A CISO and architect view on designing the fundamental building blocks of a scaleable, secure and usable consumer identity and access management (CIAM) system. Covering: business objectives, drivers, requirements, CIAM life-cycle, implementer toolkit of standards, design principles and vendor selection guidance.
Consumer identity and access management (CIAM) is a critical component of any modern organisation's digital transformation initiative. If you used the Internet yesterday, you would very likely have interacted with a website that had customer identity and access management at its foundation.
Making an online purchase, checking your bank balance, getting a quote for car insurance, logging into a social media site or submitting and paying your income tax return. All of those interactions require high scale, secure identity and access management services.
But how are those systems designed? Modern organisations need to not only meet end user privacy, security and usability requirements, but also provide business enablement opportunities that are agile and can respond to market changes rapidly.
The modern enterprise architect and CISO is no longer just focused upon internal employee security - they now need to address the growing need for digital enablement across consumers and citizens too.