Live Webinar- Through the Eyes of the Adversary: Breaking and Defending Identity
Aerial view of a large, dense crowd of people standing close together, wearing colorful clothing and hats, with some individuals looking up toward the camera.

Pulse Report Surveys the Role of Identity in Complex Corporations

/in /by

What’s the role of identity in your enterprise?

We were curious, so we surveyed 300 enterprise tech executives who are involved in making identity-related decisions to get their take. No huge surprise, identity remains a key part of security infrastructures. Let’s take a look at the high points—and pain points—of today’s identity implementations, with a look ahead at coming trends and essential innovations.

It’s All About the Sprawl

Complex organizations are grappling with an unprecedented amount of identity sprawl generated by business digitization, along with the rapid rise of pandemic-driven remote work that has become our new normal. For complex organizations with years of identity investments, all this identity sprawl can be a real drag on progress. While the exec team works on delivering big picture enterprise-level imperatives, the only way to secure these visionary initiatives is with a complicated underlying identity infrastructure that can’t easily move at the speed of business. This places even more pressure on the IT team to deliver for the C-suite. So how are IT leaders looking at identity in a digitally transformative world, where Trust is at Zero and risk is sky-high?

With the number of identities in use spiraling out of control, individuals and entities are both grappling with how to manage multiple identities for a single user. One key driver of this trend is all those legacy investments still in use. According to this survey, being able to leverage legacy identity assets matters to every respondent—and for more than two-thirds of respondents, these legacy systems remain very or extremely important within the modern identity infrastructure.

As exciting as the latest trends are, from cloud migration to digital transformation, legacy technology remains a necessary part of the infrastructure to at least some degree across the largest organizations in the world. Still relevant—and in need of hands-on management—even in the face of so many new innovations.

Identity Complexity is Stressful for Admins and End Users Alike

There are plenty of pain points across the identity infrastructure, with too many forms of identity to manage, too many credentials to remember, and too many identity silos to unify. All this complexity has led to a rise in frustration, with identity stress as a common theme for our respondents. In fact, they all expressed some form of dissatisfaction with the ongoing challenges of managing identity access and integration.

This is not entirely unsurprising, since today’s enterprise identity administrators are grappling with many disparate forms of identity, built over years of identity innovations. In fact, more than two-thirds of identity admins agreed that maintaining and managing so many different forms of identity is a real headache. But the experience of business users struggling to manage multiple credentials is no picnic, either, with well over half of respondents indicating that their users share this difficulty—and that all this identity friction leads to lower productivity for end users, while also boosting the hassle factor for admins.

Access Control and Governance Tools Can’t Always Cover Every App and User

The good news: one in five respondents have centralized, granular control and pass audits easily. The bad news: that leaves the vast majority still struggling with these core competencies. When asked whether they have a uniform approach to controlling access and meeting compliance requirements, more than two-thirds of users agreed that their modern access control and governance solutions still left out a good number of applications and users, while one in ten are still grappling with legacy applications that are difficult to integrate with more modern security practices.

Consolidation and Cloud-Readiness: Delivering on the Promise of Major Initiatives

A well-oiled identity infrastructure should be the underpinning of many corporate goals, whether you’re looking to quickly integrate acquisitions so users, both old and new, can access what they need to be successful or readying your infrastructure for a cloud-first future.

One third of respondents have either gone through recent merger or acquisition activity or anticipate it in the very near future. For those post M&A, close to half were not able to deliver application access across newly merged or acquired entities for 7-12 months, with more than a third taking up to eighteen months to deliver shared access. That’s a long time to go without true business productivity and collaboration!

True cloud-only computing remains an unmet goal for all but three of the respondents. More than two-thirds are hybrid cloud, with some implementation underway—and a quarter said they were hybrid cloud-curious, with goals in place, but no implementation yet.

According to Gartner’s 2021 Planning Guide for Identity and Access Management, we can expect distributed and hybrid architectures to persist for the foreseeable future, becoming increasingly fragmented, even with cloud-first strategies in place.

So what moves the needle?

A Single Source of Identity Data for Digital Transformation and More

It’s a worthy goal—after all, IAM isn’t easy, especially in complicated architectures that have grown over successive waves of innovation and consolidation. When asked what they would do with a single on-demand source of identity, nearly half would move forward with digital transformation initiatives. A third would end the cycle of constant customizations (just think about how much time you’d save, how much time you’d free up for other business-critical pursuits). Transformational change is what’s required to really shift the conversation from what you can’t get done to all the things you can.

So many of today’s most significant trends, from cloud migration and customer IAM to digital transformation and Zero Trust, hinge on the ability to deliver a robust and unified identity data foundation. What does that mean? It means getting security right by putting your identity data first. It means being able to access every attribute from across all your diverse sources—no matter the protocol. It means harnessing identity data and making it work for your business, for your success.

If you’re curious about how we help complex organizations transform identity data into a project and progress enabler, we’d love to talk!

Seven people stand in a row on a beach at sunset, each holding a surfboard upright. The sky is filled with dramatic orange and yellow clouds above the calm ocean.

Welcome to Radiant 2.0!

/in /by

It’s been a while since we posted on our long-dormant blog, but the team and I are happy to see you here and eager to begin an on-going conversation about how identity and technology can enrich lives, encourage communication, and strengthen security.

A little about me, since I’m new to the Radiant Logic community. I am a four-time CEO working with TA Associates, a long-time leading light in the PE world. One of my passions as a leader is taking great teams and giving them the tools and attention they need to elevate their game to  delight our customers and create meaningful growth for the company, while strengthening their own careers. I’ve been struck by the amazing level of talent here, grounded by the shared goal to truly deliver for customers, from innovative technology to great service across the board. This is what makes Radiant Radiant.

We are not starting from scratch. RadiantOne has long solved enormous challenges for complex organizations, from the Fortune 1000 to federal agencies. My goal is to build on Radiant’s long history of innovation and service—in fact, these were key drivers in our interest in the company. We’re making big investments in the team and the tech—and they’ve already begun to pay off. I can’t reveal too much about where we’re headed, but our next 18 months should be full of exciting advancement, delivered with the same commitment to service and support that Radiant’s known for. Stay tuned for more on where we’re headed in blogs to come.

Our Technology

We bring the best of security, identity management, and data analytics into a single Intelligent Identity Data Platform, unifying identity across diverse sources to create a powerful Identity Data Fabric. This breakthrough innovation delivers the unified identity data foundation for your identity fabric and cybersecurity mesh, two of Gartner’s key IAM initiatives for 2022 and very likely on your team’s To Do list, as well.

Radiant has spent years carving out an important place within the broader identity landscape, delivering foundational technology that enables the biggest trends in identity and cybersecurity. We have a long history collaborating on key customer roll-outs with the other big players in the identity space. We are proud to seriously enhance Okta, SailPoint, Ping, and many others by future-proofing identity investments, speeding time to value, and enabling Zero Trust. Our complementary technology lays the unified identity data foundation that helps their identity-reliant solutions sing—and our Identity Data Fabric clears the path to securing all sorts of exciting technology on top of our powerful unification platform. Of course, years of successful implementations have confirmed that everything goes better when you begin big initiatives with RadiantOne already in your infrastructure. As we like to say: “Put us in first, coach.”

