– By Aubrey Turner, Executive Advisor, Ping Identity

It’s no wonder most enterprises struggle to balance their security needs with the need to keep their technology usable and productive. On the one hand, they must ensure their customers and workers are able to seamlessly access the required platforms and apps from whatever device they are using, from anywhere in the world. On the other hand, opening up multiple fronts of access into their cloud multiplies the security risks. The more access points, the more opportunity for vulnerability.

Utilizing a SaaS based identity and access management (IAM) solution is one way to address the challenge. It helps enterprises find that just-right sweet spot between securing their organization and ensuring productivity.

With cloud-based IAM, enterprises can build a security framework that lets them identify a network user and control their responsibilities and access rights, as well as the scenarios under which the privileges are issued or denied. IAM typically includes authorization and authentication capabilities such as single sign-on (SSO) so they can give users the ability to sign on once, and with a single set of credentials, gain access to multiple services and resources. It also utilizes multi-factor authentication (MFA) so you can gain a greater level of assurance of a user’s identity by requiring the user to provide two or more factors as proof of identity, such as biometric authentication, contextual authentication, and behavioral biometrics, to name a few.

How IAM boosts productivity

These identity-based capabilities are foundational to ensuring protection in a world where network perimeters are no longer reliable or relevant. Cloud-based IAM means an enterprise’s users are no longer limited to employees protected by a firewall. As remote or hybrid work has taken hold, enterprises need the ability to give diverse workforce users access to resources from anywhere and on any device to ensure productivity doesn’t suffer.

Similarly, customers are also interacting with enterprises through a growing number of digital channels. As customer behavior has changed, enterprises must now provide access to these users as well or risk losing their competitive edge. These shifts in how work is done and purchasing decisions are made have pushed traditional security approaches to their breaking points.

But security requirements aren’t the only thing that’s changed. Both workers and customers have grown accustomed to convenience. As a result, they expect quick and easy access to resources, services, and goods, when and where they want them. While a workforce may be more inclined to make do with what’s provided, customers can and will explore their options.

IAM shifts the boundary to the user and puts identity at the center of security. It helps enterprises ensure that users are who they say they are before being granted access to sensitive resources or data, while minimizing friction in the user experience.

Case Study: Equinix

For boosting workforce productivity, consider the example of Equinix, Inc., the world’s largest data center provider. Experiencing rapid growth, the California-based company realized it needed to revamp access for its 2,500 employees, providing easier access to a diverse set of applications, better application visibility, and mobile access to on-premises apps. Business applications, both on-premises and cloud-based, had mushroomed, each requiring a unique username and password. Users had to remember and utilize multiple logins each day, and their experience varied by device. Mobile access to on-premises applications was clunky at best, especially for tablet users. And, after Equinix acquired several other firms, finding and getting access to the right applications had become a major problem for employees; the IT department noticed an upsurge in support calls.

Equinix employed a cloud-based IAM platform to give employees seamless, secure, anytime-anywhere SSO access to on-premises and cloud applications. The platform enabled Equinix employees to access a wide variety of resources through the cloud using only their corporate username and password. The technology’s use of open authentication standards like 0Auth and its ability to support multiple mobile browsers gave Equinix employees mobile access to cloud resources including Oracle, BMC Remedy, Hyperion, Microsoft SharePoint, Salesforce, Box, Taleo, Workday, ADP, ServiceNow and Marketo.

Employees can now access apps with just one sign-on, saving Equinix more than 500 employee-hours over four months. On-premises and cloud app access is now seamless, with 56% of the workforce being able to access apps within two hours of the launch. The site had more than 65,000 Oracle logins and 10,000 logins for other apps per month. Most importantly, visibility problems have been eliminated because employees go to a single location to find any application they need.

Frictionless customer experiences

While many organizations find that enterprise IAM satisfies the requirements of providing secure workforce access, it often lacks the capabilities needed for customer use cases. But Customer IAM (CIAM) can help enterprises deliver the kind of secure and seamless experiences needed to win battles for customer acquisition, retention, revenue, loyalty, and trust.

It does so by enabling enterprises to securely capture and manage customer identity and profile data, as well as control customer access to applications and services. Effective CIAM solutions provide a combination of features including customer registration, progressive profiling, self-service account management, consent and preference management, SSO, MFA, passwordless options, access management, directory services, risk/fraud mitigation, and data access governance as well as marketing technology integration capabilities to help organizations streamline and scale marketing activities. These powerful security features work behind the scenes to protect valuable customer data while reducing exposure to security breaches.

Improving the customer’s convenience, productivity and experience when interacting with their brand delights consumers in turn. It ensures their journey from prospect to loyal brand advocate is as smooth as possible. That includes personalizing their experience without being overly intrusive. If an enterprise falls short of providing an exceptional experience, their customers may go elsewhere. For example, a 2021 consumer survey on brand loyalty found that 56% of online consumers have abandoned an online service when logging in was too frustrating.

Good CIAM solutions help enterprises understand their customers better as well. It allows enterprises to collect data from customer interactions with their website, apps and partner apps, giving the company a well-developed customer profile.

At the same time, they can better protect their customers’ information and meet all privacy regulatory requirements, including the:

  • EU’s General Data Protection Regulation (GDPR)
  • California Consumer Privacy Act (CCPA)
  • Health Insurance Portability and Accountability Act (HIPAA)

Using features like fraud mitigation and adaptive MFA, CIAM protects customer data if passwords have been compromised and hackers attempt to use those credentials to access and takeover an account. CIAM looks at behavioral and contextual factors for anomalies, such as risky IP addresses, bot versus human, device characteristics and changes since the last login. It also lets enterprises keep customer data in a secure directory that encrypts data at every stage to protect it from attacks.

Altogether, a strong IAM platform helps ensure not only data protection for customers and employees, it also encourages a streamlined user experience that puts it right at the sweet spot of security, convenience and productivity.