What Is Customer Identity and Access Management (CIAM)?

What Is Customer Identity and Access Management (CIAM)?

Customer identity and access management (CIAM) makes the customer login experience complete. There is more at stake than just registration and authentication, and that is why CIAM has come into play. But what is CIAM, and why do you need to know about it?

Customer identity and access management (CIAM) is a digital identity management software solution for businesses that combines login verification with customer data storage. CIAM aims to improve the customer’s sign-up and login experience while securely managing customer identities. It also offers the luxury of a centralized customer database that links all other apps and services to provide a secure and seamless customer experience.

CIAM ensures a secure, seamless customer experience
Strong CIAM solutions usually provide a combination of features including customer registration, self-service account management, consent and preference management, single sign-on (SSO), multi-factor authentication (MFA), access management, directory services and data access governance. The best CIAM solutions ensure a secure, seamless customer experience at extreme scale and performance, no matter which channels (web, mobile, etc.) customers use to engage with a brand.

These solutions can be delivered via software that can be deployed on premises, in private clouds or via API-first Identity-as-a-Service (IDaaS) platforms. These platforms expose their capabilities—including admin capabilities—via APIs and are geared toward development teams who want to embed CIAM services into their applications. Regardless of delivery method, the goal is to make the experience of accessing digital applications seamless and secure.

Why is CIAM Important

Customers want two simple things as they interact with brands. Firstly, they want brands to make it easy for them. They demand great user experiences. Secondly, they expect brands to protect them from fraud, breaches and privacy violations. CIAM helps you do both.

Delighting your customers means ensuring their journey—from their initial introduction to your brand to the time they become your loyal advocates—is as smooth as possible. If you fall short of providing an exceptional experience, your customers may go elsewhere.

“One in three customers will walk away from a brand they love after just one bad experience.”

Source: “Experience is everything: Here’s how to get it right,” PwC, 2018 

Given what’s at stake, a great customer experience is no longer just nice to have; it’s a critical differentiator. In their ”Experience is everything” report, PwC found that 32% of customers will abandon a favorite brand after just one bad experience.
You can’t stop at experience either. Customers also care deeply about security. A 2019 Ping Identity report revealed that 81% of customers would stop engaging with a brand online following a breach (a 3% increase over 2018), and one in four would stop all interaction whatsoever. The most recent Cost of a Data Breach study found that of the $3.86 million average cost of a data breach.

What Is Customer Identity and Access Management (CIAM)? 2

To give your customers what they want and keep them coming back requires both delighting them and protecting them. Customer IAM helps you strike the ideal balance between customer experience and security, without needing to sacrifice one in pursuit of the other.

Cloud Identity


What is eHerkenning and when do you need it

eHerkenning is a standardised login system which enables organisations to make their services accessible online and securely to companies, civil servants and consumers. Users log in to a web service using their eHerkenning token, which allows them to manage their affairs online. eHerkenning will check whether the person who is utilising a service is actually who he says he is, but also whether this person is authorised to act. This means that organisations always know who they are dealing with and whether that person is authorised to act. The certified suppliers of eHerkenning provide this security at different levels of assurance.

Formerly, government organisations used a variety of parallel authentication and authorisation solutions. This yielded a multiple set of digital keys and caused poor user experience. The ensuing weak user adoption stunted the growth of eBusiness and eGovernment.

With eHerkenning, each business is issued with a single login token that can be used for various services. Thus, the multiple set of digital keys is replaced with one digital ‘master key’. This will accelerate adoption, since user habits are formed by reusing the same authentication mechanism for various online services.

The benefits of logging in are:

  • Good security measures
  • One login token for numerous services
  • Less passwords
  • Free choice of how you want to log in
  • Logging in safely
  • Efficient: Savings in terms of time and costs

The benefits of connecting to eHerkenning

  • Risk and comp­liance are arranged
  • Fraud prevention
  • Standardisation: less costs
  • Ready for European usage
  • Online identity assured

Costs eHerkenning

Cost eHerkenning is not free of charge. The government has decided for the users of the system to pay the costs.

EHerkenning cannot be shared with or transferred to other users

All users in an organisation who need access and who use the portal need to apply for eHerkenning. They must apply for eHerkenning at the same as the person who manages eHerkenning within your organisation. This person is the legal representative of the Chamber of Commerce of your organisation. Only that person can authorize other users of the company and submit the request to set up EHerkenning. eHerkenning is personal and cannot be transferred or shared amongst colleagues.