Our Teamwork 

I’ve led many teams across my career and I will tell you: this group is special. They share a collaborative spirit that’s centered on doing what’s right for Radiant, each other, and all our customers. I’ve seen folks go out of their way to help a colleague get unstuck and entire teams come together, day or night, to solve customer problems and ensure customer success. There’s a reason we consistently receive a near-perfect score on Gartner Peer Reviews.

While working together is an everyday practice here at Radiant, the team is also ready to mobilize when necessary. I got a first-hand look at this response during the worldwide Log4J crisis. Our teams jumped right in, quickly coding a fix for our Log4J implementation and staying in close communication with customers throughout the process—and even now. I was especially touched by a customer email thanking us for our leadership and praising our team for doing a better job explaining the high stakes of the Log4J vulnerability than any of the other vendors he’d heard from. Nice work all around, guys.

Our Public Face

When I first came to Radiant, the website had not been a priority for a very long time. The team’s focus was always on technology, service, and support. But we knew we also needed a world-class digital home to share our story and connect with customers, partners, and all the large organizations out there struggling with years of infrastructure investments. So my team worked hard over the last few quarters to create an engaging space that delivers the best of Radiant, showcasing our technology, our values, and even our open positions if you’d like to join the Radiant team. (We’d love to meet you!) 

If you haven’t spent much time on the new site, you can dive deep into our Intelligent Identity Data Platform and explore how RadiantOne helps you improve experience, drive efficiency, and minimize risk across an array of important use cases. You can even see me in action

A special note to customers: thank you for your trust. We want to change the way you look at your identity data, while helping you realize meaningful value that reverberates throughout your business. RadiantOne is a gamechanger for sizable enterprises across every industry and I know my team is eager to share how our tech and talent can make a difference in your organization. 

Here’s to a great year working together. 

 

Aerial view of Paris, showing dense city buildings, the River Seine, and the green lawns of Champ de Mars park leading to the Eiffel Tower (not visible), with cloudy skies overhead.

The Rise of the Identity Data Fabric

/in /by

Fabrics–so hot right now. Identity Fabric. Data Fabric. Cybersecurity Mesh. In fact, Gartner named data fabric and cybersecurity mesh (which includes the Identity Data Fabric as a key component) as two of its top strategic technology trends for 2022. When you look at the commonalities, the underlying formula is actually pretty simple: [integrate data + connect processes] = [reduce complexity + achieve business goals].

The key takeaway? It’s all about the data–it’s the thread in your fabric–and you need it as a foundational layer in your enterprise IT architecture. In the world of Identity and Access Management, without a comprehensive picture of who has access to what, what each user is allowed to do, and being able to adapt quickly as things change or business needs shift—your whole infrastructure becomes hostage to your identity processes and the quality of your identity data.

Identity, Identity Everywhere

First, let’s look at some of the problems facing today’s enterprises. Thanks to decades of inorganic growth, move to the cloud, piecemeal IT solutions, and more recently, the rapid and unplanned move to remote work, there’s an exponential amount of IT complexity and a proliferation of identity siloes in the enterprise. In fact, a 2021 survey by the Identity Security Alliance reported that 83% of respondents had seen an increase in the number of identities within their organization in the past year. This sprawl leads to tremendous technical debt, turning identity and access management into a roadblock for many organizations, and vastly expanding the attack surface.

If identity sprawl was a problem before, it’s exploded since the pandemic. Well-intentioned remote users signed up for productivity apps–think Dropbox, Slack, Trello–likely outside of the domain of the enterprise IT team. Enter the presence of shadow IT. And this problem will be with us for a while–as of today, only 4% of large enterprises are fully in the cloud.

This identity sprawl has led to overwhelming complexity, and it takes a heavy toll on resources. While organizations want to embrace digital transformation and move to the cloud, they’re weighed down by an immense amount of unreachable identity data. Every new identity project takes much longer than anticipated, demands huge costs in customization, presents a huge burden on staff across the enterprise, and reveals security gaps due to the complexity and inflexibility of the legacy infrastructure. Many projects get stuck and organizations settle for “good enough” instead of wasting more time and resources trying to resolve the problem for good. It’s no wonder that cybersecurity breaches continue to skyrocket.

Identity data silos cost more than just time, money and resources—it inhibits forward progress, causes employee frustration, and creates a poor customer experience. But don’t worry-there IS a better way forward.

Identity Fabrics: A Part of Identity-first Security, but Not Enough 

Leading analyst firms are now introducing identity fabrics as a way to organize and manage a distributed identity system. It’s a featured topic at this year’s Gartner IAM summit, and KuppingerCole is now creating a leadership compass for identity fabrics. It’s a modern conceptual approach to security architecture, enabling the distributed enterprise to deploy and extend security at the asset itself.

The piece that they’re missing is that these architectures depend on being able to access quality identity data. 

In a recent webinar, analyst Martin Kuppinger describes the identity fabric as a paradigm for architecting a future IAM. He also says, though, that “A main challenge in IAM is dealing with identity data–relationships, integration, and identity information quality.”

You need the data to make these security decisions–without it, your cybersecurity mesh is operating without all the necessary info. It’s like flying a plane without weather data or a working GPS. The engines will run, but you’re lacking critical information to operate in the safest manner.

What if we could introduce a data fabric for the identity world, making unified identity data available everywhere it’s needed, regardless of its original source?

Needed: A Radically Simple Approach 

IAM tools would be more effective if they had one consistent place to connect to up-to-date identity data in their desired format, in an instant. One location to access the identity data needed, in the exact protocol needed, delivered on-demand. No complexity or customization needed.

That is the promise made by a new category known as the Identity Data Fabric–it’s an integrated layer of identity data (fabric) that connects to all the different sources of identity, unifies the data into global user profiles, and makes that data accessible in the exact format required by the consuming applications or services. In a nutshell, it automates the painstaking tasks of aggregating, joining, correlating and synchronizing identity data from disparate identity silos into one authoritative identity data feed.

As opposed to the identity fabric, an Identity Data Fabric focuses on unifying the identity data itself, rather than trying to integrate identity at the application layer. Instead of having every identity tool repeating and duplicating the same integration efforts–a common response to identity sprawl–the Identity Data Fabric serves up unified identity data on-demand to each application and service, using the access protocol of choice.

Build it once, reuse it everywhere. It’s the radically simple approach to managing identity in a complex world. And it provides fast, highly-available access to the information needed to fuel modern, identity-first security architectures.

How Does It Work?

The RadiantOne Platform is the industry’s first Identity Data Fabric. We use patented identity unification technology to:

  1. Abstract identity data from any and all sources,
  2. Build enriched global user profiles; and,
  3. Deliver real-time identity data on-demand to any service or application

Our identity knowledge graph–unique in this space–extracts and represents relationships down to the attribute level, allowing users to stitch together the next generation of zero trust security policies, customer data profiles and machine identities.

