Identity Management for IoT Is Marketing’s Domain
Marketing Must Guide IT in How to Manage Account Access in the Consumer Context
It’s no secret that IoT is going to permeate our lives in the next few years—Gartner estimates that there will be 20 billion IoT devices in the marketplace by 2020.
As brands start to bring web-connected goods and services like toys, cars, cameras, thermostats, digital assistants or even connected toothbrushes to market, the IT department will be challenged to protect company networks and data from attacks that emanate from these products. We have seen the havoc caused by the early IoT offerings that have been rushed to market without being scrubbed of major security flaws, so IT will rightfully want to play an active role in ensuring that the brand’s IoT experiences are robust and vulnerability-free.
But in creating these dynamic products, marketers and IT heads are going to have to find a balance between security and a convenient user experience. Nowhere will this be truer, arguably, than when it comes to the identity and access management (IAM) standards applied to these services. Both IT and marketing are familiar with different forms of IAM. Marketers have utilized social login and single sign-on to enable seamless surfing among a brand’s mobile and web properties. IT, on the other hand, has often only dealt with traditional IAM as it relates to employees accessing the company network and assets.
One can understand security personnel wanting a little more say in the administration of a brand’s IoT innovations, given the heightened potential for breaches they have presented thus far as compared to traditional Internet and wireless consumer interfaces. However, marketers and tech folks must be aware that traditional IAM solutions that were built to manage a workforce’s access to the corporate network cannot handle the scale, performance, security and compliance requirements of managing millions of customer identities worldwide and across multiple channels.
Traditional IAM is designed to control access of users, but it cannot provide insights into who these users are (in fact, it assumes that these are already known), what they do once they have logged on and what influences their journey and behavior within the digital sphere—in other words, exactly the type of insight that enterprises need to compete in today’s digital markets.
A look at the differences between consumer identity and access management (CIAM) and traditional IAM reveals why traditional IAM won’t fly in the consumer context.
Employees are used to entering and re-entering their credentials when accessing the corporate network from different devices and locations; permissions, restrictions and extra access steps are part of the territory. But try to force consumers through all of those hoops and you will lose paying customers. End users prefer—nay, demand—seamless surfing around web, mobile and soon IoT properties.
Even at the biggest of corporations, traditional IAM systems might be charged with handling tens of thousands of employee identities at most, whereas high-profile brands have to manage tens or hundreds of millions of customer accounts, oftentimes simultaneously. Once again, the customer expects zero friction, so these IoT solutions need to scale “out” as well as “up” in order to meet this workload with little to no perceptible latency.
Over the years, studies have found that shoppers expect a web page to load in two seconds or less—40 percent of shoppers will wait no more than three seconds before abandoning a retail or travel site. In other words, if your identity management system slows down or grinds to a halt completely because it cannot handle the load, your conversion rates and revenue will go down with it. Ironically, load peaks and increased customer traffic are typically caused by successful campaigns, meaning that a sluggish identity management system can stop that success right in its tracks.
Larger Data Volumes
Compared to employee identity use cases, systems managing customer identities need to handle a significantly larger amount of data. This data needs to be processed in real time and integrated with the martech stack and other systems that utilize it. Different algorithms and entirely different technologies need to be in place to ensure these huge data volumes can be managed and synchronized with other systems in order to gain customer insights as well as to detect fraud, hacks and other forms of malfeasance.
A Bigger Picture
The value of the profile data that is linked to customer identities has grown dramatically over the past decade, and is crucial in determining company success today. Customer profile data forms the foundation for analyzing, understanding and predicting consumer behavior and customer journeys from first contact to purchase decisions and long-term brand loyalty.
Internal departments or external vendors or system integrators might suggest repurposing traditional workforce identity management solutions, but this approach is problematic. Again, traditional IAM is designed to control access of users, not to gain insights into their profiles and behavior. On the other hand, dedicated customer identity and access management (CIAM) platforms are designed and architected from the ground up to provide companies maximum value from customer profile data. They also enable frictionless customer experiences so that tasks like login, authentication or preference management don’t get in the way and drive consumers towards the competition.
Traditional IAM causes excessive friction for the customer. And in today’s world, barriers for consumers often become barriers to company success.