Unifying Customer Data with Customer IAM

7 septembre 2017
Dustin Maxey
Director of Product Marketing

In my last blog post, I advised organizations to adopt a customer identity and access management (CIAM) solution that's built from the ground up with a focus on providing customers with secure, scalable and high-performance access to all applications. I also mentioned a unified customer identity profile as one of the critical requirements. Today, I'd like to explore what it takes to achieve that unification.


A single source of truth for customer identities, attributes and preferences will help you drive consistent customer engagement across all of your channels and devices. Customers can make updates in one place and see them reflected on every channel. Preferences identified on one channel can improve personalization on another.


What keeps many enterprises from realizing these benefits is the underlying identity data silos that have built up over time. As new apps and new channels were added, additional identity data silos were most likely created to support them. For app dev teams, this is often easier than integrating with directories they're not familiar with.


Bringing these disparate silos together can be challenging. A massive bulk migration to a cloud directory isn't realistic when there are many disjointed identity repositories that aren't standardized or synced together, nor is there a clear source of truth about customers. Some applications may also require legacy repositories to remain on-premises.


Surrounded by fragmented silos of identity data, what's an IT team to do?


The key is to find a customer IAM solution that can work with your existing environment, whether on-premises, in the cloud or a mix of both. One that can help you address the challenges of your data silos without interrupting business or requiring a complete overhaul of your IT infrastructure.


Data synchronization and zero-downtime migration are two customer IAM capabilities that can help you bring your identity data together, so you can put it to good use.

Get In Sync with Customer IAM

Synchronization of identity data allows all current data repositories to remain in place, while synchronizing data in real time to a unified customer profile. Your unified customer profile can then be maintained in a secure, scalable directory that will become the single central location where all applications can access all of your customer profiles. A real-time or scheduled bi-directional sync between the new and legacy repositories keeps all identity data current, no matter where it's updated or where it's housed.


A few things to consider when planning this kind of sync:


  • Choose a directory solution that can handle the robust amount of data and any availability requirements. Built-in redundancy, load-balancing and fail-over will ensure that things keep running smoothly even during peak use.
  • Ensure the solution you choose can map and unify data schemas and attribute types. Your existing repositories and directories may not store identity information the same way, and it's a big job if you don't have a vendor that can help with the clean up.
  • Store your unified profile in a directory that can store both structured and unstructured data. This is important because applications may need to add application-specific data to the unified profile without requiring risky, time-consuming schema modifications.
  • Select a customer IAM solution that can connect to any type of identity repository, such as LDAP, RDBMS, Active Directory and NoSQL, so that multiple sources can truly become one.
  • Confirm that the unified customer profile can be exposed to all applications through developer-friendly REST APIs.

The Great Migration

You may want to stop at bi-directional data synchronization and allow your new directory solution to co-exist with your existing infrastructure indefinitely. But data synchronization can also support a flexible data migration process. This will allow all of your applications to leverage the scale, performance and security of a modern data store. The key here is that you don't want to disrupt your customer experience while you move your data around.


That's where zero-downtime migration comes in. As the name suggests, it involves migrating customer apps to a unified directory without any loss of service, outages or lags for your customers. The bi-directional sync can remain in place during the whole process, so you can move legacy apps over to the new directory at your own pace. Once all the apps are migrated, and you're ready to hit the switch, you can decommission the bi-directional synchronization and the old repositories to enjoy the benefits of a unified profile and single high-performance directory.

A Customer IAM Solution that Works for You

The most robust CIAM solutions can bring separate data silos together, no matter where they sit, through bi-directional synchronization and zero-downtime migrations. With synchronization, you can still benefit from a 360 view of your customers, even if you're not ready to consolidate all your sources of identity data just yet.


That said, moving from multiple legacy repositories to one high-performing directory simplifies management and reduces your hardware costs. It also makes it easier to integrate new apps into your customer experience, without adding more complexity to your environment.


Ultimately, the right choice for you is one that will work within your existing environment to help you create a unified profile from your disparate data sources. This unified customer view should support your unique requirements and use cases, and allow you to access everything you know about your customers in one place.


To learn more about choosing a customer IAM solution, read the Customer IAM Buyer's Guide.