The Top Four Enterprise CIAM Mistakes (and How to Avoid Them)

The Top Four Enterprise CIAM Mistakes (and How to Avoid Them)

What are the top three customer identity and access management (CIAM) mistakes consumer-facing businesses face? Why does CIAM matter to your business? How can CIAM improve your bottom line, and how can CIAM mistakes damage it? 

Of the branches of identity management, perhaps CIAM represents the area of most potential growth. While traditional identity management focuses on protecting employees and third-party vendors, CIAM works to protect customer identities and data. However, CIAM must also balance a different set of demands than traditional IAM even as it uses similar capabilities. Additionally, many enterprises struggle to understand why they can’t just use their IAM for their customers. 

We dive into these issues and more below in the Top 4 CIAM Mistakes. 

The Top 4 Enterprise CIAM Mistakes       

1. Failing to Balance Customer Experience and Security

Of the most common CIAM mistakes, this one must top the list. In fact, this singular issue represents the biggest division between traditional IAM and CIAM. The good news is your enterprise can use this information to your advantage. 

For clarity, traditional IAM doesn’t completely neglect the user experience; some identity security experts contend good user experiences can facilitate adoption and prevent workarounds. However, almost all cybersecurity experts point out the importance of security towers over the user experience. The data and assets users can access is just too important to leave to the mercy of user convenience. Therefore, your enterprise must put up as many barriers to access as feasible to deter and prevent hackers. 

However, the picture becomes slightly murky when customers enter. Of course, security does still matter to customers; no business looks good when consumers’ personally identifying information leaks from their databases. At the same time, customers also want a convenient user experience to make their shopping experiences as pleasant as possible. 

Indeed, studies indicate customers don’t complete their transactions if they feel inconvenienced by security processes. Cart abandonment and customer loss tend to follow in the wake of poor customer experiences. Obviously, the impact of your bottom line could prove enormous. 

To prevent CIAM mistakes like this, embrace capabilities which facilitate the customer experience. These can, and should, include capabilities you would never include in your traditional IAM. A notable example includes social sign-on; this allows customers to use their social media profiles to log in to their accounts. Unthinkable for IAM, but a huge boon to IAM.  

Crucially, this doesn’t mean the complete abandonment of security for customers. For example, for more sensitive transactions, enacting multifactor authentication may prove necessary. 

2. Not Understanding Your Customers’ Demands

Before enacting CIAM, you need to confront this question: who are your customers? 

One of the most common CIAM mistakes involves trying to deploy CIAM as if in a vacuum. Each industry and business serves a distinctly individual customer base. Before you can deploy this cybersecurity solution, ask yourself the following questions: 

  • Do your customers largely have access to biometric authentication (i.e. through their mobile devices)? Can you take advantage of this technology? If you can, can you secure the biometric identifying data in a fortified database with hashing? 
  • More importantly, would your customers prove receptive to the idea of using biometric data for their logins or transactions?
  • What kinds of user experiences do your customers expect? How can you provide that through your CIAM solutions? For example, if your customers tend to abandon their sessions only to return later, can you provide that? 
  • What level of risk can your customers accept? Would they accept social sign-on as an authentication method? Do they have social media accounts to use for such authentication? Would they approve of one-click purchases on recognized devices? 
  • Do your customers want a more straightforward user experience?      

The answers to these questions can start you on the process of making a CIAM experience which fits your use case…and ultimately strengthens your bottom line! 

3. Not Adapting to New Technologies

This relates somewhat to the above mentioned CIAM mistakes, but it still deserves a closer look. Modern cybersecurity and identity management doesn’t fit with the password-based authentication protocols of the past; in fact, we can say with some confidence that no one’s favorite authentication involves passwords. 

Hackers can too easily guess or crack passwords; in fact, through social engineering, they can guess users’ passwords or security questions. Meanwhile, customers often struggle to remember their passwords. One particular password phenomenon involves customers just resetting their passwords every time they login so they don’t have to remember. 

As a side note, your CIAM should allow for password self-resetting; this is a crucial capability for facilitating the customer experience.

More and more consumers have set mobile devices, often with biometric readers built-in. Your enterprise can absolutely take advantage of this and should; as an example, Apple Store actually does so, allowing for biometrics to authenticate purchases. As an alternative, you can use mobile devices as hard tokens or as part of SMS messaging. 

What matters isn’t how you implement these capabilities. What matters is your CIAM stays up-to-date with the current technologies used by your customers. You can’t let your identity and access management stagnate 

4. Failing to Personalize

No one likes to feel like they are just a cog in a machine. This is true of both your employees and your customers. Of the many classic CIAM mistakes, this one proves simultaneously simple and challenging to understand. You need to adapt your CIAM to include personalization for each customer connecting to your network. 

Again, what level of personalization you include for each customer will vary wildly depending on your customer base’s demands. Obviously, you need to start with privacy settings—customers should always have a choice who can see their transactions and activities. Beyond that, you may consider personalization as basic as message mediums and as elaborate as choosing the color theme of their profiles.

To avoid the most critical CIAM mistakes, you need a next-generation CIAM solution. You can find more information in our 2019 Identity Management Buyer’s Guide. We cover the top solution providers and their key capabilities in detail.  

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner