KuppingerCole Report
Whitepaper
By John Tolbert

Orchestrated Identity for Meeting IAM & CIAM Requirements

Identity and Access Management (IAM) for employees and partners is a foundational element in all digital environments today. Consumer Identity and Access Management (CIAM) systems and services provide new technical capabilities for organizations to know their customers better. Pirean’s solutions for IAM and CIAM can help companies deploy a single solution to meet both sets of business objectives.
By
jt@kuppingercole.com

Content of Figures

  1. Figure 1 Co-existence: employee IAM and consumer IAM

Commissioned by Pirean

1 Executive Summary

Identity and Access Management (IAM) is fundamental component of all electronic interactions in every organization today. IAM systems are typically co ...

Login Get full Access

2 Highlights

  • All organizations today need modern IAM systems that enable digital transformation objectives.
  • IAM solutions must excel at the basics: user provis ...
Login Get full Access

3 IAM and CIAM Business Drivers

Digital transformation is an objective that many organizations have on their agendas today. Businesses are finding that they must upgrade IAM capabil ...

Login Get full Access

3.1 IAM Modernization

Most Business-to-Employee (B2E) IAM systems have been in place for years or even decades. These solutions have been notoriously difficult to upgrade. ...

Login Get full Access

3.2 Expansion of IAM to address consumers

Let’s use a hypothetical scenario to illustrate the need for a coherent identity management solution for consumers. Acme is a multinational manufac ...

Login Get full Access

3.3 Know Your Customer (KYC)

Knowing your customer is an e-commerce imperative. Companies that gather and utilize information about their customers are able to offer discounts, t ...

Login Get full Access

3.4 Revised Directive on Payment Services (PSD2)

PSD2 is coming into effect across the EU1 in 2018. PSD2 defines the business entities Payment Initiation Service Providers (PISPs), which will hav ...

Login Get full Access

3.5 Consent Management

Through registration to CIAM systems and subsequent usage of sites, consumers create a lot of data. While the information processed by these systems ...

Login Get full Access

4 IAM/CIAM Challenges

IAM systems are sometimes entrenched in existing infrastructure and can be difficult to extend for contemporary business requirements. Consumer identi ...

Login Get full Access

4.1 Orchestrated Identity: IAM & CIAM in a common platform

Traditional IAM systems are designed to provision, authenticate, authorize, and store information about employee users. User accounts are defined; us ...

Login Get full Access

4.2 IT Modernization for on-premises deployments

During the planning stage, or even as late as the implementation stage, some organizations find that their current on-premise IT infrastructure is in ...

Login Get full Access

4.3 Architecture

There are two major entry points to consider from an architectural perspective: on-premise or cloud. Your organization may favor an on-premise insta ...

Login Get full Access

5 The Pirean approach to IAM and CIAM

Pirean’s Access: One solution offers a rich and robust set of services to corporate tenants. The Pirean cloud solution is fully multi-tenant and en ...

Login Get full Access

5.1 SSO

To establish SSO, identity federation is necessary. Pirean supports the relevant protocols, including SAML, OpenID, OpenID Connect, and OAuth. It ca ...

Login Get full Access

5.2 Multi-Factor and Risk-Adaptive Authentication

Pirean Access: One provides a large number of authentication options. Administrators can choose to implement the following authenticators:

  • Mobile ...
Login Get full Access

5.3 Directory and customer profile storage

Pirean Access: One SaaS contains its own identity repository and can scale to handle millions of identities and billions of attributes associated with ...

Login Get full Access

5.4 Security

Pirean encrypts data in transit and while stored for maximum security. It also encrypts log files. Access: One can interoperate with 3rd party SIE ...

Login Get full Access

5.5 Identity and Marketing Analytics

Since the underlying identity system relies on tokens, the creation and validity data for generated tokens provides an audit record and the basis for ...

Login Get full Access

6 Recommendations

IAM is a core component of cybersecurity, and IAM deployments must adapt to incorporate new security features. Consumer Identity management has become ...

Login Get full Access

6.1 Perform architectural analysis

Consider the following questions for beginning IAM and CIAM roadmap discussions.

  • On-premises, cloud, or hybrid?
  • Single vs. multiple instances o ...
Login Get full Access

6.2 Recommendations for IAM modernzations

  • Consider the advantages and disadvantages of IDaaS solutions.
  • Plan for device identity, including BYOD, enterprise-issued mobile devices, and IoT ...
Login Get full Access

6.3 Recommendations for those contemplating a CIAM technology insertion

  • IT teams should welcome the opportunity to work with Sales and Marketing to transform IT into a revenue producing service.
  • Inventory existing IAM ...
Login Get full Access

7 Related Research

Advisory Note: Access Governance Architectures – 71039
Advisory Note: Entitlement & Access Governance - 71109
Leadership Compass: Access Governance - 70735
Advisory Note: Sustainable Infrastructures through IT Compliance – 72025
Leadership Compass: CIAM Platforms

Endnotes

  1. http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32015L2366&from=EN

Copyright

©2021 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole, founded in 2004, is a global, independent analyst organization headquartered in Europe. We specialize in providing vendor-neutral advice, expertise, thought leadership, and practical relevance in Cybersecurity, Digital Identity & IAM (Identity and Access Management), Cloud Risk and Security, and Artificial Intelligence, as well as for all technologies fostering Digital Transformation. We support companies, corporate users, integrators and software manufacturers in meeting both tactical and strategic challenges and make better decisions for the success of their business. Maintaining a balance between immediate implementation and long-term viability is at the heart of our philosophy.

For further information, please contact clients@kuppingercole.com.

top