Cloud IAM Scenarios in Retail, Academia and Finance: Three Tips From an IDaaS Expert

The demand for identity and access management-as-a-service (IDaaS) is expanding into every industry. Below we look at how retailers, universities and financial institutions can benefit from adopting cloud for their IAM needs.

User Self-Service With IDaaS

Envision B2C scenarios like online retail to customer, university to student or retail banking to account holder: Users come and go, and user management can quickly become burdensome, especially in traditional identity and access management (IAM) environments.

Managing millions of customer identities is a different scale of problem than managing thousands of employee IDs. Most on-premises, internally focused IAM systems are short on self-service and still require manual activity for workflow, approvals and implementation of changes. Automating that activity takes time and money.

Additionally, customers use their own devices, which are outside your control. Providing simple self-service is critical to keeping costs down. Enterprise-grade cloud IAM makes it easy because the automation and self-service are ready to use.

Expert Tip: Judge Wisely

Judge wisely when choosing a cloud-based IAM vendor for self-service functionality. Most lack depth in this capability, so look for IDaaS with self-service tools that support multiple languages and/or user populations for registration, password resets, username recovery, profile management, delegated user management, access requests and approvals, and recertification approvals.

Federation Simplified

Industries can also benefit from the rapid federation achieved through cloud IAM. Retailers, educators and banks can rapidly and inexpensively federate with other identity providers, vendors and suppliers, avoiding the need to create and maintain in-house IDs.

Users often find this easier and preferable because they are able to log in with their existing credentials or even their social identities. Supply chain processes and identity management policies that have dogged many organizations for years can be simplified.

On the customer service side, organizations can similarly allow their customers to log in with third-party credentials, such as Google or Facebook IDs.

Expert Tip: Don’t Be a System Integrator

Most vendors playing in the IDaaS space only offer federated single sign-on (SSO) along with a few other shallow IAM features. Remember, choosing these one-off products will force you into the dreaded role of system integrator. Choosing a single IDaaS solution for all of your IAM needs will end up costing you less time and money in the long run.

Instant Scalability

Another key cost benefit for B2C organizations is peak usage flexibility. Businesses can scale up for a peak season, such as the holiday selling season in retail, and then back down, quickly onboarding and then offboarding thousands of staffers without adding resources (servers, software, staff, etc.).

This instant scalability also applies to adding or removing applications while maintaining SSO and a single user experience seamlessly across platforms.

Expert Tip: An On/Off Switch Is Key

The ability to turn premium IAM features on and off should be a part of your IDaaS selection criteria. Doing so will give you the ability to respond immediately to profit-driven business requests, expand organizationally without added costs and achieve a competitive advantage when opportunities develop.

Cloud-based user self-service, identity federation and on-demand IAM features are only a few ways organizations in the retail, education, automotive, industrial, health care and financial industries can benefit from IDaaS.

Create My Customized IAM Assessment

Share this Article:
Charles Carrington

Associate Partner, IBM

Charles Carrington has worked in Security, focusing on IAM, for over 20 years. He is a published author (on directories). Mr. Carrington's work is in the field and practical, focusing on customer delivery, solution design and problem resolution for large scale IAM programs. He managed the IBM's US IAM delivery team for several years and he was heavily involved in IBM's Cloud Identity Services for the last four years. Carrington is currently part of IBM's Global Security practice, managing IBM's IAM delivery in Latin America.