What do you need to do?

As soon as possible before November 1, 2019 apply for eHerkenning. UWV will use eHerkenning effectively November 1, 2019 as the only way to login to your business account. It is key to have access as your organisation need to continue to report illness and/or other related employment matters.

Step 1: The government has set up an official suppliers list (in Dutch) and you need to choose one supplier to help you setup the eHerkenning.

Step 2:  Select and choose the required authorisation level with the associated log-in tools. In addition to a username and password, do you want for example an extra check via SMS? Or an extra check via token or app? You can determine how to set up the login. Tip: UWV requires level EH3 [niveau EH3] and this level is also increasingly being asked by other organisations using this standardised login system.

Step 3: Check the provider offering ‘Ketenmachtiging’ as this may apply to your organisation. With this authorisation you are able to authorise a third party providers or a consultant to login on your behalf and apply the required information in the portal.

Step 4: Contact the supplier and proceed with the necessary steps for set up.

Point of Attention:
The duration of the process depends on the registration of your organisation in the Chamber of Commerce. In case the director is the applicant organisation and fully authorized to act on behalf of the organization, the process will take a few weeks. If there is a complex managerial structure (with many and / or jointly authorized directors), or if it concerns several Chambers of Commerce for which eHerkenning must be set up, the duration of the process will take longer than a few weeks.

SecurIT helpt bij preventieve maatregelen tegen het COVID-19 virus

Momenteel wordt er in de Nederlandse zorg intensief gewerkt om iedereen in de samenleving te helpen in deze bizarre tijden van de corona-crisis. Tegelijkertijd misbruiken criminelen de situatie om zorginstellingen en zorgaanbieders digitaal aan te vallen, door bijvoorbeeld gijzelsoftware te verspreiden of spam te versturen. Wij vinden dit onvoorstelbaar en nemen actie door ons te verenigen in de coalitie "Wij Helpen Ziekenhuizen" om de Nederlandse zorginstellingen kosteloos en belangeloos te beschermen tegen digitale aanvallen in tijden van de Coronacrisis.

Het COVID-19 virus doet een aanval op ons immuunsysteem. Met het tijdig nemen van de juiste preventieve maatregelen proberen we de schade zoveel mogelijk te beperken. Hierbij zijn zaken als, mondkapjes, desinfectans, beademingsapparatuur en de zorg daarom heen essentieel, anders is de pandemie niet te overzien.

Net zoals COVID-19 vindt er continue security aanvallen plaats waarbij de immuniteit van iedere organisatie op de proef gesteld wordt. De juiste combinatie van preventieve maatregelen kan het verschil maken tussen een simpel griepje voor uw organisatie of een totale lockdown met alle gevolgen van dien.

SecurIT helps with preventive measures against COVID-19 virus 6

Net zoals bij het COVID-19 virus zijn de security threats aanwezig. We weten allemaal dat we vroeg of laat hiermee geconfronteerd zullen worden.

De vraag is hoe zijn wij hierop voorbereid? SecurIT is de zorgverlener met jarenlange ervaring. Wij zijn de dokter die je graag aan het bed wil hebben staan om te voorkomen dat uw organisatie in een niet herstelbare noodsituatie terechtkomt.

Wat kunnen wij voor u doen

SituatieWaarom moet je erop letten?Wat voor oplossingen bieden wij?
Veilig vanuit huis werken en bij de juiste (werk)bestanden kunnen komen voor zowel thuiswerkers als derde partijenHet netwerk van uw kantoor is een beveiligd en vertrouwde omgeving. Hoe zit dat voor uw thuisnetwerk, huis wifi en niet gemanaged devices? Bied uw bedrijf een veilige toegang tot het bedrijfsnetwerk en apps voor efficient thuiswerken zonder zorgenVeilige Remote Access (CyberArk is hiervoor nodig)
Voorkom Security datalekken en breaches/schendingen dat door malware/ransomeware en hackers (die bijvoorbeeld het coronavirus misbruiken om te hacken) worden veroorzaaktMeer dan 80% van de ransomware aanvallen starten door het klikken op phishing mail. Virusscanners kunnen dat niet altijd detecteren. Hoe kan ransomware wel worden voorkomen?Endpoint protectie en privileged account security
Beveilig wachtwoordgebruik (of maak uberhaupt geen gebruik van wachtwoorden)Een groot aantal van de succesvolle cyber attacks gebeuren door gestolen of aangetaste wachtwoorden. Zorg ervoor dat uw werknemers sterke wachtwoorden gebruiken voor hun werkaccounts, niet wachtwoorden hergebruiken en dat ze multi-factor authenticatie hebben aan staan op alle websites, applicaties en systemen die dat aanbieden.Password Manager & Multi-factor authenticatie (zowel on-prem als in cloud)

