How nonprofits achieve their missions while delivering secure digital experiences

Today, digital identities control access to an ever-growing number of applications and services, impacting — and to some degree governing — many aspects of our professional and private lives.

And there is absolutely no doubt that digital identities are going to become more important in the months, years, and decades to come.

Nonprofit organizations (NPOs) are not immune to this evolution — in fact, in some ways, they’re outpacing other organizations. For example, Twilio’s State of Nonprofit Digital Engagement Report 2022 showed that 65% of engagement between NPOs and their program participants is digital, compared to 55% for business-to-consumer (B2C) companies.

Consequently, NPOs need to be able to deliver convenient user experiences while managing and securing stakeholder identities.

From a cost to a core enabler

Traditionally, NPO’s have regarded technology as an operating cost, but as technology — particularly software-as-a-service (SaaS) — has emerged as an enabler of service delivery, things are changing.

Today, many technologies help NPOs achieve their missions and increase their impact. For example, the fifth edition of the Salesforce Nonprofit Trends Report shows that digitally mature NPOs exceed their organizational goals, including being:

• Four times more likely to have exceeded mission goals
• Twice as likely to have exceeded program goals

These results can be traced to a range of technology-driven benefits, including more efficient service delivery, improved security, smoother experiences for end users, and stronger engagement with communities.

And one technology that enables all of these benefits is Customer Identity and Access Management (CIAM).

Why CIAM matters for NPOs

You probably have some type of community made up of end users. Maybe it's students who you're serving, or maybe you're making critical life-saving loans to small business owners, or you're sending digital cash to refugees in advance of an impending natural disaster.

Whatever your mission, CIAM is the digital infrastructure that lets you securely and conveniently engage with these communities. In particular, an effective CIAM solution provides:

• User registration to allow your users to sign up (e.g., through a login box), and which also creates the behind-the-scenes user record for all community users
• Proper authentication to ensure the community members logging into accounts are who they say they are, using one or more factors 
• Effective authorization to help organizations provide community members with the appropriate level of access to information and resources once they’ve logged in
• Comprehensive Identity management, to enable stakeholders and administrators to make updates and changes to users’ data and access

In other words, CIAM is at the heart of enabling and securing the digital interactions that have become so essential for NPOs to meet the many needs of their end-user community. 

Helping users access services by reducing friction

In an Identity context, “friction” refers to anything that slows down a person’s interactions with your service. These interactions may include (but are not limited to) a user:

• Signing up for your organization’s programs
• Logging in to their existing account
• Recovering lost account data
• Scheduling an appointment (or other aspect of service)

Some amount of friction during these interactions is necessary to establish trust and provide security controls, but the more friction involved in an interaction, the greater the user’s frustration.

Unfortunately, opinions differ about how well NPOs are doing when it comes to user experiences, with the same Twilio study revealing that while 77% of NPOs rated the digital experience they provide as good or excellent, only 64% of program participants agreed.

The accessibility imperative

While friction is an inconvenience for many users, for others it can present significant impediments that prevent them from accessing your services.

Unfortunately, accessibility (when it’s even considered at all) is often prioritized far below other factors, resulting in slick-looking designs that some consumers struggle to use. The COVID-19 pandemic highlighted many of these usability deficiencies, as it forced far more interactions to go online.

Consider disabilities like vision or cognitive impairment, or limited motor function, and imagine trying to navigate a cumbersome authentication flow that requires the user to remember and then enter a long, complex password. Or imagine how a user uncomfortable or unfamiliar with technology would respond to a message asking them to download an app and configure push notifications or how a user for whom English is a second language would navigate a complicated signup procedure.

With a modern CIAM solution, it should be easy to create accessible authentication flows that reduce friction — allowing NPOs to reach larger communities and for all community members to navigate digital applications and access services.

Safeguarding user and organization data

NPOs often handle large volumes of sensitive user data, including personally identifiable information (PII) of community members — many of whom are already vulnerable or persecuted — and financial details (e.g., credit card information from donors).

Unfortunately, they often lack the resources to invest in a strong cybersecurity posture. In combination, these two factors make NPOs prime targets for cybercriminals.

Implicit within the four essential features of CIAM is that a modern solution should include strong defenses that prevent unauthorized users from accessing user accounts and data, including taking over user accounts to  access services or other privileges fraudulently.

Why using an existing solution is the best path

The case is pretty clear that integrating an existing CIAM solution is the fastest, most cost-effective ay to meet your community’s needs.

Saving time

A ready-built CIAM solution allows organizations to quickly implement the required functionality while freeing internal technical personnel to focus on other needs.

Here’s a quick story to illustrate the point: Recidiviz works with corrections directors, probation and parole officers, policymakers, and justice-impacted people to design tools that improve criminal justice outcomes and help people safely transition back to their communities.

When the Recidiviz team was racing to get their minimum viable product (MVP) out before their Y Combinator demo day, they needed a reliable CIAM solution. Joshua Essex, the organization’s Co-Founder and CTO, asked his Y Combinator peers for advice, and they recommended Auth0.

Essex later shared with us: “We were able to get a working username and password setup going within a couple of hours – at a time when even a couple of hours could be critical to our survival.”

Saving money

Most NPOs don’t have in-house developers, but that’s not always true. When such personnel exist, it’s natural to think that building Identity functionality internally is a prudent, cost-effective approach.

However, there’s a big difference between implementing basic login functionality and building a stable, scalable, and secure Identity infrastructure.

In real life, most systems require some or all of these capabilities:

• Seamless signup and login experiences, including social login features that allow community members to register and authenticate with the preferred credentials (e.g., Google, Facebook, WeChat, etc.)
• Multiple sources of user identities
• Multi-factor authentication (MFA)
• Attack protection
• Granular access controls

Building such functionality requires considerable expertise, and, once built, Identity capabilities need to be maintained and extended — which introduces an added and ongoing cost burden.

Okta: Helping NPOs just like you

As the leading independent Identity partner, we strive to be a catalyst for NPOs enacting change at the intersection of humanity and technology. That’s why we offer NPOs a discounted rate that still provides the cutting-edge technologies and features they need, including:

• Over 60 social and Identity provider connections to make it easy for community users to register and sign in
• Easily customizable and brandable sign-up and login interfaces and flows so community users recognize your brand and enjoy consistent and convenient experiences
• Broad support for open standards that contribute to interoperability and security, including OIDC, SAML, FIDO, OAuth, and more
• Extensive compliance with regulatory requirements that apply to NPOs, from HIPAA for health information to PCI for financial data
• Innovative security features to help protect your organization and your community

As a result, we’re with you every step of your Identity journey, from getting started to meeting your evolving needs. Continuing the Recidiviz story, Essex noted that our solution “has successfully flexed with us through countless iterations and launches.”

See for yourself

Interested in seeing the difference leading CIAM can make for your mission and community? You have several options available:

• Sign up for a free trial plan and get your hands dirty.
• Not sure where to start? Get in touch with us.

Of course, we know that many NPOs don’t have internal development personnel, which is why we also have nonprofit service delivery specialization partners (BeyondID, Cloudworks) who can offer further assistance through their own special programs.