Modal Title
Security / Software Development

Managing Customer Identities without Compromise

It is important to select a solution that can provide a low bar to entry while also not imposing an artificial ceiling that limits customization.
Jun 1st, 2022 10:49am by
Featued image for: Managing Customer Identities without Compromise
Feature image via Pixabay

Bob Bentley
Bob is the director of product marketing for WSO2. He previously held multiple product marketing leadership roles including leading database security at Imperva, MFA management at Duo Security and identity/access management at NetIQ. Bob has an MBA and a bachelor’s degree in computer engineering from Brigham Young University.

In today’s “always-on” world, delivering enhanced digital experiences is key to success. Whether customers go online to pay a bill, set up a doctor’s appointment or shop at a favorite retailer’s site, they want to know that an organization knows who they are, protects their privacy and lets them control how their personal data is shared.

For example, in the UK, customer identity and access management (CIAM) plays a central role in maintaining trusted relationships with consumers online. In fact, 78% of the 200 UK and Ireland respondents who took part in a recent WSO2 and Vanson Bourne research study said they are already using an identity and access management platform (IAM), with 67% using a CIAM platform. Additionally, customer expectations for a great user experience continue to rise, which is putting more pressure on organizations to deploy better security, and in particular, better customer identity and access management solutions (CIAM) that don’t compromise the business or security.

But how do you make that experience as frictionless as possible? How do you make sure that the organization is delivering an engaging personalized customer experience that is secure but low friction for users?

Meeting the Needs of the Business and Security Teams

Organizations view their ability to create trusted digital experiences as a significant opportunity to not only build customer loyalty, but to also gain a competitive advantage. Therefore, any solution must meet both the requirements of the business and the security team.

The business is looking at how it can provide a highly personalized customer experience that enables the organization to convert prospects into customers faster. Business lines are also looking at how they can stay ahead of competitors while they strengthen their brand and online image. Let’s face it, if you don’t have a good presence on the internet in today’s digital world, you’re getting nowhere!

IT leaders are looking at how they can empower business initiatives, but don’t want to be seen as the anchor or blocker. Equally, they don’t want to sacrifice security, as this could damage trust. With the escalating threat landscape, it is hard to keep pace with all the security vulnerabilities and achieve vast scale. An organization could have a few thousand internal users, but as soon as this turns into a public-facing service, this could scale up to hundreds of thousands or even millions of external users. Therefore, being able to achieve scale quickly but securely is critical.

A Shortage of Identity Specialists

With a shortage of identity specialist developers, finding specialists within the organization who have CIAM skills is tough. At the same time, implementation cycles are shortening, with the business demanding faster and faster release cycles. IT teams are under pressure to continuously deliver as backlogs grow at an alarming rate.

As a result, more software developers are assuming responsibility for incorporating security into the applications driving consumers’ digital experiences. This is driving demand for cloud-based highly automated solutions that allow developers to add CIAM functionality quickly and easily, without having to become security software experts.

In the long run, both business and IT teams want to build a great digital customer experience with robust security and a seamless omnichannel presence. However, to do this they need to address the complexity of building a large-scale and unified view when customers’ digital data may be spread around different IT silos within the company. They must do this in a more efficient and cost-effective way to achieve quicker time to value.

This means there are uncomfortable trade-offs that organizations must often make when selecting a CIAM vendor partner for their digital experience project. These include the tension between maintaining appropriate security controls without causing high friction and alienating users. Organizations must consider how they realize their unique customer experience (CX) vision without complicated development projects. They need to establish how they deploy today while also having the flexibility to meet tomorrow’s evolving needs. Lastly, they must solve how to scale at an affordable price. Get it wrong, and there is a huge amount of risk incurred and costs sunk.

The Tension Between Security Versus Convenience

In our experience, there is always tension between security and convenience, which is why organizations should look to work with a vendor that can help to minimize any risk to the success of the CX program. Furthermore, companies will be at different levels of CIAM maturity as well as have a unique vision about their ideal customer experience, combined with varying levels of expertise.

Therefore, it is important to select a solution that can provide a low bar to entry — helping those just beginning their journey achieve their goals quickly and easily — while also not imposing an artificial ceiling, where the simplicity of the tools is a barrier to sufficient customization and extension as the CX project matures.

Also, we cannot emphasize enough the importance of flexibility to address the varied and complex IT landscapes within organizations. This means that any CIAM solution must have the ability to scale both technically and economically, so an enterprise is not penalized for its growth ambitions.

Unfortunately, all these requirements won’t be met by a one-size-fits-all approach. CIAM is not a once-and-done initiative but a multiyear project. Rudimentary CIAM starts with basic identity management, simple siloed integrations with registrations, social logins and access to customer portals. Over time this matures to having a unified view of the customer, an omnichannel experience, real-time customer analytics and secure API-level integration with business systems.

At the end of the day, customers don’t care about security — until they do! Therefore, it is in the best interest of any organization to ensure a secure user experience. This means providing a CIAM solution without compromise.

At WSO2, we have over 1 billion identities under management, and we offer an end-to-end developer experience, built for scale with flexible deployment options. In a recent Total Economic Impact Report on WSO2 Identity Server by Forrester Consulting, one of our customers reported $4.51 million in benefits over three years with 332% ROI and a 60% increase in developer productivity. We encourage you to read the full report here.

Group Created with Sketch.
THE NEW STACK UPDATE A newsletter digest of the week’s most important stories & analyses.