Wacht niet tot het te laat is, en neem nu contact met ons op.

*Als je een zorginstelling buiten Nederland bent, of als je géén zorginstelling bent, laat het ons weten en wij kijken, samen met u, wat de mogelijkheden voor uw organisatie zijn!

Corona Statement

Beste lezer,

The coronavirus (COVID-19) pandemic is affecting people all over the world and forces businesses to far-reaching health and safety measures. We want to assure you we remain committed to providing the best possible service despite the challenges we all currently face.

At SecurIT, our people are the heart of our business. This means that we take no risks concerning the health and wellbeing of our people, customers, their families, and society at large. We shall, therefore, fully comply with all relevant measures that we are asked to take by government officials and health experts.

We have taken several measures to minimize the risk of infection with the COVID19 Virus for both our personnel and third parties.

Onderstaand zijn een aantal van de maatregelen:

· We have closed our offices in Amsterdam and Greenville, and all our employees work from home.

. Our support organization can be contacted as usual.

· All (physical) internal and external meetings and appointments have been canceled. Where possible, we meet and get in touch through electronic means.

 We strive to continue to serve our customers as usual and to ensure that the service for your customers will continue optimally.

Zorg goed voor uzelf, en blijf veilig.



In light of recent news surrounding COVID-19, the disease caused by the novel coronavirus, many employees may suddenly need to work from home. If employees can’t access applications and information securely from remote locations, their productivity will decrease and the security of key corporate assets will be at risk. Together with our partner Ping Identity, we are prepared to help IT organizations with the following immediate steps to ensure employees can be productive anywhere in the world.  
1 Put multi-factor authentication everywhere
52% of data breaches are due to hacking, and of those, 80% are due to weak or compromised passwords.1 Multi-factor authentication (MFA) can reduce password risk by 99.9%.2 Putting MFA everywhere is a no-brainer, especially on VPN connections and for employees that use personal devices (BYOD) when they work from home.
2Leverage intelligence so that added security doesn’t add friction
As more employees work outside the corporate network, intelligent authentication helps you make better decisions about who should have access to resources. Continuously evaluate risk scores based on user behavior and location to better understand when to grant access, when to step-up authentication or when to deny access—all without impacting employees’ productivity.
3 Being on the network shouldn’t automatically grant access
Organizations enable VPNs for remote access, but this often allows employees to access more than they need. Since 23% of sensitive data breaches are caused by internal employees,3 someone shouldn’t have access to everything just because they’re on the network. To mitigate risk, enforce least-privileged access and establish Zero Trust security for apps, APIs and data.
4 One password is not only more secure, but it’s also more productive
On average, employees spend 10.93 hours per year entering and resetting passwords.4 This slows down remote employees as they sign on to applications to get their work done, like collaboration apps for instant messaging and video conferencing. Federated single sign-on (SSO) and self-service password reset gives employees back all those hours and lets them get back to work. Better yet, strong authentication methods, such as biometrics and FIDO2 keys, can make passwords a thing of the past.
5 Put digital business resources at workers’ fingertips
There’s a streamlined app for just about every business task. But employees may struggle to find all these tools—or just forget to use them now that they’re not in their usual work environment. They may also find them difficult to access, since some are on-prem and some are in the cloud. With a dock for SSO to all digital resources in one place, employees can easily find, access and use apps to get more work done from anywhere.

We want to help you get your work-from-home workforce secure and productive, right now. Get fast, free, cloud SSO and MFA for unlimited apps and unlimited identities. 