What Problems Does an Identity Data Fabric Solve?

Basically, an Identity Data Fabric turns enterprise identity from an obstacle to an asset.

Through increased visibility, and a unified global profile of each user, it’s much easier to reduce common security risks such as users with excess privileges, or recognize active accounts from former employees. It also allows organizations to easily scale up and accommodate any new elements as the company continues to grow and support digital transformation or IT modernization initiatives.

An Identity Data Fabric:

  1. Improves Customer Experience: The customer journey involves digital tech, yet this data often sits in disparate silos. An Identity Data Fabric unifies identity data to enable personalized experiences. One major cruise line used RadiantOne to create a holistic view of users that enabled 15% revenue growth.
  2. Drives Efficiency: Mission-critical applications can take months—or even years—to roll-out, due to chaos and hard-coding in the identity infrastructure. A global hospitality giant modernized their IAM infrastructure with RadiantOne, reducing time-to-market for new projects by at least 6 months by enabling developers to create new dev environments in minutes instead of months.
  3. Minimizes Risk: A Zero Trust approach relies on attributes to enable progressive disclosure, yet many sizable organizations face identity complexity and fragmentation, making informed security decisions impossible. Radiant Logic was recently selected as an collaborator in NIST’s National Center of Cybersecurity Excellence Implementing a Zero Trust Architecture project. 

The Path Forward

Identity will continue to be at the heart of business IT for years to come, as organizations continue to grow rapidly, accommodate the unknowns, and operate in a hybrid model. We need a clear and accessible system to manage identity sprawl. However, addressing identity sprawl at the level of each application and leaving data in isolated silos with minimal visibility can be incredibly risky, with the threats of data theft, malware, and ransomware lurking.

An Identity Data Fabric approach–weaving together identity data and putting it to work in the enterprise–will save vast amounts of resources, money and time further down the road as new threats arise.

Two chess kings, one gold and one silver, stand on a black and white chessboard against a dark background.

Identity Deathmatch: Unification vs. Integration

/in /by

Let’s get into it. If our goal is to reduce complexity and make identity data usable across the organization—to enhance security, drive better business decisions, and support ongoing change—what represents the best approach for doing that? Integration or Unification?

Much like the clay-animated celebrities in a deeply immature television show from the late 90’s, approaches to Identity & Access Management (IAM) must be made to fight to the death. Enter the cage, and let’s see which method survives scrutiny in this edition of Identity Deathmatch.

Integration

In one corner we have “integration”, a murky function that many players in the IAM world say is included in their solutions. What does that mean exactly? The definition varies vendor to vendor. It’s amorphous and unknowable. It’s a secret, you wouldn’t understand. It has something to do with consolidating identity; connectors play a key role; it may include some basic merging of user profiles where there is a common identifier handy, perhaps de-duplication, and probably a good deal of manual effort to make things work across different applications.

Integration is usually a lightweight approach that aggregates identity information for a specific use within a particular tool, at the application layer, for a specific purpose (think single-sign-on, multi-factor authentication or governance and administration). Even if the integration “process” removes duplicate accounts and normalizes data, the end result is still a siloed set of user information that can only be used for that specific use case. It’s a semi-manual process of aggregating identity data in a rigid and proprietary format specific to one system—and it may be only a subset of the user set you really want to integrate, and a very narrow definition of identity that leaves out important user information. The process for accomplishing this may vary—from Extract Transform Load (ETL) to connectors—but it all amounts to the creation of another static system, rather than an identity foundation that will serve multiple initiatives.

Applications can swap identity information with each other using federated access protocols like SAML and OIDC—but does that really count as identity integration? We can see that integration falls short in the long deployment times for rolling out initiatives like SSO or IGA. Why are these deployments so challenging? Often the roadblock is getting a unified feed of identity data to make the tool work as desired, and the challenge of getting at the identity data will often take significantly longer than expected. A typical issue we see organizations run into is that dispersed identity leads to failure for Identity Providers (IdP’s), since identifiers don’t always match across systems. The IdP can send your email along to the application you want to access—but what if you aren’t known by email there? Or you’re known by a different email? Maybe this application knows you by a proprietary user name instead? The IdP isn’t the component responsible for sorting out the difference, finding the correct identity attribute, or resolving the identity collision. So, whose job IS that? (It’s ours).

“Integration” is usually done at the application layer and enables key functions like SSO, but it doesn’t go deep enough to address the quality of the data feed that drives the success of the tool. If you want to add operational agility for SSO and all other initiatives—it all comes back to the DATA. Unreliable access to data, inconsistent data, disconnected data. This is your roadblock. And it’s exposing your organization to unnecessary complexity, inefficiency, and security risks—because access systems and tools are only as good as the data that feeds it.

Many IAM vendors are doing enough integration to suit their own purposes and perform their core tasks, but integrating identity data is not their main goal. That is a bit backwards. If I’m trying to “integrate” identity, why would I task my SSO platform with it, or even my Identity Governance & Administration (IGA) solution, when those two barely talk to each other? How can I create an integrated, seamless IAM infrastructure when tools don’t play nicely together or share data feeds? In sum, integration is a tactical approach in a strategic world.

Unification

Which brings us to our second contender, Unification. Unification is the end-to-end process of taking distributed identity data from all sources to build an identity foundation—a rich data set containing all user information that can be quickly and infinitely changed to represent identity according to any requirements. The goal is to take a core asset for organizations that is not being optimally leveraged—identity data—and transform it into a reusable resource for the entire organization, across many initiatives.

The crucial first step to unification is understanding where enterprise data is coming from, how it’s being used, and then making thoughtful, strategic choices about how it should be used. You need to identify, connect, correlate and contextualize identity data from all systems (including that legacy directory that you’re scared to touch), and make it available across your entire infrastructure—using the insights from this contextual data to improve security, efficiency, and ultimately to be a resource to the business.

At a high level, our approach is all about laying the identity foundation, by breaking down silos to harness the value of identity data that today is spread across a variety of non-interoperable systems. You can’t adequately protect a system of applications if you don’t have a clear picture of what’s really enforced at the level of each application, what’s available to be enforced, and how all your applications are interrelated. There is a missed opportunity when you’re not able to surface and leverage the relationships within the data (just think, do you have a global view of everyone who left your company last week? Everyone who has recently changed roles?). Establishing reliable identification of each user, and connecting accounts to all related data points (such as, what is the user’s risk score? what are their entitlements?), closes the gaps on what is crucial to know about your users. And that is where Identity Unification comes in.

The best approach to handle identity sprawl in today’s increasingly complex organizations is to implement an intelligent identity layer that decouples applications from the underlying infrastructure—making a flexible identity source that is re-usable across platforms and services and enables interoperability at the data layer. This contrasts with solutions that coordinate identity integration at the application layer, which tends to create more identity silos rather than truly “integrate.”

