1 Executive Summary

Identity and Access Management (IAM) is fundamental component of all electronic interactions in every organization today. IAM systems are typically co ...

2 Highlights

• All organizations today need modern IAM systems that enable digital transformation objectives.
• IAM solutions must excel at the basics: user provis ...

3 IAM and CIAM Business Drivers

Digital transformation is an objective that many organizations have on their agendas today. Businesses are finding that they must upgrade IAM capabil ...

3.1 IAM Modernization

Most Business-to-Employee (B2E) IAM systems have been in place for years or even decades. These solutions have been notoriously difficult to upgrade. ...

3.2 Expansion of IAM to address consumers

Let’s use a hypothetical scenario to illustrate the need for a coherent identity management solution for consumers. Acme is a multinational manufac ...

3.3 Know Your Customer (KYC)

Knowing your customer is an e-commerce imperative. Companies that gather and utilize information about their customers are able to offer discounts, t ...

3.4 Revised Directive on Payment Services (PSD2)

PSD2 is coming into effect across the EU¹ in 2018. PSD2 defines the business entities Payment Initiation Service Providers (PISPs), which will hav ...

3.5 Consent Management

Through registration to CIAM systems and subsequent usage of sites, consumers create a lot of data. While the information processed by these systems ...

4 IAM/CIAM Challenges

IAM systems are sometimes entrenched in existing infrastructure and can be difficult to extend for contemporary business requirements. Consumer identi ...

4.1 Orchestrated Identity: IAM & CIAM in a common platform

Traditional IAM systems are designed to provision, authenticate, authorize, and store information about employee users. User accounts are defined; us ...

4.2 IT Modernization for on-premises deployments

During the planning stage, or even as late as the implementation stage, some organizations find that their current on-premise IT infrastructure is in ...

4.3 Architecture

There are two major entry points to consider from an architectural perspective: on-premise or cloud. Your organization may favor an on-premise insta ...

5 The Pirean approach to IAM and CIAM

Pirean’s Access: One solution offers a rich and robust set of services to corporate tenants. The Pirean cloud solution is fully multi-tenant and en ...

5.1 SSO

To establish SSO, identity federation is necessary. Pirean supports the relevant protocols, including SAML, OpenID, OpenID Connect, and OAuth. It ca ...

5.2 Multi-Factor and Risk-Adaptive Authentication

Pirean Access: One provides a large number of authentication options. Administrators can choose to implement the following authenticators:

• Mobile ...

5.3 Directory and customer profile storage

Pirean Access: One SaaS contains its own identity repository and can scale to handle millions of identities and billions of attributes associated with ...

5.4 Security

Pirean encrypts data in transit and while stored for maximum security. It also encrypts log files. Access: One can interoperate with 3^rd party SIE ...

5.5 Identity and Marketing Analytics

Since the underlying identity system relies on tokens, the creation and validity data for generated tokens provides an audit record and the basis for ...

6 Recommendations

IAM is a core component of cybersecurity, and IAM deployments must adapt to incorporate new security features. Consumer Identity management has become ...

6.1 Perform architectural analysis

Consider the following questions for beginning IAM and CIAM roadmap discussions.

• On-premises, cloud, or hybrid?
• Single vs. multiple instances o ...

6.2 Recommendations for IAM modernzations

• Consider the advantages and disadvantages of IDaaS solutions.
• Plan for device identity, including BYOD, enterprise-issued mobile devices, and IoT ...

6.3 Recommendations for those contemplating a CIAM technology insertion

• IT teams should welcome the opportunity to work with Sales and Marketing to transform IT into a revenue producing service.
• Inventory existing IAM ...

7 Related Research

Advisory Note: Access Governance Architectures – 71039
Advisory Note: Entitlement & Access Governance - 71109
Leadership Compass: Access Governance - 70735
Advisory Note: Sustainable Infrastructures through IT Compliance – 72025
Leadership Compass: CIAM Platforms