1 Verizon 2019 Data Breach Investigations Report
2 Microsoft Security Intelligence Report, 2018
3 Forrester Analytics Global Business Technographics Security Survey, 2019
4 Ponemon 2019 State of Password and Authentication Security Behaviors Report


The trend toward a mobile, distributed workforce, including working from home, has been underway for many years. Unfortunately, sudden events like COVID-19, the disease caused by Coronavirus, can shine a harsh spotlight on the need to provide more comprehensive workforce access and productivity solution than what many companies have in place currently. Organizations like Google, Microsoft and Amazon have already encouraged employees to work from home. And JPMorgan Chase, as a precautionary measure for contingency planning, asked 10% of its entire workforce to work from home to test their global remote access capabilities.

Working from home is no longer just a perk to offer employees, but a critical alternative to keep your business running. 

To fully enable a productive remote workforce, organizations need to make working from home seamless. They need to offer a smooth user experience while making sure that systems and data remain secure. In order to evaluate whether your remote working procedures are effective, here are a few questions to consider:

  • Is your organization moving towards an enterprise-wide Zero Trust strategy, or are you still relying on your network as your main security perimeter?
  • Does your organization have strong, intelligent authentication mechanisms in place beyond passwords?
  • Is your organization prepared for a majority of your workforce to work remotely? Can they use their own devices?
  • Can your organization control access beyond the network to the application, data and API layers?

Think Beyond Network Perimeters

For many years, virtual private networks (VPNs) have been the default solution for enabling remote access to work resources. However, the notion that a VPN should legitimize employee access to all of a company’s resources is outdated. In fact, VPNs have been the source of some high profile hacks and were even the subject of an NSA advisory.

Instead of solely relying on VPNs, organizations need a strong identity foundation. That means implementing Zero Trust principles, where by default no network traffic is trusted. Instead, everyone and everything must be verified via centralized authentication services relying on capabilities like single sign-on (SSO) and multi-factor authentication (MFA). By implementing strong, centralized authentication, organizations are less susceptible to the inherent weaknesses of VPNs. In addition, with an identity foundation based on Zero Trust, organizations can control access beyond the network to assets like applications, data and APIs.


Reduce Passwords Wherever Possible

In terms of security, strong authentication becomes even more critical when your employees are working from home. Passwords alone are not enough, it’s time to augment or replace them with smarter, more secure authentication factors. Using other factors can also result in increased productivity. For example, location tracking can be done in the background and continuously verify employees without interrupting their work.

Multi-factor authentication can mitigate many of the security and productivity issues that come with employees accessing critical business resources from home. It does this by layering various combinations of authentication factors:

  • Knowledge: Something you know (e.g., password, security questions, etc.)
  • Possession: Something you have (e.g., Yubikey, smart card, etc.)
  • Biometric: Something you are (e.g., fingerprint with TouchID, facial recognition with FaceID, etc.)
  • Behavioral: Something you do (e.g., how you type, hold your phone, etc.).

Leveraging easier, more secure factors than passwords gives enterprises the option of reducing password use or going completely passwordless. To reduce password use, organizations often extend the length of user sessions from days to weeks, only requiring password entry during this extended session when a new device is used to sign-on. Organizations can also implement rules around longer sessions, such as only extending session length for users logged in from known locations like a corporate office. 

The next stage of maturity is passwordless login, where an alternative factor (fingerprint, authenticator app, security token, etc.) becomes the primary method of authentication. Further down the path of maturity is a bypass of both the username and password in a “zero login” scenario, enabled by storing a cookie on the employee’s device.

When talking about passwordless authentication, we would be remiss if we didn’t also mention Fast Identity Online (FIDO), a global alliance committed to solving the world’s password problem. By design, the FIDO standard for authentication does not allow passwords to be used under any circumstances. FIDO authentication methods includes device biometrics, security keys, and Windows Hello to increase resistance to advanced phishing attacks, password theft and replay attacks for web authentication.

Examine Your BYOD Strategy

Companies that are shifting to remote work out of necessity may not have the budget or time to issue employees trusted, pre-configured corporate devices. Allowing employees to bring their own devices (commonly known as BYOD) is not only a growing trend but perhaps the only option available in the short term. In order to make BYOD a reality and ensure employee productivity, enterprises require central authentication services that can easily integrate with and leverage signals from mobile device management systems (MDMs).

