James Thew - Fotolia
Identity and access management (IAM) is the core of real customer relationship management (CRM). Why? Because it lets us create one view of the customer across all systems holding customer data regardless of the data repository or application where the customer data originated.
I will explain this opening statement and by the end of this brief essay I hope that this position will not only seem uncontroversial but a natural evolution of two historically distinct technology disciplines.
Let’s first take a quick look at traditional, pre-internet conceptions of IAM and CRM. Then we’ll examine what has changed significantly in the technology landscape and how that affected the evolution of these two disciplines.
Traditionally, IAM has largely been seen as a technology sub-discipline of information security. IAM has always been a bit of a problem child, with organisations often unsure whether to place it under the ownership of infrastructure, applications, integration or security teams. It certainly involves elements of all those disciplines with its focus on user provisioning, access control and request workflows, governance, and password management, authentication and authorisation.
The IAM story
In the past 10 to 15 years, identity management was originally focused on the enterprise and its internal users. But the IAM market has gone through a number of iterations and reached a certain maturity, with a number of widely adopted standards being published and many innovative solutions and suppliers having emerged.
What happened? In short, the internet happened! As bandwidth costs fell, the age of digital transformation was ushered in. Many goods and services, previously offered via traditional brick and mortar channels, were now being delivered via digital channels, and there was an explosion of completely new digital products and services. The internet went from being a novelty technology to the primary channel for business growth and customer interaction.
“The number of customer identities an organisation has to manage is generally orders of magnitude larger than the number of managed employee identities”
Ivan Niccolai, KuppingerCole
What did this mean for IAM? The explosion of digital services resulted in the explosion of identities and relationship contexts. As any organisation will attest, the number of customer identities to be managed is generally orders of magnitude larger than the number of managed employee identities. Relationship contexts are of no less importance with the loss of the traditional network perimeter, resulting in increasingly common situations where a single user can be an employee, supplier and a customer of the same organisation.
Customer-centric IAM is not merely IAM as we have always known it but for external users. It is fundamentally a new discipline that fuses the best elements of a CRM’s rich information about a user’s relationship with an enterprise with IAM’s mature and reliable standards and frameworks for exchanging user information between and across enterprise boundaries. If you want to manage customer relations, you first need a holistic view of the customer.
Read more about IAM
- Deutsche Bank is using a centralised identity and access management (IAM) system and an application program interface (API) architecture for digital transformation.
- Senior IT decision-makers understand the need for identity and access management systems to meet the challenges and opportunities of the digital age.
- Axel Springer CISO Henning Christiansen teams up with business stakeholders to get board approval for an identity and access management initiative.
This is why future IAM + CRM is much more than just IAM for external users. Taking a narrow, technology-centric approach to consumer IAM has often resulted in enterprises struggling to find a simple and effective approach to managing identities with multiple relationships to an enterprise or organisation.
We are beginning to see the benefits of consumer-focused identity management that focuses on the reality of many identities, many contexts and many relationships. The consumer wants control of their personal data and also a seamless consumer experience.
As any business executive will tell you, business is all about relationships. So is consumer IAM. And it is not just about human relationships, but also about identities and relationships of things, devices, services and apps.
Things belong to humans or organisations. They might be part of bigger things – just think about the connected vehicle. Humans use devices with apps to access services. The apps act on their behalf. What this means is that there are complex relationships between identities.
This is why IAM, with its mature standards for cross-organisational exchange of information about identities, is really the core of CRM. The importance of a comprehensive, holistic view of a customer necessarily implies that this information is scattered between different internal and external sources in the enterprise that provides a good or service.