Identity Unification is a process that logically brings together identity data from all sources and protocols, to build a reliable identity resource that is infinitely flexible and consumable by anything, anywhere, anytime.

Using Unification to Build an Identity Data Fabric

Unification is accomplished with an Identity Data Fabric, an architectural component knitting together dissimilar and distributed data stores to make “getting to the data” easier. Identity must work across a number of contexts, which is what the fabric architecture is all about: making identity ubiquitously available in the manner most relevant to each consumer. No offense, but this is impossible to do with integration at the application layer.

To build your organization’s Identity Data Fabric, you need a platform that virtualizes identity data out of existing sources (on-premise and cloud directories, databases, applications), unifies it, and makes it available via the right interface.

Let’s take a walk through the key functions required to unify identity, and how an Identity Data Fabric performs them—for the purpose of supporting the overall Identity Fabric (for more about the Identity Data Fabric, and the difference between that and the more widely-known Identity Fabric, please see my wonderful colleague and IRL friend Heather’s post on the topic here).

Integrate: Just the Beginning

You’ll notice the first step in the Unification process is Integration! Plot twist. Integrating is actually key to this whole thing, but it’s just the first step in the overall Unification process, and it has to be done Intelligently, with a capital I. A critical function is an automated but sophisticated process that can determine which digital identities represent the same entity (human or non-human), and how to handle it when the same identity shows up in various forms across systems.

Some questions to ask yourself when you’re lying awake at night thinking about your identity environment: What criteria or common identifier can be used to link an identity across all systems in your infrastructure? If there is no global identifier for establishing a connection, do you have a method for implementing a series of rules that can identify the same-users? When there are many same-users with different accounts spread across those sources, how is that managed? What if that same-user has multiple values for the same attribute—what if they are CONFLICTING across different sources and causing identity “collisions” at the application layer? Then what are you going to do???

This is not a problem that a series of connectors can solve. Managing this level of detail is best left to a specialized identity data unification layer.

Mapping and Translation

Building cross-platform interoperability means you need the ability to transform different data representations to meet varied consumer requirements. This is key for enabling interoperability—systems that don’t speak the same language need an interpreter; doing this translation at the data layer is the best option.

Let me give an example. You’re maintaining a legacy LDAP directory because critical applications rely on it, but you also have applications running in Azure. Many users need access to both sets of applications, and maintaining their account information across the on-premise and cloud directories is a pain but still has to happen. One of the challenges is that the data structure is different—in the LDAP a user’s location is stored as: “countryName= United States of America,” but that needs to be transformed for synchronization to and from the cloud system. Azure AD requires the value for this attribute to conform to a two-letter country code format (in this example, “usageLocation=US”). Keeping this information in sync across the different systems requires remapping on the attribute name and a computation for the value. Creating this single connection may be annoying but not a terrible burden, until you realize you have ten legacy directories and you’ll be running into this same issue with other cloud directories and new tools and platforms over and over… forever.

The fix is an intelligent identity platform that centrally manages transformation. This delivers efficiency of scale—you avoid having to customize a solution for every new project, new application, etc. into eternity. Configure, don’t customize.

Build Views

Unlocking the value of identity data means delivering access to that data securely and in the format, structure, and protocol that each consumer expects. To that end, an Identity Data Fabric helps you design views that meet various requirements, leveraging model-driven virtualization to tailor what each application “sees.” Decoupling applications from storage with a virtual abstraction layer lets you flexibly adapt identity data to meet different needs and make changes without causing disruption.

Enrich User Profiles

We can’t overstate the value of the Global Profile: a complete entry for each individual with data coming from multiple systems consolidated into one access point. The global profile enables modern security models like Zero Trust Architecture, by bringing together identity data from multiple endpoints—so fine-grained access solutions have all the information they need to enforce policies.

Dynamic Groups

Groups are traditionally based on a static label assignment to a list of given identities. When new identities are added, group memberships must be manually maintained. This creates additional work for system administrators, and leaves room for error that could put your security at risk should access be incorrectly granted or maintained. An Identity Data Fabric rationalizes existing groups and offers an upgrade from static to dynamic groups, massively simplifying administration while adding granularity to your access model.

Deliver Speed and Scalability

Given that our platform acts as a central information point for making real time access decisions (authentication, authorization), it has to be performant. Delivering reliable access, fast, to data spread across many disparate endpoints necessitates heavy-duty scalability based on the latest in storage technology. Enough said because I’m overrunning my target word count, but learn more about how we scale here.

Synchronization

Finally, synchronization ensures that data is consistent and up to date across the identity infrastructure.

Integration and Unification: Better Together

I was only kidding about the Deathmatch stuff. Integration is an important capability; it exists symbiotically with our platform—but I hope to make clear that integration alone doesn’t scale as a solution when you have complexity in your infrastructure. That’s a job for Unification.

RadiantOne is here to weave all these elements together, to enable the multifaceted IAM system through unified identity data. We want to avoid the piecemeal approach by laying the identity foundation—easily threading in more advanced solutions (think Attribute Based Access Control, Zero Trust Architecture, etc.) and new technologies as organizations want to adopt them.

Let’s Be Friends

There is already an awareness of the need for integration in our space. We see this in the move towards the fabric architecture overall, and with standard protocols at the application layer, like OIDC and SAML, for federating access via Identity Providers. We see it with orchestrators, managing security policies across clouds and IAM systems. Clearly, our customers want the ability to assemble solutions that, together, add up to more than the sum of their parts.

So how do we get there? The emerging fabric pattern offers a way to establish interoperability seamlessly. An Identity Data Fabric establishes a common framework for easily integrating solutions. Unifying identity at the data layer, versus integrating for individual solutions—means we can avoid making a series of point-to-point connections in redundant, wasted effort.

That’s why RadiantOne is deployed to do the toughest identity unification work, helping organizations to build a trusted identity foundation that speeds project after project.

Stacks of colorful plastic and metal pipes of various shapes and sizes are neatly arranged in a large shelving unit, creating a geometric and organized pattern. The pipes are grouped by color and type.

Keep the Silos and Elevate Your Identity with an Identity Data Fabric

/in /by

For complex organizations, data silos are here to stay. As we discussed in our first post in this series, these silos do important work and contain essential data about your usersincluding your all-important customers. Some companies want to streamline their infrastructures and reduce the silos, but that can be a long and expensive process. There’s a better, faster way to gain the high-level views of identity that allow you to make informed decisions, speed key deployments, and drive deeper insights. Why dump the data stores, when you can unify the data and deliver global views and profiles? 

An Identity Data Fabric unifies identity across all sources, laying the foundation for your identity fabric and cybersecurity meshtwo of the highest priorities in the digital security landscape.

Why an Identity Data Fabric works for companies and security teams

An Identity Data Fabric allows companies to logically centralize identity management while making the most of existing identity infrastructure investments. This solution increases the ROI of the data silos until it makes sense to replace them with a different option. Managing large volumes of data is challenging, so the Identity Data Fabric offers visibility into the existing silos, making the best use of the data they contain, while enabling teams to design the right long-term data management strategy for it.  