The integration of your user base and applications with your MDM can be accomplished with a strong identity foundation. Ensure that your central authentication services include easy admin set-up and quick user adoption. From there you can implement MFA to realize the benefits of user-friendly authentication methods (fingerprint, facial recognition) and contextual identifiers (detecting jailbroken devices, user location).

Implement Smarter, Adaptive Access Policies

Network, password and device security are crucial aspects of employee access, but there’s still more to secure. Organizations may be using outdated web access management tools to manage authorization policies for critical legacy or mainframe applications, but they struggle to secure modern resources like single-page apps (SPAs), mobile apps and SaaS. They also may not be giving enough consideration to securing the data or API layers. Enabling adaptive access security is crucial to ensuring your workforce has the right access without introducing unnecessary friction.

The first step toward adaptive access security is to create a centralized authentication service that can extend across all your resources, whether they live in the cloud or on-premises. Once those centralized authentication and authorization policies are in place, you can introduce fine-grained authorization at the data level and analyze API traffic to learn, detect and block potential threats. But this shouldn’t come at the cost of productivity. Smart policies based on dynamic risk scoring can grant access to a user, require step-up authentication if necessary or deny access altogether.

Embrace Identity Intelligence

For a majority of organizations that have embraced the cloud, mobile and “as-a-service” products, the days when the network was the security perimeter are in the past. Organizations need an identity solution that can operate at the speed and scale they’re used to. They also need a solution that can integrate with their existing technology stack and support open standards to future-proof their investments in new technologies.

Identity intelligence enables this vision by connecting all the resources within your enterprise, receiving contextual signals from multiple systems and working across the silos that have grown over time. It’s the ability to ensure secure access without introducing barriers. It serves as the organizational brain that can enforce smart policies with split-second decisions leveraging various sources such as devices, user directories, AI and fraud signals. With intelligent identity in place, your organization can break down the barriers between remote and office work and deliver exceptional employee experiences.

How SecurIT Can Help

Large enterprises in North America and Europe trust SecurIT to enable their remote workforces at scale. They use our intelligent identity solutions to speed up their businesses and allow their employees to get things done, no matter where work happens. SecurIT helps them to ensure that all of your resources are covered. No matter what product you are looking at/for. We help you to get started.

To support organizations in this transition, we’re offering up fast, free usage of selected Ping products. For organizations new to Ping, we are offering cloud-based single-sign-on and multi-factor authentication. And for existing PingFederate workforce customers, we are offering free multi-factor authentication. These products can be deployed rapidly across unlimited users and applications, keeping your work-from-home employees secure and productive.

Deploying Multifactor Authentication: First Steps in Identity Security

Your enterprise needs to begin deploying a multifactor authentication solution on your network. No compromises. Full stop.

These strong statements come with the backing of mountains of cybersecurity and identity management expert research. As much as enterprises still rely on password-based single-factor authentication, it just doesn’t work. Indeed, hackers specifically target these systems because they represent easy marks. Moreover, single-factor authentication leaves you vulnerable to insider threats or even non-human automated attacks.

But how should your enterprise go about deploying multifactor authentication? Which factors should you employ in your identity security policies? Does step-up authentication make sense for your environment? Can you balance identity management with effective business practices?

We answer these questions below.

Why Single Factor Authentication Doesn’t Work

Oftentimes, cybersecurity inertia causes as much damage as evolving digital threats. Enterprises become comfortable and familiar with their current identity and access management solution. Therefore, they continue to use it even as hackers discover and deploy new methods of subverting or exploiting.

Unsurprisingly, this applies to single-factor, password-based authentication. For years it served as the foundation of identity management. Only in the past few years have cybersecurity experts and enterprises realized its inherent weaknesses. The latter, though, continues to struggle with the change.

According to researchers, passwords offer very little in terms of actual identity security. Even inexperienced hackers can crack them or purchase software that automates cracking them. Worse, hackers can now use publicly available information, such as through social media, threat actors can often guess users’ passwords. Distressingly, given the horrible password practices most users embrace, hackers often guess right.

Compounding matters further, users tend to reuse their passwords on multiple accounts, including their work accounts. As a result, any data breach could give threat actors more weapons in their credential stuffing attacks.

Obviously, these facts argue strongly for deploying multifactor authentication yesterday. But how can you do it most effectively?

Why Deploying Multifactor Authentication Matters

The principle rule of thumb regarding authentication is the more steps between access request and access granted, the more secure your enterprise.

