KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Data is Power. And as a popular comic superhero said, with power comes more responsibility. For companies offering digital services, the responsibility lies in storing the customer data securely. Growing number of global privacy regulations underpin this responsibility.
More and more organizations are using specialized Customer Identity and Access Management (CIAM) solutions which enable them to consolidate the data of existing customers while offering new and innovative ways to acquire new ones. CIAM tools can be used to prevent fraud, monitor suspicious activity as well as generate important business reports and statistics.
CIAM market is growing yearly but remains the most innovative in various IAM disciplines in to meet the fast-changing digital business demand. Utilizing modern, flexible, and scalable CIAM platforms will enable organizations to combine good customer experience with strong data security. Certainly, a recipe for a successful online enterprise!
This talk will give insights on how to strategize your CIAM journey and shed light on some pain points companies face when embarking on this exciting adventure.
Data is Power. And as a popular comic superhero said, with power comes more responsibility. For companies offering digital services, the responsibility lies in storing the customer data securely. Growing number of global privacy regulations underpin this responsibility.
More and more organizations are using specialized Customer Identity and Access Management (CIAM) solutions which enable them to consolidate the data of existing customers while offering new and innovative ways to acquire new ones. CIAM tools can be used to prevent fraud, monitor suspicious activity as well as generate important business reports and statistics.
CIAM market is growing yearly but remains the most innovative in various IAM disciplines in to meet the fast-changing digital business demand. Utilizing modern, flexible, and scalable CIAM platforms will enable organizations to combine good customer experience with strong data security. Certainly, a recipe for a successful online enterprise!
This talk will give insights on how to strategize your CIAM journey and shed light on some pain points companies face when embarking on this exciting adventure.
Great. So we have a day for with doctors. Every speaker is a doctor. Yeah.
So, hi, my name is George Barza. I'm a security consulting manager with Accenture. Before I worked for coping a call for three years. So I see familiar faces and thank you coping. A call for inviting me to speak. I will talk about cm. So customer driven, digital first, trust and value based. So here some table of contents, we will repeat the definition. Repetition is mother of knowledge, as my mother would say. So definition benefits of si, business, relevance, value creation, some use cases from different, you know, branches. Some vendor overview and some implementation tips.
So let's move to a definition. So yeah, of course Sam is very much different from enterprise.
Im, or as I just wrote, just Im, who are the users? Users are customers, contractors, also partners, could be citizens, right? And for enterprise, IM, it's the employees of your company, customer experience, very high customer experience. Expected for Siam, not so much expected for enterprise, IM, although it might should be, maybe it's a different topic.
But yeah, so that's basically where the focus lies. So yeah, identity providers for enterprise, IM, we have enterprise directories. We could have the same for Siam, but we have social login. Your Facebooks, Googles, Amazons, if you want to use that for your login, of course for citizens could be some regional IDs, digital IDs and so on. So in capabilities, we have a match somehow.
If, if your company also uses sso, Federation, mfa, that's all good. But for Siam, what we really have to focus is also constant management, right? So giving your customers chance to accept, just, you know, see that, see that you, you value their constant, highly, and of course, you know, registration and so on. Strong authentication, very important. It's not expected for your enterprise. Im to have high scalability readiness. Although for Siam, it's expected because you might, you know, sell beyond sales tickets and whatever. I dunno. And you might acquire new customers very rapidly.
And for the privacy and data. So enterprise, IM owns and operates this data. And for Siam, ideally we should help users to control their data and make them feel that they own it.
Of course, they own the data, but we should really tell them that or make them feel that, right? And yeah, so Siam is, you know, trying to reduce costs for your company, for your support desk. So all the manual password changes, whatnot. Then all your colleagues can put up fires in your internal systems. Don't bother them. Yeah. Ideally with, with all this stuff to do, to do it in a manual way so you can save costs, increase your revenue. So for enterprise, yeah, I mean it, it also would be good to reduce costs, but it's not a primary, primary driver.
So I, I will use a quote from John Tolbert. Yeah, lead Analyst at Kuppinger call who said that companies with poor CM implementation lose out on the business. Not only they lose out on good business, they could risk their reputation in case of a data breach, right? So if they end up on the news, they can lose their reputation. They might be so big that even if they end up on the news, nothing happens. But I mean, you don't want to do that because you will have bad internal meetings coming up. So we see that CM is a key factor for digital customer experience.