Security teams like the Identity Data Fabric approach because it unifies identity attributes across all data silos into a single source of truth about all users. This flexible solution creates a contextual, complete view of identity data in the company while offering greater visibility into all the applications and systems being used across it. Increased visibility makes designing a more robust security strategy easier because security teams can consider every possibility, modeling scenarios, and testing solutions with ready access to every user attribute. 

Deploying and scaling security rules becomes easier with an Identity Data Fabric solution, as well, because security teams can:

  • Set prioritized security rules that flow efficiently downstream
  • Set different security options based on the data type stored in the silos
  • Create and deploy the same security policies in different ways because the Identity Data Fabric has already contextually identified and aligned the data with the appropriate security rules.

As many companies are looking to increase spending on digital transformation and cybersecurity next year (56% and 50%, respectively,) an Identity Data Fabric solution like RadiantOne Intelligent Identity Data Platform is a wise investment. 

Why an Identity Data Fabric works for users

But what about users? How does an Identity Data Fabric affect them? Done right, it reduces their friction to use the applications and systems they need to do their jobs. No more keeping track of 10 different logins and passwords or checking on the status of a data store. The Identity Data Fabric platform handles all of this automatically so that they can concentrate on their work. 

An Identity Data Fabric is also a high-availability system. Downtime can cost companies anywhere from $1,000 and $2,500 per minute, according to ITIC’s 12th annual survey, so anything they can do to reduce downtime saves money. Users can be confident with their tech stack and know they won’t have to wait hours for fixes to the Identity Data Fabric if anything goes wrong. 

From an end-user perspective, managers can be confident that their team is adhering to organizational security standards because they know the Identity Data Fabric is handling the logins and access according to the most robust and current data that’s available. They don’t have to consult any documents or ask for help from the always-busy IT team. They know that they’re covered as long as their applications and systems fall within the security categories and guidelines set up by IT, including any new cloud application they may want to use. And if they’re not, the Identity Data Fabric platform makes it easy for them to ask for help. 

Transforming Silos from Bottleneck to Business Enabler

Data silos don’t have to limit what your company can do or how you protect your networks. In fact, they may actually be a key to better security. By abstracting data from every silo and making it available to any app or system that needs it, it unlocks the value of your fragmented data, so your company is free to develop smarter security strategies that work across the organization. 

Teams and users will still have secure and appropriate access to the tools and systems they need, but with much less friction—and far less hassle on the backend. IT and security teams will be able to develop and deploy meaningful and scalable security protocols that will protect your company’s data no matter where or how it’s located. 

Smooth stones form a path across calm water, leading toward the horizon at sunrise or sunset. The sky is clear, and gentle ripples surround each stone, creating a peaceful and serene atmosphere.

Deliver Customer Data Privacy and Compliance by Unifying Identity

/in /by

Managing your customer identities online is an increasingly complex issue. Your organization wants to maintain as much information as it can about its customers, so it can deliver the best user experience, offer smarter support, develop better products, target marketing, and—let’s face it—cross-sell and upsell. But you also have a serious responsibility to keep their data secure. 

Customers expect a certain amount of privacy. Many are becoming reluctant to give up certain information, and rightly so, since millions of consumers have been burned by high-profile data breaches such as Equifax, Yahoo, and Facebook. While a data breach can tarnish a company’s reputation and result in lost revenue, the stakes are equally high for customers. Identity theft, where the criminal commits fraud using the customer’s name and other data, can lead to expensive legal issues and ruined credit.

This increase in large-scale data breaches has led to much stricter data privacy laws. The first regulatory shot fired was the European Union (EU)’s General Data Protection Regulation (GDPR) of 2016. GDPR applies to companies located in the EU, as well as any organization processing the data of someone in the EU, no matter where it’s located. The goal is to give EU citizens more control over their personal data, and ensure that their data is protected. Many other laws around the world have been modeled after GDPR, including the California Consumer Privacy Act of 2018 (CCPA). CCPA protects the privacy rights of California residents, giving consumers more control over what personal information is collected and how it’s used.

These and other data privacy laws around the world are the trend, not an exception. In order to stay in compliance and protect your users, your organization needs a solution that delivers security, easy information collection and retrieval, and compliance with regulations. Not a simple task for most organizations!

Create Global Profiles Across All Sources To Ensure Privacy Compliance—No Hard-Coding Needed 

Ideally, you’d have easy access to all the user data from across disparate IAM and other tools. But each attribute also needs to remain in its existing store, servicing the needs of the applications that rely on it. After all, these systems aren’t built to easily aggregate across disparate user profiles, stored in many places across diverse formats. Combining all these to get a rich global profile for all your users sounds like a no-brainer, but it’s a daunting task on the backend. 

Or you could skip all the hard-coding and unify identity across all your diverse stores to build global user profiles. So you have an always-current source of the richest possible user information to ensure regulatory compliance, along with a world of other key initiatives, from access management to Zero Trust. The original sources remain authoritative for their attributes and any changes on the backend are automatically synced into RadiantOne Intelligent Identity Data Platform, so you’re always operating with the latest data. Here’s how it’s done:

  • RadiantOne abstracts your identity data into the platform, maintaining its context, structure, and existing relationships.
  • By combining all the attributes from across all your sources into global profiles, we give you a 360-degree view of each and every user. 
  • From there, it’s easy to create diverse views of some or all of your users, where each consuming application gets only what they need, exactly how they need it.

Being able to create these targeted views of user information is invaluable for regulatory compliance. With GDPR and CCPA, for example, customers can request you delete all the information you have on them. Because RadiantOne unifies identities across your entire infrastructure, the platform immediately identifies where all the personally identifiable information (PII) is located across every backend source, then can eliminate all that information in one single step. So you can view and keep your data up-to-date, and verify removal from all your systems to demonstrate regulatory compliance to the customer and other entities.

With RadiantOne,  it’s easy to move your information infrastructure forward, while staying in compliance with current and future privacy regulations. Ready to learn more? Contact us today to see how Radiant Logic’s customer identity solutions can help your organization provide a better customer experience and meet privacy compliance regulations.

A close-up of a spider web covered in small dewdrops, with a blue blurred background. The delicate web strands are highlighted by the sparkling water droplets.

Are Data Silos Your Key to Better Cybersecurity?

/in /by

From the largest enterprises to the smallest local businesses, every company has a data silo—or, more likely, many silos. Each one can slow down how your company works, but most importantly today, it affects how these organizations deliver cybersecurity.

Silos are both a sunk cost and a potential goldmine, full of rich attributes that could drive deeper insights and smarter security across your organization—if you can access them efficiently. This has been a real pain point, especially for large, complex companies, due to the widespread nature of the silos and the time, effort, and expense of trying to hard-code a vulnerable one-time-use connection. Add in any legacy technology and a far-flung remote workforce, and it’s a nightmare for security.

