Customer identity access management
Customer (or consumer) identity and access management (CIAM) is a subset of the larger concept of
The biggest difference between typical IAM and CIAM is that CIAM gives its users (consumers) significantly more control over their identity.[3] Unlike traditional (or inside-out) IAM, which is generally driven by operational efficiency, CIAM is built on a user-first, outside-in approach[4] that gives customers the agency to make changes to their security, privacy and personalization settings.[5] [6]
At its most basic level, CIAM is a system for establishing and maintaining persistent customer data, authenticating legitimate users, denying access to threat actors and authorizing customers to access digital assets. While there is a vast number of additional functions that CIAM solutions can provide, they are secondary to external-facing authentication and authorization.[7]
CIAM functionality
CIAM can be composed of a wide array of tools and applications, often combining software from multiple vendors to achieve the desired functionality. For this reason, businesses often take a phased approach to CIAM by implementing technologies that suit their most immediate needs rather than attempting to roll out a comprehensive solution.[8]
Rather than being defined by a specific set of tools, CIAM is more accurately described based on its capabilities.[9] Generally speaking, a CIAM environment includes:
- Identity administration
- User privacy and consent management
- Fraud prevention capabilities
CIAM solutions may also include but are not limited to: secured
CRM
CIAM environments can also work adjunctively with a
CIAM and cybersecurity
Customer identity and access management (CIAM) is a IAM technology which helps organizations to manage customer identities, providing security and an enhanced experience. The primary purpose of Customer identity and access management is to help organizations deliver a great experience to customers and to protect their user data.
CIAM environments protect their owners from a different set of cyber threats than traditional IAM solutions. Financially motivated threat actors attacking a CIAM solution will steal services or make illegitimate purchases rather than ransom business infrastructure.[13]
CIAM solutions are tasked with protecting customer accounts without significantly compromising a smooth or convenient experience. They do not have the benefit of dealing with internal users like employees, and thus CIAM environments are typically designed to contain self-service components for account maintenance or troubleshooting. For example, a CIAM customer might be able to easily reset their account's password through automated dialogues. However, this has led to self-service mechanisms becoming frequent targets for fraud schemes.
Because of this, many CIAM implementations are designed to authorize users based on their perceived level of trust, only enforcing a secondary step-up authentication when the user tries to take a particularly sensitive action.
Privacy and consent management
Because of the nature of CIAM — which involves a user logging in, managing their profile and accessing services — CIAM solutions
CIAM market
Vendors primarily identify their products and services as CIAM components as a way to appeal to potential clients. CIAM is still relatively new as a market apart from IAM, and few providers offer comprehensive solutions, or those that include all of the proposed functions of a CIAM implementation. Analysts are still divided on what the terminology includes, but it is generally accepted that CIAM represents an external and user-centric alternative to legacy IAM.[14][15]
See also
- Digital identity
- Electronic authentication
- Federated identity
- Identity assurance
- Identity management
- Privacy by design
- Strong authentication
References
- ^ "CIAM is a growing trend".
- ^ "Tech Support Trends for 2018". blog.capterra.com.
- ^ "IAM vs CIAM: What's the Difference?". Solutions Review.
- ^ "CIAM as a Key Factor in the Digital Transformation". KuppingerCole.
- ^ "What is Identity and Access Management (IAM)?". Oracle.
- ^ "CIAM vs. IAM - Inversoft". www.inversoft.com.
- ^ "Customer Identity and Access Management (CIAM)". Gartner.
- ^ "Decoding Customer IAM (CIAM) vs. IAM". Okta. 7 July 2017.
- ^ Moffatt, pp 69
- ^ "What Is Customer Identity and Access Management (CIAM)?". Transmit Security. 8 August 2021.
- ^ Moffatt, pp 285
- ^ Moffatt, pp 75
- ^ Moffatt, pp 116
- ^ "Does your customer identity and access management (CIAM) inspire trust?". PwC.
- ^ "What Is Customer Identity Access Management (CIAM)?". Security Intelligence. 28 September 2021.