Key i, key points I listed here, it's identity governance. So governing your identities, data privacy, kyc, user experience, efficiently aggregating the data you need. Not all the data in the world, but efficiently, right? We mentioned scalability and access management. Maybe if you're really fancy, you do adaptive access, whatever, that should be your goal. So some numbers and percentages, I also have those. Yeah. So we think that growing your digital business in the future fits very well with building blocks of cm. It's experience, performance, security, and trust. So what about experience?
Everyone likes good experience. When they, when they shop, they then you, you know, will have brand loyalty. They will shop with you again. If they can use multiple channels for that. And you know, you put something in a cart and you use a mobile phone and it's still there, that would be great. Multiple devices, right? So my experience was I bought a flight ticket on a third party website of a flight company. Then I wanted to change my email or something. And then I asked for otp and it OTP right after five minutes, but it's duration was five minutes.
So, you know, then I ordered it again, hoping that technology would somehow magically send it in three minutes. It never happened. So then I had to call. It's not fun, right? So I don't want to do that again, right? So performance, you don't want to, you know, have people coming to your, to your buying your products and then your website is, I dunno, not performing well because of, because of issues. Yeah. 270 cyber attacks in a year per company, you won't have high security. You have to have, you know, integration with your cm, with your, you know, helping them identify unusual behavior.
And then trust. Of course, if customers see that you offer transparency, they will trust you. And people like to trust a good company, return to them with their business. So I really love CM because it benefits from latest strengths of technology and it can help you to benefit from that. It can make use of decentralized id. You can have single platform for access management like Philip mentioned also for partners, for example, which is a, yeah, nice touch because a lot of companies struggle with where to where to you know, how to solve that situation.
IOT and ecosystem saw, some of you are part of an ecosystem of a company. You use their everything, right?
So if, if the data is shared within those devices or these identities communicated, that's good for you, right? Flexible profiling, you don't want to ask a customer to fill out their blood type when you just want to do something, you know, just all the necessary info for what you need, right? And then you can use progressive profiling, federated access. You can make use of some digital identity. Person already owns all this in cloud or hybrid, depending on what you need. Then we have of course fancy authenticating methods, biometrics, context, contact space here.
A lot of AI algorithms can be, are being utilized. Privacy and consent and omnichannel support.
So yeah, in my opinion, CM is really helping your MarTech. It helps in collecting your data, unifying it, then helping you analyze it, and then you can do whatever you want with it. So basically you have 360 customer view. So it's a part of your MarTech, it's central part, but additionally it also offers compliance and security layers. So this is, this is very important. It's not just a marketing tool, it's, it's supports your marketing, but it also offers all the security layers you, you need.
So what industries can we look at, for example, at least at some of them here, usually if there is a regulation, industries tend to recognize this and then try to move to CM for that. For example, financial services at bureau banks or insurance companies, they have a lot of, you know, regulation constraints for Siam use cases. Could be their k yc, you know, some policy changes, cyber attack detection, power companies as well.
You have some, you know, not so much focus on your usual user experience, but some special identities, policies and cyber attacks are very defense from cyber attacks is very important. Health and public service for health, you have some, you know, hipaa, whatever regulations, not so many health companies focus on or public service companies focus on user experience, but they should focus on security.
Also, some kind of special identity provisioning ways like post-service, you can use, you can try to use post-service identification, digital identification online, whatever, if it works for you. Comtech, usually they have their in-house team who builds all the cool tech, all that they want to do. They don't usually use some fancy third party tools, but that would be a good idea for them to do.
And products and industry, wouldn't it be good if your car could communicate with, you know, have all the information already, what you need, what you like, provide some extra things you can purchase also in retail. So you get, you know, very specific commercials, specific hints about what you wanna buy. Those companies don't tend to focus on that at the moment. That much like for travel, I said with my o OTP issue, but that's the industry, one of the industries we should focus on it. So let's take a closer look at the advantages of some, some technologies and services in financial services.
So, you know, Fido one can use of course for good authentication methodology, mfa, single sign on or social logins, right? So a unified customer account. If you have one account in your organization, then you can use across this multiple channels.
You can, you sh you should not create 10 accounts for single customer for different things, right? Transparency, traceability for constant. So P two forced companies to do it because you can now share customer data. It has to be available. But this transparency, traceability has to be there and manage services. If you wanna save some money maybe and ensure some, you know, performance, scalability, you can also, you can also look at managed services. So what challenges FS can solve with it, right? So customer onboarding, initial kyc, it's really cumbersome.