Two-factor authentication, therefore, proves much more effective than password-only authentication for exactly this reason. However, more talented threat actors can circumvent the second step in two-factor authentication. In most cases, they can interfere with SMS messaging and trick employees into giving their passwords away without realizing it.

That’s why deploying multifactor authentication—with three, four, five, or more steps, offers so much more identity security in the long term.

Of course, the most dedicated and experienced hackers could subvert your identity security with MFA. However, this would cost them time and effort they could invest in attacking weaker targets; hackers prefer to follow the path of least resistance. Deploying multifactor authentication thus works as cybersecurity protection and as a deterrent.

Here’s how you can get the best identity and access management today.

Get the Right Solution

Deploying multifactor authentication begins with selecting the right IAM or privileged access management (PAM) solution for your enterprise. Privileged access management especially helps protect users’ identities through strong authentication, including your superusers. In fact, many serve as the innovators of MFA factors.

However, not every solution is created equal. Put another way, your distinct business use cases pose unique identity management challenges which not every solution can accommodate. Additionally, the demands of your privileged users naturally differ from those of other enterprises; the number of privileged users, their involvement in your business processes, and what databases they access regularly should affect how you begin deploying multifactor authentication.

Thus, you must select a solution that fits your needs. Don’t skimp on the self-assessment.

Deploy the Right Factors

Multifactor authentication can involve any number of potential factors. These can include:

  • Geofencing.
  • Time of Access Request Monitoring.
  • Physical Biometrics.
  • Behavioral Biometrics.
  • Hard Tokens.
  • SMS Messaging.

This list only scratches the surface of potential multifactor authentication.

However, not every multifactor authentication factor makes sense for every industry or enterprise. For example, SMS text messaging may not offer proper security for more remote workforces; hackers who obtain users’ devices could easily subvert that factor. On the other hand, most mobile devices offer built-in physical biometric readers; this obviously facilitates biometric authentication.

When deploying multifactor authentication, you need to consider what endpoints your users employ in their business processes. Additionally, you need to consider your IT environment and what factors make the most sense for securing it.

What About Step-Up Authentication?

No one disputes the identity security benefits of deploying multifactor authentication. Where enterprise decision-makers tend to balk is the effect MFA has on the user experience.

Indeed, additional steps at the login portal can negatively impact user convenience. In worst-case scenarios, the additional authentication factors can actually inhibit business profits and lengthen response times.

Many cybersecurity experts argue enterprises must sacrifice convenience for true identity security. After all, if your business suffered from the analog equivalent of digital threats, you would probably put up as many checkpoints as possible before granting entry.

Fortunately, step-up authentication offers a means to balance both security and convenience in user authentication. Step-up authentication asks for more authentication factors as the sensitivity of the access requests increases.

For example, a user logs in to the network by inputting only two factors. However, let’s say that the user then wishes to look at a more restricted file. The step-authentication system asks for a third and possibly fourth factor to verify the user first, even though they logged in to the network.

After that, the user requests access to sensitive proprietary data. The system, in turn, asks for more authentication factors, often the most extensive (such as physical biometrics or a hard token).

As you can see, step-up authentication only becomes apparent as users engender further risks. In addition, you can employ step-up authentication only on your privileged accounts, which can do the most damage in the wrong hands.

Deploying multifactor authentication should become a major concern for your enterprise and a top priority. Now’s not the time to let your identity and access management stagnate. Your enemies never stop innovating. Neither should you.

Original post

Customer Identity And Access Management (CIAM) in the Time of Coronavirus

Officials from the Trump administration warn that the era of social distancing might continue for several weeks. Others suggest it could as long as a year or longer. In either case, online retail and remote customer relations continue to dominate the economic landscape. Additionally, so many businesses have chosen to work from home, forcing all customer relationships to go digital. Therefore your business needs to consider its customer identity and access management (CIAM) in the time of coronavirus. 

After all, we can say with no hyperbole that managing your CIAM during the coronavirus could make or break your business in the coming months. 

What is CIAM?

CIAM functions in a similar manner to more traditional identity and access management (IAM). Both provide identity security to their user bases, defending against credentials abuse and authentication failures. However, whereas IAM works to secure and verify employees and third-parties, CIAM does so for customers. 