But instead of blowing up the silos and moving all that disparate data to a central repository, there’s a better option. One that lets you keep all your company’s authoritative repositories—which are perfectly purpose-built for the job they do—while making them easier to access, unify, and secure within your tech stack. 

It’s called an identity data fabric, and it’s the secret to stronger, more flexible cybersecurity. An identity data fabric unifies your identity data across diverse stores in a way that makes it consumable by any application or system in your company, whether that’s legacy or modern, on-prem or cloud. 

Your security team can use the identity data fabric to create a security strategy that’s unique to your needs, scales across the organization, and instills confidence in your security posture. And that confidence is something that many company executives can’t count on, as we see from this study where nearly 90% of IT leaders were uncertain about their company’s IT security. 

Let’s take a closer look at data silos and how an identity data fabric platform can help you increase your cybersecurity posture and give everyone more confidence in IT security. 

The origins of data silos

Data silos are defined as a repository of data controlled by one department, team, or business unit that’s isolated from the rest of the company. The data is usually stored in standalone systems like LDAP directories, Active Directory (AD) directories, web service APIs, REST APIs, data warehouses, and applications. 

These silos tend to spring up parallel to organizational structures, mirroring the growth and evolution of teams and workflows. Most arise naturally because each team or business unit operates independently. For example, your company may have information about a single customer in three different areas:

  • Marketing may have contextual information on a customer, such as their engagement level before purchasing.
  • Sales may have detailed information about various contacts with the same customer, which they use to set up demo calls or other sales-enablement activities. 
  • Customer support may have information about that customer after they finally purchase, such as their recent questions for help or what onboarding training they accessed.

Each department has its own goals, priorities, and budgets. Management doesn’t always feel the need to consult with the rest of the organization, including IT and cybersecurity teams, making it difficult to strategize ways to create fewer silos–or better connect the data contained with other sources of information to drive more informed decisions.

Teams are adding to their array of legacy systems with new applications, cloud services, and even edge computing (Internet of Things, or IoT) devices. Each one generates new identity data and stores it in a separate part of the ecosystem, often outside of an organization’s network. And silos lead to more silos, where a single silo for a team or legacy application can grow by three to five times as silos. And that’s bad news for companies looking to create more collaborative, data-driven organizations. 

Data silos create barriers to data sharing and collaboration across the organization. When key data  is stored across diverse repositories using disparate protocols, data is frequently duplicated or conflicting, with no easy way to know which cell number or user address is correct or authoritative. Without a higher-level view of all the data across these disparate silos, business leaders can’t view a transparent overarching view of company data to drive more informed decisions. The disconnect between teams, tech usage, and data location also introduces security risks to the broader corporate systems.

Why are data silos a problem for cybersecurity?

Siloed data is a major cybersecurity risk. Each new system, application, or cloud service generates new identity data. But this data is rarely mapped or aligned to existing security frameworks, making it challenging for companies to enforce identity management and cybersecurity policies using all the intelligence it has on its users and user types.

You can’t authenticate what you don’t know about

Security teams often struggle with data silos because of the challenge of authenticating and authorizing users across these isolated systems. There are too many systems for security teams to manage—and they might not be aware of every source of meaningful security attributes. Each application and system may have differing levels of identity and data security, as well. Unless the security team is aware of the system and knows about its security features, it can’t be sure it meets its security requirements. 

The data’s geographic location can be a problem

Increasingly stringent global data privacy laws and new industry data security standards are also complicating the security picture. Companies must be aware of what data they have, where it’s stored, and how it’s used before designing the proper privacy strategy. For example, some applications hold customer data while others hold employee data. And each has its own governance rules and regulations that must be considered in the data security strategy. 

There’s too much data to deal with effectively

With companies using an average of 1295 different cloud services alone, it would be a lot of work for IT teams to identify all the data silos, much less audit existing processes and structures and figure out a better way to secure the data, efficiently and securely. Not to mention trying to wrest the data out of the hands of each team or business unit, who feel deep ownership over that data and may be unwilling to relinquish their autonomy or authority. 

But there’s actually a way to deliver better company security and greater user insights with your data silos. Yes, seriously.  

Using data silos to unlock better enterprise security

The secret to better cybersecurity for your systems is to keep the data silos and use an identity data fabric to unify all this disparate data. RadiantOne Intelligent Identity Data Platform abstracts and transforms identity data across silos without the need to laboriously consolidate or decommission them. It handles decentralized data easily and securely, allowing you to create complete global profiles for users no matter where or how all this diverse data is stored. 

The identity data fabric “sits” between the data silos and the applications or systems that use the data. It unifies identity data across diverse protocols, identifies contextual relationships within your data, and makes it available via multiple protocols (such as LDAP, SQL, and web service APIs ) quickly and securely. Companies can use the identity data fabric to securely harness their existing identity data while seamlessly reducing friction for data consumers across your organization, allowing them to quickly view and search global user profiles to deliver enhanced security, build more targeted offerings, and enrich user experiences.

Be sure to continue the discussion in our next post!

Colorful strings in red, yellow, and blue are arranged diagonally and parallel across a white surface, creating a geometric and abstract pattern with intersecting lines.

Future-Proof Your Security Investments with an Identity Data Fabric

/in /by

Reading the news lately, it’s easy to see that businesses face a huge amount of cybersecurity risks. Hacks, breaches, data theft, stolen payment information, and ransomware all present major threats. Most businesses are aware of the risks they face and are willing to invest to address them. A 2021 report from Gartner says companies will spend $150 billion this year on tech-related security, a 12% increase from last year. Yet, businesses still face a huge secondary challenge: keeping all of these security investments working as intended, well into the future.

What companies need is a solution that does not depend on a specific configuration or technology architecture. An Identity Data Fabric—a key innovation from Radiant Logic—provides an always-on identity data unification layer, with room to accommodate each new investment or architecture shift as the company grows, evolves, and responds to ongoing changes. 

An Identity Data Fabric eliminates major hurdles for organizations with complex identity infrastructures built over time and successive waves of innovation.  By unifying identity across all sources, no matter the protocol, this foundational service helps companies be sure that the people accessing resources are who they say they are—not intruders looking for a free ride or hackers looking to compromise systems.

New Security Investments and Changes Can Break Existing IAM

We all know that digital technology is getting more complicated. Each new investment enlarges the tech ecosystem, creating new capabilities but also new potential security vulnerabilities. The rise of remote work and cloud-based service usage in the past couple years has brought these issues into sharper focus and highlighted the need for smart solutions that expand security in a fast and flexible manner—without creating yet another identity data silo. 

Businesses face additional challenges ensuring secure access for approved users—and approved users only. In many cases, each new tech investment can cause conflicts for existing identity data solutions and access management methods. This challenge is especially common after M&As, when two completely different architectures must somehow be woven together to allow appropriate access for stakeholders across the new entity.

Growing Use of Disciplines Creates IAM Complexity

On top of the challenges mentioned above, modern security architectures depend more and more upon an increasing number of cybersecurity disciplines. Identity governance (IGA) tools like Saviynt and privileged access (PAM) solutions like Beyond Trust all introduce new data requirements that must be accommodated. As complexity piles on top of complication, the promise of a simple, unified way to verify good users and reject bad ones drifts further out of reach.