Not a nice process when you do it, you even, you have a feeling they don't learn much about you. So it, it has to be done in a faster way, but also in a reasonable way. It has to be easy for a customer to manage their data, change their passwords, you know, check out the consent they accept accepted of course in lights of regulation in you for anti-money laundering. You can use third party to do that check, but you can also help your clients to use your proofed identity to do other things, right? So if a bank is a trusted sourcing, that that would be of course perfect.
And of course fraud detection based on maybe geolocation multifactor authentication. That's additional security layer, which is a challenge, but can be solved with sam. A lot of vendors we saw at EIC as every year.
So it's, we also see that traditional IM vendors offer more and more CM capabilities. You can choose your deployment type.
You, you want, if you want to go cloud, you know, you might save some initial costs. If you want to do on-prem, then you need to, you know, put high initial costs, train your stuff. But that's might something you want to do. And hybrid, if you have some privacy challenges, you know, you have some specific data, you, you want to go with that model. So we as Accenture, we maintain a strong relationship with market leaders and of course happy to work with you. And of course, yeah, it's a moving, a moving market. It's expected that everyone offers ss.
So m mfa of course, a lot of mergers and acquisitions in last last years. So let's look at some basics about starting, let's say your CM project. So you might think, okay, what is so special about this? Nothing really on the bottom part, it's just exemplary project timeline. Of course we say, okay, define your scope, define your business drivers, define some use cases. But I think the middle part and the right part is really important. So CM is a should be cross department project. It's not only from your security team, they cannot drive it.
So you have to bring everyone together, specifically marketing, sales, whoever owns the data, your IM people, security people. So it's really cross the cross department. So there needs to be some decisions made and then someone should be in, you know, have this authority to make this decision. And you should bug your leadership to pay attention because usually it happens very often that companies do have some CM already, right? So if it's self-made or if it's some, I don't know, some legacy. And then if something works, nothing is burning.
Why, why, why create a headache? So, so you have to really push that.
Yeah, you have to get everyone on board, this inter interdisciplinary team and try to work together to, to have a successful CM project. I think you saw a lot of such boxes, I guess if you attended eic. So let's look at the some capability model. Just go through this quite briefly. So we have a service strategy. You have talk with your architects, define this architecture. You have to have a clear definition of your features and demands. If you are, you are from a really large company, which is has a lot of branches around the world.
This feature and demand management could be really, really tricky because everyone needs their own thing. Everyone might be already happy with what they have. So you need to, you need to have this strategy clarified, right? Then we move to operations. You have your idm, access management as well, and you, you integrate with your security monitoring, but you also do performance monitoring, synthetic monitoring to get your customer data. Then the data management, you have to have a scope for your data, how you aggregate it, where you store it, provisioning, and then getting some value out of it.
And then you of course have to manage your platform ops delivery, talk with your, the vendor. So the, the right and the left parts are quite, quite ni important, I would say. So left is service governance. So you have to, as I mentioned on a previous slide, have a strategic alignment within your company with marketing and sales of course, and very important who owns the data, right? That there might be some, some challenges coming out of it. Is this your CM team? Is this some other team? Just clarify that.
It's very, very important. And how you measure your value, right? So you can measure it by acquisition and retention of your customers, how loyal they are, the digital trust and their lifetime value. So do they come back how they, how they, how time they spend on, on, on your, on your website. So all this together, they, it can play a major, major role in your business success. So that's basically it from my side. Thank you. Thanks very much. And so the most important thing is, is really what you've learned from your, your implementations.
And as you mentioned, regulatory compliance is undoubtedly one of the drivers. But what I was keen to know is how will are the benefits and opportunities understood for implementing siam? I think the faster answer, simple answer would be your business grows. So that's the benefit, right? So that should be actually your driver.
If you, if you have, if you have Siam, which works, then you probably, you know, don't need. But if you have some specific regulation, you cannot put data somewhere in a cloud. You have to do a hybrid model. Something that can also be your internal motivation to, to have CM implementation. Yeah. But What I was asking essentially was from your interaction with end user CU companies, you know, do that, is that well understood? No. Okay. No. Right. No. Okay.
What, any quick question in the room here before we move on. Okay. Thanks again for Dr. Doge Forza. Thank.
