Connectis featured in ICT magazine article
Published: 4 November 2019
In ICT Magazine, Connectis’s IT Director Raymond Roelands talks about the importance of Customer Identity and Access Management.
Online service delivery obviously depends on customers actually having access to your applications. However, a careful balance has to be struck between, on the one hand, the convenience and freedom enjoyed by the user and, on the other, the security and integrity of your environment. The importance of Customer Identity and Access Management (CIAM) can’t be overstated.
CIAM is the mechanism used to ensure that the right users have access to the right sources at the right time and for the right reasons, according to the Gartner consultancy. No one wants unauthorised people to have access to a company’s applications. However, the authentication arrangements shouldn’t represent a barrier to legitimate users. Few things are more annoying than repeatedly having to enter a password to get anything done.
That’s why organisations have identity and access management systems. The systems were originally introduced for internal purposes: staff had to identify themselves to gain access to business applications and data. Known as IAM for short, such Identity and Access Management ensured the reliable verification of internal users.
From IAM to CIAM
However, the days are long gone when only internal users needed to be identified. Customers nowadays do almost everything on line. From simple things such as asking questions via the chat, to important financial transactions.
And that’s where CIAM comes in. CIAM builds on the same principle that underpins IAM. However, instead of having an internal focus, CIAM is concerned with the outside world: customers and the general public. Customers differ from staff in several key respects. They have different needs and expectations, and they aren’t bound by internal procedures.
CIAM’s aims therefore include:
1. Quick and easy registration
New customers want to get on with using a website as soon as they arrive. Even in the middle of the night. The process of registration, or onboarding, therefore needs to be efficient and automated, without any reliance on administrator intervention.
2. User convenience
If your login procedures are cumbersome and inconvenient, internal users will merely grumble. Customers will take their business elsewhere, maybe for good.
3. Maximum flexibility
Customers come and go, and use a service for a variety of purposes, often from a variety of devices. If all a user wants to do is post in a forum, multi-factor authentication is probably unnecessary. On the other hand, you want something more robust than a social login before allowing the user to perform financial transactions. Seamless internal alignment of the various supported login media is therefore required. The system has to ‘know’ that the user who logged in with Facebook a few moments ago is the same one who is now receiving a verification code by SMS or via an app.
4. Responsible use of data
Customers entrust sensitive personal data to the organisations they deal with on line. If security is compromised, crooks may be able to perpetrate large-scale identity fraud. The targeted organisation is also liable to be fined under the General Data Protection Regulation (GDPR).
One size does not fit all
IAM is therefore no longer sufficient to satisfy customers expectations. Customer access management requires a different approach from staff access management. And Connectis specialises in the required approach. However, whether the user is a staffer or a customer, the basic aim is always the same: to restrict application and data access to authorised individuals, without causing undue inconvenience.
Raymond Roelands is IT Director at Connectis.
The original Dutch-language article by Raymond Roelands can be found on ICTmagazine.nl.
Want to know more about CIAM and how to reliably and easily control access to your applications? Fill in your contact details below, and we’ll get back to you as soon as we can.