.svg)
5 things your security team must do before creating a CIAM strategy
When orgs add new tech, the process follows a familiar playbook β just like those movies where the plot is so predictable that thereβs no question about whatβs going to happen next.
You know the storyline: security or IT identify the need for new tech to solve a business problem, they do a little research, talk to their peers, make a list of vendors and schedule some demos.They sign a contract with their vendor of choice and deploy their shiny tech across the company. Thereβs probably a quick training and a βhereβs how to use this new fancy appβ email to employees. Your colleagues nod their heads and then go back to their daily to-do lists. The end.
Well, hereβs a little plot twist for you: The process for creating a great customer identity and access management (CIAM) strategy and deploying the right solution isnβt the same one youβre used to following.
And hereβs why: While most of the tech that you and IT buy caters to your workforce, CIAM solutions are built specifically for your customers. Sure, your team still plays a leading role in creating a CIAM strategy, but there are several other key teams in your organization that youβll need to partner with in order to successfully deploy tech thatβs designed to serve your customers ... because there are quite a few teams that care about (and are measured against) your customersβ journeys.
How do you implement a CIAM program?
If youβre considering implementing a CIAM strategy, there are five essential steps you should take before you start scoping the project. Spoiler alert: They all involve multiple teams in your org.
We guarantee that doing these five things before you dive into project planning will save you time, headaches and likely a couple awkward βWhy wasnβt [insert team name] brought into this project earlier?β conversations.
#1: Identify which teams need to be involved.
Oddly enough, we see a lot of CIAM projects start with a conversation about access management. Call us crazy, but we believe these discussions should start with your customers (and their journeys) and that you should work backwards from there.
Thatβs why you should bring key folks from all of the functions that have a hand in the customer lifecycle (and customer data stewardship) together first so you have the opportunity to get aligned on what the customerβs experience is today, what you want it to look like and why.
At a minimum, you should include representatives from four key functions in your CIAM buying committee: security, marketing, product and compliance.
If youβre not sure exactly who to involve (or what their titles are), hereβs a handy chart to help:
image
#2: Define the demographics of your audience(s).
Now that youβve got the right cast of people in the room (or on Zoom), itβs time to get specific about the different types of customers you serve. Hereβs where the group should identify and document your customer segments, their demographics and personas and even think through how tech savvy (or not) those audiences are. Once youβve got a clear understanding of who it is youβre serving, youβll have a strong sense of what behaviors and preferences you need to consider as youβre creating and optimizing customer journeys and workflows.
#3: Consider the other departments that need to be aware of the project.
In addition to your newly formed CIAM buying committee, there are some other departments thatβll need to understand how customer journeys and workflows are changing long before you push anything live (customer support team, weβre looking at you). This is a great opportunity to host an internal workshop, which weβve run for a few of our own customers as they prep for CIAM launch day. We think itβs a great opportunity to get input from your support teams, as theyβll have the best sense of what we might need to consider and the dead ends your customers typically run into. Ultimately, you want to make sure theyβre not caught by surprise when they have to field a call from a customer who has questions about how they log into their new account or access their reward points on your shiny new app.
#4: Understand the compliance and privacy requirements that impact your CIAM strategy.
Spoiler alert: You need to become friends with your Chief Compliance Officer, your Chief Privacy Officer or whomever in your organization is responsible for making sure your org adheres to the appropriate regulatory and compliance standards. By identifying the privacy and compliance requirements before mapping out your strategy, youβll avoid roadblocks (Remember those headaches and awkward conversations we mentioned earlier?) later in the process.
#5: Ask the right questions of the other teams involved.
Everyone involved in your CIAM strategy has different goals for the project, so getting clear on those should be the first order of business when all your stakeholders come together to talk about all things CIAM. In fact, we put together a quick list of questions to ask your marketing counterpart (and vice versa) to get the discussion going.
Starting your CIAM strategy journey
We know this sounds like thereβs a lot of work that needs to be done up front before you jump to the βletβs evaluate vendorsβ part of the process. And while it does require time and effort, creating your CIAM strategy as a group first and mapping a clear path to achieve your goals will set you (and your customers) up for success.
Weβve helped lots of our own customers with the pre-work weβve shared here, hosting multi-day workshops with key folks in their organizations who have a hand in the customer lifecycle and customer data stewardship. We help identify the βto beβ customer experience, work to create their roadmap and even outline how to measure the CIAM effort through metrics that demonstrate increased revenue, reduced costs and reduced risk. We call it a Customer Clarity Workshop.
Weβd love to help you get started, too... send us a note and letβs chat.
