Companies dealing directly with consumers face particular challenges in the area of identity management. In addition to handling the identities of internal users, these companies are also tasked with protecting the information of hundreds of thousands or even millions of customers. Successful customer identity and access management (CIAM) requires a balanced approach focused on both data security and user experience.
IAM vs. CIAM: Unpacking the Differences
Traditional identity and access management (IAM) deals with a group of known users within a specific organization. The organization creates and manages identities, stores information in a central location and uses sets of roles or rules to control access to applications and information. Even in enterprises, the number of identities accessing a network at any given time remains relatively small, and IAM solutions deal mainly with providing accessibility and productivity.
CIAM, by contrast, involves a vast number of identities created and managed by users. These identities encompass all behaviors customers exhibit as they interact with a business or organization and may include public information or highly sensitive private data. Due to this level of detail, compliance is even more important than with traditional IAM, making consent management an essential element of any CIAM policy. Customers also expect a personalized experience with easy access and seamless transitions between devices and platforms.
IAM and CIAM do share some characteristics, including centralized information storage and multifactor authentication (MFA) methods. However, the tools and platforms for managing identities differ, requiring businesses to adopt a separate solution for CIAM. With over 3 billion records exposed through breaches in 2018, a clear need exists for an approach designed to meet the most pressing challenges of managing customer identities.
The sheer volume of users is the core concern in CIAM. A greater number of users creates a much larger centralized database of identities, which can easily become a target for hackers. At the same time, regulatory bodies are updating compliance requirements in response to consumer demand for more control over the information companies store and share.
CIAM becomes even more complicated when considering the diversity of the devices people use to interact with businesses. In 2017, the average North American consumer owned 13 connected devices, and more internet-ready “things” continue to appear as a growing number of companies enter the IoT market. Most people move between devices throughout the day, and some devices contain multiple user profiles. CIAM must address the need for a seamless experience regardless of how users choose to log in at any given time.
Behavioral monitoring to detect possible malicious activity takes on a much wider scope in CIAM. Having such a large number of unique preferences and behavior patterns requires a highly sensitive monitoring solution with the ability to learn, remember and recognize a huge volume of customer interactions and detect when something deviates from the norm. Integration with CRM is essential if businesses wish to leverage data for marketing, but monitoring for security purposes must take precedent to ensure customers are granted appropriate accessibility without putting sensitive data at risk.
Approaches and Solutions for Businesses
How can businesses and organizations strike a balance between maintaining security and providing the kind of experience customers demand? It helps to consider CIAM as part of an overall approach to customer service. Customers want both security and ease of use, and failing to deliver can have a negative effect on a company’s bottom line.
An assessment of current data collection and storage practices is a good place to start. Companies should know:
• How customers share data
• The channels through which data comes in
• How data is stored once collected
• Who within the company has access to customer data
Combining this information with knowledge of how customers interact with the business provides guidance when choosing a CIAM solution. Platforms must be designed to scale to meet demands while providing the integrations businesses need to create the right combination of security and usability.
Single sign-on (SSO) and bring-your-own-identity (BYOI) options provide at least a partial solution by offering customers the option of signing in to multiple different accounts using one identity instead of creating separate profiles. Before investing in these third-party platforms, however, businesses need to know how providers handle security. Poor security measures can not only put companies at risk for noncompliance but also result in a potentially catastrophic loss of customers should a breach occur.
As an increasing number of users share information requiring various levels of security, businesses must now protect company data and assets along with all the information customers share through a diverse range of interactions spanning multiple channels and endpoints. Robust CIAM platforms providing seamless customer experiences are essential for meeting these diverse needs. IT professionals certified in relevant IAM disciplines can guide companies in creating and implementing customized solutions with the right tools to face tough security challenges.