly is that the same functionality has to be re-created from the scratch for each new website, app or mailing list.
Mavens Consulting has capitalized on this insight and built a solution replacing piecemeal user management with a centralized Identity and Access Management (IAM) service powered by the Salesforce Identity platform. The solution addresses the obvious requirements - developing a secure, responsive, and intuitive to use login form - as well as more sophisticated concerns about where to store data, how to encrypt credentials, and manage legitimate access to user data.
Centralizing identity and access management helps companies build an in-depth profile of their customers
This means that now they can integrate a ready-made solution to manage their visitors. Everything from a basic login flow to consent modules and visitor profiles can be added to a website, app or a digital kiosk with the integration of a login page created by Mavens Identity and Consent Manager. The login page can be configured to collect and display appropriate information in a matter of minutes and once a visitor registers, their data is stored in Salesforce and becomes immediately accessible to authorized users under the Accounts tab.
Keeping customer records in a centralized database improves the customer experience. Gone are the days when visitors had to power through a carousel of login pages and consent forms to find the relevant information. Since the login page is powered by Salesforce Identity, authenticated users are recognized and can immediately proceed to the desired section of the website.
Pharma companies, on the other hand, finally have a chance to build up a holistic view of visitors they serve. “When drug manufacturers implement custom authentication solutions, visitor data is disparate and scattered across multiple silos, and becomes a real challenge to create value” explains Ian Glazer, Senior Director of Identity at Salesforce.com. “These gaps can result in customer interactions that are either too late, impersonal or not happening at all. Integrated identity services are instrumental to creating cohesive, 360-degree views of every customer."
Separating the look from the functionality
Mavens felt that the Identity and Consent Manager had the potential to overhaul the obsolete way of implementing marketing campaigns, but to convince their customers they needed to address a lingering concern. A lot of organizations worried that the use of third-party IAM service would make it impossible to customize login pages. The concern had serious weight to it - industry studies have shown that a large percentage of visitors terminate their session when redirected to an external website to authenticate.
To address this concern, the engineering team considered bringing the Mavens ICM to all the major CMS platforms used by the customers. "For a while, we toyed with the idea of building a standard IAM plugin," explains Paul Battisson, Lead Technical Architect EMEA at Mavens, "but after we researched how these platforms are architected, we quickly dropped the idea. The costs of doing so would be staggering and take years to implement."
As the team considered alternative solutions, engineers began exploring the idea of adding a headless CMS, a publishing tool stripped of its front-end component, to the solution. Paul admits to having certain misgivings at the time: "We knew that this approach would only work if the CMS in question offered a whole range of advanced features." These included a well-documented, low-latency API, ability to change content schema easily, and a fully customizable user interface. "And it should also appeal to end-users who wanted a tool with a simple, straightforward interface."
The engineering team has evaluated several vendors, but developer sympathies clearly lied with Contentful. "We looked at how headless CMS vendors stack up against our requirements and it clearly stood out as the most mature solution on the market," admits Paul Battisson. But it was a passionate reaction of the engineers that sealed the choice of the CMS. "Our developers absolutely loved Contentful's API docs and SDKs. And for every question we filed, we received a thorough explanation with examples and best practices. Who could resist that?"
Technical setup of the Mavens Identity and Consent Manager
Contentful performs a dual role in the setup championed by Mavens. On one hand, it contains content types for managing content on the pages. This might include a page title, background images, calls to action, footers, headers, and blocks with other informational content. On the other, Contentful is also used by the design team to define the look of the login page. There is a dedicated content type that is used for serving a stylesheet and defining visual elements of the login page.
Samuel Rosen, Lead Identity and Consent Architect explains: "Having a simple interface, where editors and designers can safely manage the look and content of a login page and then instantly deploy the changes is a huge improvement over how the pharma industry did things until now." Implementing Mavens Identity and Consent Manager leads to a two-fold improvement: the marketing teams no longer have to rely on developers to push changes to the website and the changes can be deployed in a matter of hours making companies more responsive to regulatory changes and consumer needs.
One service, many countries
Launching drugs internationally requires manufacturers to navigate numerous legal, technical, and logistical hurdles. As Samuel Rosen explains, "localizing consent goes beyond translating a legal disclaimer. One also needs to implement specific regulatory requirements in terms of what data is collected, how long it is stored, and what marketing activities are permitted." For example, in the US, opting in to receive marketing materials has no expiry date, whereas Germany requires companies to renew the opt-in every six months.
Traditionally, these requirements were met by running a collection of individual sites and apps for each major market. Mavens Identity and Consent Manager takes a different approach: instead of implementing a new IAM solution each time, companies can simply add a new consent policy to an existing login page. This way, registration form fields, disclaimer text, and user data permissions are automatically updated to reflect the regulatory framework applicable to the visitor's country. Drug manufacturers then can use the same website across multiple markets leading to dramatically reduced costs.
This solution, however, would be incomplete without the possibility to localize the content of the login page just as easily as the login form. And Contentful offers an elegant solution to this problem. On the content creation side, roles and permissions can be configured not only for specific content types but also for specific languages. On the content delivery side, a single API-endpoint is used to deliver all the versions of an entry. "All we need to do to retrieve content in a specific language is to include the language parameter in the query," remarks Paul Battisson "which dramatically simplifies the architecture of the front-end client."
Mavens uses Contentful to power login pages across multiple websites, apps, and languages
Results
Mavens set out with the goal of changing how drug manufacturers engage with doctors, patients, and consumers. Recognizing how outdated marketing infrastructure inflates the costs of technical development and results in inferior user experience, the Mavens team came up with a new solution for identity and access management. It combines Salesforce Identity for authentication and authorization with Mavens consent framework and Contentful CMS for controlling the look and feel of login pages. The resulting setup helps Mavens build innovative solutions for the pharma industry quicker, better and cheaper than ever before.