Forcing users to log in a hundred different times a week to a hundred different services is not an option. Instead, businesses need a way to integrate the user experience and security mechanisms—and that starts by unifying identity data into a flexible, reusable identity data platform.

If identity data for multiple services sits in multiple repositories, the entire tech equation becomes increasingly challenging—and costly!—for IT to solve. Once more, they may end up relying on custom integrations or even more intermediary services just to make each piece of the architecture work as planned.

“Identity no longer refers to just people, increasingly, it’s also how things interrelate with other things, as well as people. All these context-rich relationships are the essence of digital transformation and enabling such a shift is all about creating an environment that’s responsive to change.” That’s what Radiant Logic wrote in a 2019 agile identity white paper drafted in collaboration with TechVision. It reflects the philosophy that the technology choices a business makes should free them up to focus on more possibilities, not constrain them by making security and IAM more difficult to maintain.

An Identity Data Fabric Adds Flexibility, Freeing Your Identity From Stack Solutions

The way forward for modern enterprises facing the challenges of complexity, cybersecurity risks, and constant change is to look to an identity service instead of a stack solution. Relying on RadiantOne puts the IAM work on one highly flexible pivot point. Organizations can unify all of their account profiles from dozens—even hundreds—of different services and platforms to establish one consistent identity throughout the organization. 

RadiantOne is also source-agnostic, bringing in identity data from stores all across the architecture with no need to manually connect each source through cumbersome custom coding. RadiantOne connects to data stores/services using a simple wizard-driven workflow and extracts metadata automatically, building a global data model and unifying identity into a logical source. It also synchronizes identity data stored on-prem, in the cloud, or in a hybrid manner across multiple architectures. Crucially, as new sources are added, they can be quickly included in the model, keeping user data exactly where it needs to be.

All identity data is gathered and unified into one single service that acts as an “Identity Data Fabric.” This fabric is made up of information gleaned from dozens (often hundreds or thousands) of fragmented identity sources to produce a consolidated view of each user. Through the power of virtualization, this unified view can be tailored to meet the needs of any IAM system or application, offering secure access to identity data in the precise format it requires, quickly and easily. This enables users to be authenticated, authorized, and ultimately have a seamless and secure experience across a number of systems—without costing the organization in terms of time and resources.  

It doesn’t matter how the identity data comes in or where it needs to be delivered, RadiantOne makes it fast and easy to establish a universally accessible global user profile enabling end users to securely gain access to the information and actions they need from each different service. This arrangement offers an incredibly high level of flexibility that does not need to be adjusted as new identity data repositories are created or new services are added.

Making IAM Work Simply and Seamlessly

Many tech investments can “lock in” enterprises. Once they purchase a solution, they feel forced to make certain decisions to justify that investment or to, yet again, rebuild their tech stack from the ground up to accommodate new needs. Even after all these efforts, massive holes in security can exist because of gaps in IAM’s abilities. Not great–and not necessary!

RadiantOne changes the game, allowing enterprises to make unconstrained decisions, choose the best technology solutions to meet their vision of the future–then stand up that solution quickly and securely so they get an immediate benefit for way less effort than the old gotta-hard-code-it way. After a major change, such as a huge digital transformation overhaul or an M&A, the business can avoid having to “rip and replace” just to make everything work again. Instead, access can be granted in a number of days, getting everyone back to work right away. The business can also complete big architecture projects, such as legacy directory modernization, on their own timeline and under budget using tools that sidestep common migration pitfalls. The possibilities are limitless!

Overall, an Identity Data Fabric doesn’t just make IT’s job easier—and less costly to the organization). It also gives organizations carte blanche to invest, without fear of being held back by their past decisions or their future ambitions. 

After all, transformative initiatives like moving to the cloud are all about blue skies and infinite possibilities. RadiantOne gives your whole team way less to worry about when they ask “what could the future hold for us?”

A person holds a vintage compass in their hand over a detailed map, surrounded by blurred outdoor foliage and sunlight.

From Static Directories to Context Servers

/in /by

Bonjour and welcome to the Radiant Logic blog!

My team and I will use this as a place to share ideas with you on directory virtualization, data services abstraction, and other topics, with a particular emphasis on identity and context. Now, you may have heard me talk about context before. You may have even thought to yourself, “context, context, it’s always context with this guy Michel.”

So what does digital identity have to do with context? And what does context have to do with directory virtualization? Well, if you’ll bear with me for a little detour through the world of directories, I think it will all begin to come into focus.

Directories: Plateau, Legacy…and Renaissance?

After a period of high excitement and fast adoption, directories (by that I mean essentially LDAP directories or their equivalent) have reached a plateau phase. Technically, there’s not much happening and to some extent they’re now legacy. At least, that’s what conventional wisdom would have you believe.

In fact, it’s the issues facing the current directories (and the whole data service layer, really)—things like difficult integrations and lack of flexibility—that have driven the trend toward virtualization. I’d compare it to the evolution of OS virtualization. In the beginning, IBM virtualization on mainframe and then VMware and other virtualization layers, was just about abstracting the low level hardware/devices, so that one legacy operating system would coexist with another. As progress was made, better understanding of this virtualization layer brought about the current craze of server abstraction and the move toward “elastic” and cloud computing.

Linking Identity and Context

I believe that data services virtualization, particularly directory virtualization, will provide another layer of abstraction, a key service that enables a common representation of not only objects, but also their relationships. Not only objects as isolated nouns, but objects forming sentences, organized in relevant context describing the business processes, the myriad of contexts buried in our applications and data silos. The impact in terms of security and identity management would be immediate, but I believe the scope could be a lot larger. It’s about linking identities with the vital context surrounding them.

This is a big topic, and one I’ll be developing here over more posts. I’ll also be considering other questions relevant to the future of identity, security, and data integration, such as:

  • Why do we need directories in the first place?
  • What can we still learn from the directories, or any supposedly “outmoded” hierarchical structure (XML, XML databases, file system, etc…)? Why do we keep reinventing them!?
  • What is the role of data service virtualization, and why is it a lot larger than the current narrow definition of a virtual directory? 
  • Why do we need a context layer, a service that could be a key requirement for an efficient, smart, and secure service-oriented architecture?
  • And of course, we’ll have to address the usual suspects: speed, scalability, flexibility, and security.

Thanks for reading, and please feel free to join the conversation.

A car salesperson in a blue suit shows a tablet to a smiling man and woman standing beside a car in a bright showroom.

Good Digital Customer Care Requires Identity Unification

/in /by

Knowing your customer is the foundation of customer identity and access management, or CIAM.

Digital interactions are now at the forefront of the customer service experience. Mobile and web applications have become a primary customer touchpoint. All-digital journeys are now commonplace, and even traditional brick-and-mortar settings like retail and restaurants have prominent digital business lines.

