Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Consumer Identity Management systems step up where traditional ID systems fall down

Bjorn Aannestad, Director, Product Management, UnboundID | March 12, 2015
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.

CIDM technology, which consists of identity data stores that are built to scale horizontally and integrate with modern application architectures and policy-based RESTful APIs, allows for the faster processing speed required to manage millions of profiles. Compared to EIDM, CIDM supports the sharing of profile data from multiple channels and multiple apps, which can drive new customer experiences and engagement models. CIDM can ultimately help companies better monetize their customer base through applying personalization.

Typically, CIDM allows consumers to manage their own profiles and designate which data will be shared with the company and how they would like to receive content (and which types) from the company. This process can occur from multiple channels, such as from the company's website, social media accounts or at the cash register.

Whereas with enterprise ID management, the users (employees) have no choice about what data is provided and how it is used, with CIDM, the users (consumers) demand control of their data and proper protection. If they have doubts, they'll go somewhere else.

To ease IT management, CIDM offers identity consolidation, which discovers multiple records for the same individual and combines them into one record. These systems also can provide adaptive access control so that if, for instance, the system detects a suspicious login attempt (from the middle of the night, in a location not typical for the user) it will add a step to the sign-in process for added security.

Considerations in deploying EIDM and CIDM

EIDM and CIDM solutions serve different purposes, although there is some overlap in access control, auditing, multifactor authentication and federation. Consumer ID management can handle some aspects of enterprise ID management, but EIDM is not well-equipped to handle large-scale consumer data management, as described above.

There are other reasons why EIDM is not ideal for consumer data management, including the lack of or limited identity proofing, support for third-party social media login, just-in-time provisioning and adaptive access controls. You can use the following guidelines for deploying and managing identity management solutions:

* Optimizing EIDM. Enterprise IDM is about automating processes for managing account provisioning, access management, changes to account access and terminations for the purposes of giving the right access to the right people at the right time. Optimizing EIDM platforms hinges on working with HR, application, and operations teams to capture existing provisioning processes and understanding core elements for deployment.

Operations teams are under significant pressure to keep up with account access requests. Many of these tasks can be automated through an employee self-service portal. Centralizing access management simplifies and speeds up the process of how employees login and request access to applications. Active accounts of terminated employees pose a significant risk to the enterprise. Partnering with HR to automate terminations will significantly improve these processes and reduce unauthorized breaches. Finally, automating reports for audit groups and providing access to data prior to the actual audit will save precious time and resources.

 

Previous Page  1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.