In today's modern enterprise, it takes a village to raise a comprehensive customer identity and access management (IAM) solution. As the complexity and scope of customer access to applications and data grows, so does the number of hands involved in the process. Now, more than ever, building a business case requires cross-organizational support.
Early customer IAM initiatives were usually driven by the marketing department--or by those in charge of marketing for a business unit. But today, Gartner acknowledges that customer IAM initiatives to be far more complex with so many access points into the organization. Companies are looking to establish common practices and leverage expertise across projects. For that reason, Gartner is seeing a trend toward greater involvement by technical professionals in customer IAM projects. For example, one customer IAM project at a large retailer was co-sponsored by the ecommerce, marketing and IT teams.
The decision-makers for customer IAM solutions have also expanded. For some organizations, the CIO remains the digital buyer, with the CMO as chief contributor. In other cases, the CMO drives the decision with the help of IT for technology vetting. Even IAM teams that traditionally work with employee access get involved, especially if the organization is considering whether they even need separate access-management tools for employees and customers.
So how do you build a business case for customer IAM that will make everybody happy? First, the organization must define the immediate business drivers. Three of the most common initiatives driving the need for customer IAM include:
Aggregation of third-party applications - Very few customer-facing web properties or mobile apps exclusively use in-house applications. When you need to provide access to applications outside of your domain (payment apps, loyalty apps, etc.), it's critical that the experience for the customer is seamless. This requires SSO so customers get a single login with no clunky hand-offs to third-party app providers.
Integration of multiple web properties under a single brand - When offerings grow through merger or acquisition activities, new business partners, or the introduction of new sibling brands, you end up in a situation that requires varying levels of access control.
Development and delivery of mobile applications - A positive customer experience requires a consistent experience across disparate applications and properties, including mobile apps. Getting it right requires centralized identity capabilities that provide a unified view of the customer across all business units and channels.
Once the drivers have been determined, the stakeholders involved will become clearer. Next, develop a list of requirements to meet those needs. Until recently, few standard requirements existed for a comprehensive customer IAM solution. Gartner has come up with set of recommended solutions capabilities, including:
Self-service capabilities from registration through profile management
Social media integration
SSO to multiple applications
Adaptive access control
Based on an organization's capability requirements, it's easy to see where leaders from all parts of the organization would need to collaborate. By taking these factors into consideration, organizations are on their way to building a business case for customer IAM that will make both decision-makers and users happy.