8 Critical Areas for Your Next CIAM Implementation

  • October 26, 2022
woman working on laptop at home

Customer Identity Access Management (CIAM) solutions have become one of the most critical tools IT teams use. CIAM solutions help to securely streamline the user experience for users outside an organization (often customers, hence the name). Critically, CIAM solutions must do so in a way that meets modern customer expectations of low-friction ease of use while remaining scalable and optimizable. Recent developments are raising the stakes: new regulatory/compliance laws, evolving customer expectations, and the ubiquity of omnichannel engagement have all forced the evolution of best practices.

Let’s explore eight areas, and best practices organizations need to consider carefully when deploying a CIAM solution.

1. User experience — good enough isn’t good enough

The expectations of modern consumers have shifted following the emergence of new technology. And while companies tend to have flexibility regarding the security measures imposed on their workforce, customers are always just a click away from a more convenient user experience, so balancing security with ease of use is imperative.

“If the user experience is too frustrating, or it’s too hard to set up or log into an account, users will simply abandon the experience,” says Mike Pastore, Solutions Engineer for Okta, one of the leading identity platforms. “We live in a market environment where there are no shortage of next-best alternatives. If one website’s login experience is weird or too onerous, I’ll just go to the next search result and buy from them.”

2. Secure access management — Zero Trust and Zero Friction

The market demands for low-friction user experiences must be balanced against the operational need for security. Adaptive authentication and contextual access paradigms based on Zero Trust principles must be implemented as part of a CIAM solution. These systems must take into account signals such as location, device, and connection to determine, for example, the type of MFA challenge required. Where possible, secure biometric measures (fingerprint scanners and facial scanners such as TouchID and FaceID) should be implemented to improve both usability and security.

3. Scalability and extensibility — room to grow

Scalability can be very challenging, particularly in B2C scenarios, but it’s a critical component. An inability to scale translates to missing out on the most significant opportunities. A sudden increase in user demand can go from a lucrative windfall to a frustrating failure if your CIAM solution can’t scale instantly.

Extensibility is just as important — the ability to expand functionality as needs grow. “I’d say extensibility is the most important, actually,” says Pastore. “Being able to extend features out-of-the-box to meet business and customer demands, to call to any third-party API tool.” Businesses need the flexibility to grow securely: adopting a CIAM solution that can’t grow along with your operations will cause headaches sooner than you think.

4. Privacy and consent management — complying with regulations and meeting expectations

Certainly, organizations need to be aware of the regulatory requirements put upon them by GDPR, CCPA, HIPAA, and others. In 2021 alone, leading companies like Facebook, Google, and Amazon all paid out GDPR fines. Organizations cannot take these regulations lightly — nor the accompanying global customer expectations that supersede regulatory boundaries.

Ensuring privacy and consent management (PCM) features are built into CIAM solutions is critical — if not, the need will likely arise to integrate specialized PCM products with existing CIAM solutions.

5. User data analytics — make the most out of gathered data

Organizations can collect customer data throughout the customer lifecycle for User and Entity Behavior Analysis (UEBA), which can be very useful in marketing and sales operations. This data can help glean the customer’s actual needs and help drive targeted sales toward the customer’s pain points. A range of very good products in this space (such as Marketo) can be integrated with CIAM solutions as needed.

6. Delegated authentication — share the burden

Delegation is particularly important in B2B CIAM situations, where organizations are granting access to internal systems to potentially hundreds of partners, each with hundreds or thousands of employees — creating a potentially huge burden on the organization. The ideal arrangement is one where partners authenticate their employees, and that’s carried over via a verified trust relationship between the organization and those partners.

7. Bring Your Own Identity (BYOI) — frictionless convenience

Many customers wish to minimize the number of accounts that have their information. Instead of signing up for new accounts, they’d rather use existing identities (Google, Facebook, Twitter, Microsoft, etc.). A particular component of maintaining a good user experience is allowing BYOI, and a good CIAM solution should be able to accept such logins. This is the CIAM equivalent of “federated identity” in workforce identity management and removes friction from the process.

8. Fraud detection and identity proofing — verify early and often

Preventing credential theft and fraudulent account creation is central to identity security, and a good CIAM solution should be capable of fraud detection from the beginning. Identity proofing is becoming more common — verifying users are who they say they are through various means, like submitting pictures of government ID for review. (A long-standard practice in government services, which can expand into high-risk private sector areas like financial services.) There is a range of identity-proofing service providers, such as Experian, and organizations looking for cutting-edge CIAM solutions should consider the ability to integrate with such services.

NTT DATA helps organizations implement industry-leading CIAM solutions every day. Contact us to find out what the right CIAM platform can do for your organization.

To learn how to navigate the complexities in your CIAM implementation, tune in to our panel discussion.

Subscribe to our blog

Ramesh Gupta headshot
Ramesh Gupta

Ramesh currently leads IAM portfolio which is part of Security Services within Chief Digital and Strategy Office. He has 20+ years of experience in IT industry and has worked extensively across different industry segments, such as Financial, Manufacturing, and Healthcare Services, and across different service lines, such as apps, infrastructure and cloud services for service delivery.

Related Blog Posts