Dave Malcolm is Vice President of Engineering at UnboundID. Through previous executive product positions with Quest Software, Surgient, Motive Communications, and Tivoli Systems, Dave has garnered nearly 25 years of experience leading the development of high technology products targeted to enterprise buyers.
UnboundID: What’s the difference between workforce or employee identity and access management (IAM) and customer identity management systems?
Malcolm: Workforce identity management systems are deployed to reduce security risks by controlling access to applications and also to reduce costs through automating the user provisioning and entitlement processes. Customer identity management systems are deployed to increase revenue by delivering superior customer experiences through the use of customer data. Consumer systems are architected to manage millions or even hundreds of millions of identities whereas workforce systems generally will not scale to those numbers because they were designed to handle, at the most, a couple hundred thousand identities.
High availability is another significant difference because customer identity management systems cannot afford downtime, which has an instant impact on top line revenue. If a workforce system goes down, it affects productivity and can be annoying to employees, but it doesn’t have an immediate, direct impact on the business.
Finally, the management of identity data is the focus for consumer systems. This data is highly valuable and leads to superior customer experience, which has a direct impact on brand loyalty and therefore revenue. In workforce identity management systems, access is the primary concern; identity data and user experience are not problems that need to be addressed.
UnboundID: What are the technical differences between employee identity and customer identity management systems?
Malcolm: Because customer identity management systems use identity data to deliver superior customer experiences, there are a number of technical capabilities required for managing consumer identities that don’t exist in workforce systems. These include easy registration, a common user profile, data access governance and preference management.
It’s important to make it easy for consumers to onboard into your website without friction. One technology that has been effective in enabling this is social login enabling users to login through their Facebook, LinkedIn, Twitter or Google account. This makes it easy for them to register without the need to remember another login name or password. An additional benefit of social login for the service provider is that identity data is captured as part of the login process thereby adding more data about the user to his or her profile.
It’s important to create and maintain a common profile for a user which can be leveraged across all digital channels with which the user interacts. This makes the user’s experience consistent and cohesive. Centralized data access controls need to be in place as part of managing these user profiles so that applications accessing this data only get the information they’re permitted to have. Finally, allowing users to provide preferences and privacy settings is instrumental in delivering a more personalized experience.
UnboundID: How is that common profile created?
Malcolm: Most large companies have accumulated consumer data through multiple channels and digital business offerings. Unfortunately, each of the channels and offerings tend to maintain their own unique user profile store. To address this problem, it’s important to create a single common profile that can be leveraged across all digital business, channels and applications. The best approach is to centralize this user data into a single physical or virtual data store. The UnboundID Platform provides a real-time bi-directional synchronization capability. Data is maintained in a centralized repository and continuously synced with different data sources to create a common profile that is always up-to-date. This common profile is made available to applications through an easy-to-use API.
UnboundID: Why not use the CRM system to maintain a common profile?
Malcolm: CRM systems have traditionally been deployed and used in the realm of customer service. Although customer service is an important channel and a key interaction point, it is only one of a number of sources of customer data that contributes to a common profile. Other sources of data include customers’ website browsing behavior, point-of-sale transactions, order history, social media connections, third-party data feeds, loyalty program data and more. CRM systems were not designed to consolidate data from many data sources and serve it to applications in a scalable, high performing and secure way.
UnboundID: Preference management is a newer capability in identity management systems. How does it work?
Malcolm: Preference management is a technical capability that enables consumers of a website or application to directly specify their personal preferences as to how they want to interact with a vendor’s services. This includes preferences for communication (types, medium, notifications, timing), product or services interests, personal device settings and privacy directives, to name a few. Preference management provides the technology to enable the capture, enforcement and update of the user’s preferences. This helps consumers because they are giving direct input regarding their interests and how they wish to interact with the company. This can result in a superior customer experience rather than the alternative, where the user’s preferences are inferred by analytical systems which market to users through ads and campaigns that are often irrelevant or inaccurate.
UnboundID: Does a company need both types of identity management systems?
Malcolm: Customer identity and preference management systems are relevant to digital businesses that interact directly with consumers. This includes a large number of industry verticals, predominantly financial, healthcare, telecom, retail, travel/leisure, and technology. These companies deploy customer identity and preference management systems to improve customer engagement to avoid losing market share to their competitors. All companies need to manage identities for their employees, partners and contractors. Therefore, both types of systems are required for businesses with direct consumer digital interactions.
Learn the results of Forrester’s latest industry research in the upcoming webinar, Customer Identity and Access Management Market Overview. All registrants will receive a free copy of the Forrester report.