Intro
Dear readers,
Before we dig into the content of my first blog post about CIAM, let me explain why CIAM is such a key topic for Brighten Digital. The abbreviation CIAM stands for Customer Identity and Access Management. However, it’s a very different topic from old fashioned IAM (don’t get me wrong – nothing is more important than proper management of access rights of your internal employees / contractors). The CIAM addresses the needs of your customers who need to access restricted content on your sites / applications but goes much beyond just that.
This year we have had so much demand for CIAM consulting and implementation services across the whole of Europe, we had to double up our CIAM expert team (hurry up HR guys, more is coming).
What is the difference between IAM and CIAM?
Their common requirements are much different from standard IAM topics , for instance, you don’t need to assign all your customers’ different security roles and ask them for 2FA login. It’s important to provide them with a smooth possibility to register (nothing sounds better than being able to register and login to a new portal using your Facebook / Google / LinkedIn profile). Easy login (again social credentials are worth of gold), but as a reward, you are getting your customer profiles stored within your database (of course we talk GDPR compliance here) with unlimited access to your (consented) clients 24/7 with anything you need.
What are the key areas CIAM will help you to address?
There are few key areas good CIAM (yes – there are good and best solutions available on the market – but I will share more about this in my upcoming post) should help your organization address:
Login
This is the most important part of CIAM, but the login widget must be re-usable across different systems within your organization and preferably allow social
Registration
There would be no login without registration – even with social. It’s important to get users’ consent and basic data about who is visiting / buying in your ecosystem, so you allow them to login and use the services
The overall social area (Facebook, LinkedIn, Google and much more can be used here)
You would be surprised how much information the evil big tech (haha, we see you Zuckerberg) is willing to share about your clients with you (but who needs to have a list of your friends and their hobbies in the CIAM right?) – except of course, their login and SSO possibilities
Validation process
if you work within regulated environments (such as pharma or regulated goods – tobacco or alcohol), there might be legal requirements to allow within your ecosystem, only users who are validated (education, occupation, age). CIAM can help you both in real time with online validation calls to third party providers, real time scripts (modulo), but most importantly can provide your business with the possibility to manually verify the client / get his data via snail mail. Even in non regulated environments, the possibility to update customer login can be helpful, for example in case of detected fraud
Edit profile processes
Possibility to update customers profile – can be used for any contact / consent updates (removals for sure not happening in our implementations), important to enable to customer update his new email address, but also possibility to add his preferences / birthday, so that you can improve your campaigns and customer engagement with your brand
Consent management
Possibility to have full GDPR compliance, allowing your customers to manage multi channel consents across all the different domains, including possibility to unsubscribe or change channel preference, of course fully integrated with your omnichannel communication tools
Password reset
If you don’t know the reset password functionality, then you should probably stop the reading here (haha). However, you need to be able to do this in real time – there is nothing more annoying than waiting ten minutes for the reset password link (yes, we are again looking to one of the big tech providers, especially to one of his older versions of marketing automation tool)
SSO or Single Sign On
This can be greatly combined with social functionality (once you are logged in i.e Facebook, you open any website federated with your CIAM and you will be recognized as logged in). In addition, it comes along with standard registration / login features, allowing your clients to browse with one log in operation across your whole group of sites / portals, as long as they are federated. We will also allow you to collect additional information (progressive profiling) or additional required consent (i.e you sell lemonade and alcohol and want to move from lemonade ecommerce to alcohol – we will first verify your age, and than let you visit the 18/21+ site)
Outro
All in all every modern digital company needs to have CIAM in their roadmap – there are a bunch of cool reasons why to do so. But we at Brighten Digital truly believe that the near future will turn CIAM into one of the more important blocks of your ecosystem – but more on this in the following posts.
EN 
CS 
NL