Thus, CIAM provides recognizable capabilities such as single sign-on, login authentication protections including multifactor authentication, and session monitoring. Simultaneously, CIAM provides distinct capabilities that traditional IAM would never consider implementing. 

These include social sign-on, which uses social media credentials to log in, and password reset self-service in case customers lose or forget them. Since these capabilities could create security vulnerabilities for employees, you need a secure means to provide it to customers.

Furthermore, CIAM can help create a streamlined and personalized digital experience that benefits customers. Unlike employees, you can’t force customers to jump through hoops to verify their identity; attempts to do so only drive away potential customers. In fact, consumers will often judge a company and its products based on the online experience; they could decide to abandon their carts following a poor digital customer experience.

Finally, CIAM helps enterprises collect information on buying habits and purchasing interests. Thus it can facilitate targeted marketing campaigns and personalized experiences. These solutions can securely store this information so hackers cannot steal and exploit it. 

So CIAM clearly provides benefits to consumer-facing enterprises. Why does it matter so much in the time of coronavirus?  ALERT: Cyber threats don’t rest, even during global pandemics.

CIAM in the Time of Coronavirus        

According to Marketing Week, 91 percent of brands predict an increase in their use of online services during the coronavirus outbreak. Customer demands on digital marketplaces and retail spaces will put significant pressure on your workflows. 

Additionally, the coronavirus may have an impact similar to what happened with the SARS pandemic of 2003. This pushed more people to embrace digital commerce, which has become a vital aspect of consumer-facing business’ bottom line. Now, they potentially face the same paradigm shift, but on an even higher scale. 

CIAM can actually help with scalability, assisting with growing your digital environment to match the newfound demand. It can also, as described above, help collect and store customer identity information which can assist with much-needed personalization. Personalization, after all, can help transform first-time customers into recurring customers.

Perhaps most importantly, CIAM during the coronavirus pandemic fortifies the digital perimeter; it helps keep bad actors out of sensitive databases. Hackers prefer to take advantage of troubled times and crises to facilitate their attacks; several studies indicate that they are exploiting the COVID-19 pandemic to take advantage of people’s fears. 

Moreover, according to Ping Identity, 81 percent of consumers would stop engaging with a brand online after a data breach. Meanwhile, 63 percent of consumers believe companies are responsible for protecting their data. The long-time viability of your business hinges on its ability to fully authenticate their customers.  

Posted by Ben Canner in Best Practices

CyberArk provides free subscriptions for Alero

As organizations move quickly to do their part in stopping the spread of COVID-19 people are working remotely more than ever before.  At CyberArk we have taken action to protect the health and safety of our global community of customers, partners and employees – including having our employees across the globe work from home.

It’s not always easy for organizations to move to full remote work, especially having to balance productivity and security. Sudden, unexpected changes in the amount of work being done from home affects the workflows of remote users – especially those requiring privileged access – and most of the time, organizations don’t have the ability to properly scale. Additionally, attackers are working to capitalize on people’s fears and desire for information, which underscores the need to safeguard critical systems and assets.

Utilizing technology to overcome these challenges can help make these trying times a bit easier. Whether that’s making greater use of video chat and conference calling or allowing secure access to internal systems from anywhere, technology is helping business to continue with as little disruption as possible.

Recently we launched a new use case for CyberArk Alero to address the needs of all remote users (employees and vendors) by providing secure remote access to critical systems managed by CyberArk.

We’ll be offering qualified customers the use of CyberArk Alero at no cost through the end of May in hopes that it will help ease some of the burden associated with the changing work environment.  There are many ways that we, as individuals and as a company, are working to help our communities during this trying time.  As business continuity plans are being tested, we hope to help organizations keep business running securely while putting the health and safety of all of us first.

The offer
Together with CyberArk, we offer the deployment of Alero free of charge for up to 100 users (until 31 May). The deal also includes free 2-day consultancy to set up this SaaS-based solution. These are necessary to prepare Alero for you and to prepare your IT environment remotely.
There are some technical preconditions:

  • CyberArk v10.3 or higher is required;
  • Licenses must be assigned to external users
    Leer meer
    Detailed information about the Alero SaaS solution can be found on the CyberArk website

If you would like to take advantage of this offer, please contact us. One of our engineers will determine whether your environment is suitable for this. We can set up a plan for the installation in consultation.

en_USEnglish nl_NLNederlands