Simply put: digital experiences are now everything, from both the customer and business perspective. Yet, digital proliferation has created enormous customer challenges for sizable enterprises, especially those not considered “digital natives.” With so many different digital experiences in place, each with its own backend configurations, sharing identity data consistently across all channels has been difficult, if not impossible. Failing to solve the challenge means friction and frustration along the customer journey. From a customer standpoint, it can feel like the business’s digital investments have been poorly executed, or that the brand simply doesn’t know them at all.

On the other end of the spectrum, businesses able to maintain consistent service across all channels are seen as delivering on their promises. Providing high-quality digital experiences differentiates these businesses, helping them win new business from competitors while improving the loyalty and retention of existing customers. The trick is to know your customer—wherever they’re at on their journey and no matter what channel or app they’re using to reach you. Knowing your customer is the foundation of customer identity and access management, or CIAM.

Why CIAM Matters So Much Now

Imagine making an appointment to buy a car at a dealership, only to have ten different people confirm your appointment before you even arrive. Annoying! Then, once you’re at the dealership, they bring the wrong make and model for you to test drive. What gives!? This experience is similar to how customers might feel when they encounter a business that hasn’t mastered the art of CIAM.

CIAM used to mean a limited customer account system offered as an online service, such as online banking or an online insurance application. Those days are over! With the rise of digital transformation initiatives, companies now have potentially dozens of these different offerings across various internal systems, cloud-hosted services, and customer-facing digital applications. It’s big business, and the stakes are high.

To really amp up the difficulty level, each channel might have its own unique identifier for a single individual customer: Jill Brown in source A, Jillian Ann Brown in source B, and Jillian Brown-Wilde in source C. These are all the same person, but your systems will never get it right without some help. In order for the customer journey to be seamless across channels, you need a way to connect all these representations of a single customer so you know exactly who you’re targeting, no matter how that person is represented across systems. We call this identification, and it’s key to authenticating our old friend, Jill.

But the fun does not stop there. To really know your customer, you also need to gather every other bit of user data about them from across all these disparate sources. Useful things like: location, previous purchases, daily coffee order, shoe size, frequent travel destinations, usual car make, preferred color. (Oh, hey, those last two could really come in handy for our car dealership!) Having access to all these user attributes is how we build a global profile for each user, to help you decide what they are allowed to access. This is how we make fine-grained authorization decisions, because the more you know, the better!

Trillions at Stake in Every Industry

Managing a single customer identity across multiple different silos is a challenge, but it is one businesses must be prepared to clear in an increasingly digital economy. In fact, 88% of online consumers state that they are less likely to return to a particular website or digital channel after a single bad experience, according to research from Amazon Web Services. The report calculated that an estimated $1.4 trillion in revenues is lost each year as a result of this problem. That’s trillion with a T!

As digital experiences become more widespread, the risk of bad customer experiences increases tenfold for major enterprises. To keep digital customers, the business must pay close attention to key details of their customer journey. That definitely includes how that journey moves smoothly across internal company silos.

If the enterprise is able to maintain a single overarching view of each customer’s identity, with attributes drawn from across the infrastructure, they can deliver an impressively seamless customer experience across all business lines and business touchpoints. Part of this challenge involves intelligent systems integration, but even once systems are logically integrated, customer identity data must be able to flow freely and appropriately across these silos. Customers need one consistent identity across all systems, with no unnecessary duplicates, and all identity and access data integrated into a single virtualized repository.

Consider, too, that these days digital experiences have begun to trickle into realms such as dining, groceries, and in-person retail. Curbside pickup, freelance delivery services, and online ordering all act as facets of the customer journey from their perspective—but potential pain points for businesses if they lack a way to comprehensively manage and share identity data across many different systems.

Improving Customer Service Through Improved CIAM

Despite everyone and everything using digital technologies these days, many enterprises simply have not caught up their capabilities in order to meet modern expectations.

It’s similar to people at a dealership not bothering to communicate to set up a simple test drive appointment, but with a business’s entire digital ecosystem not communicating as it should.

“Customers who run into difficulties don’t see the complex challenges behind CIAM. They simply have one reaction: Why do I have to help this person do their job?”

Without a system capable of de-siloing customer information and smoothly managing access and identity across multiple silos, customers may find themselves asking this question again and again. The fact that a channel is completely digital does not act as an excuse to customer frustration. They will simply wonder “Who messed this system up so badly?”, once again associating their experience with the brand itself rather than the challenges of modern technology.

A 2020 report on digital customer experiences conducted by Microsoft found:

  • 90% of respondents indicated that customer service is important to their choice of and loyalty to a brand.
  • Nearly two-thirds (58%) of consumers will sever a relationship with a business due to poor customer service.
  • The majority of customers continue to use 3 to 5 channels to get their issues resolved.
  • A true omnichannel experience threads the customer profile and history across the channel landscape.
  • To create a positive customer experience, organizations must understand customer behaviors, preferences, and expectations.

Many modern businesses interpret that last point to mean they need customer personalization, which involves making educated guesses as to what a customer might want or need next using machine learning algorithms. However, an even more crucial point is remembering what a customer has already told you.

Being able to associate specific business lines or types of purchases with an account across siloed systems enables a business to cater specifically to what the customer comes to that business to find. On the backend, this means quickly aggregating all important transactions, business line accounts, or recent historical customer actions in one convenient view, both for the customer’s sake and to help any internal representatives to make targeted recommendations and offer better support.

From the customer standpoint, customer interactions can be made smoother by giving employees instant access to the most pertinent account information without having to force the customer to confirm key details or recount them one-by-one to an employee.
Both forms of identity unification—backend and front end—contribute to a seamless and positive customer service experience that achieves consistent quality across all channels.

CIAM Can Help Businesses Earn—and Keep—More Customers

CIAM-derived frustrations can be the proverbial nail in the coffin for a business relationship, new or long-standing. Consider that a report from American Express found that over half of U.S. consumers would back out of a transaction after a poor customer service experience. They will tell, on average, 15 other people about their poor experience.

Globally, according to the report, the most important factor in customer service was speed. That can encompass the speed of resolving a customer service issue but also the speed required to complete a simple transaction. Any delays in customer service or frustrations encountered during the experience will become more ammo against the brand in the minds of the customer.

Identity is, therefore, one of the key aspects of the customer journey to get right, especially as more business activities become folded into digital systems and experiences. The risk is that, with each new system comes new repositories of identity data. Organizations need a comprehensive way of recognizing a single distinct identity across these systems while sharing the needed information to provide a seamless omnichannel experience. If this data sits in silos, customers face redundant authentication requests, miscommunications between channels, and bumps along their journey that all encourage churn.

Customers have two simple demands: “Know who I am, and don’t waste my time.” By providing them with excellent service, enabled in large part through capable CIAM, you can fulfill and exceed these expectations. The bottom line is that customers don’t know what’s happening behind the scenes, nor should they have to wonder. All they want is for things to work!

© 2026 Radiant Logic, Inc. All Rights Reserved. | Privacy Policy