Imagine being able to manage hundreds of millions of IDs and process billions of logins and other transactions per day. That’s what you can achieve for your organization by using consumer identity and access management, or CIAM. At the same time, your users can manage their data themselves by having a CIAM system ready to handle their needs and demands.

Among the four building blocks of CIAM, the Manage element occurs after Capture and Engage and ahead of Admin. During Manage, your users — the owners of their IDs — enjoy secured access to their own profile management options, while you get compliance and insight into the data they share. As an added benefit, you can easily scale handling these ID protocols while maintaining compliance with performance standards.

What Your Users Get

Your users want transparency and convenience as they enter their personal data into their online profiles. This approach applies regardless of whether they’re signing up for goods, services, events, campaigns, newsletters or other offerings. That’s why the Manage stage of CIAM focuses on these features.

The Manage process enables your consumers to access and instantly modify attributes, preferences and consent for their IDs. It begins after they engage with you and accept your terms of usage. This building block allows your users to determine their level of self-service and self-governance in their time with you, including but not limited to the following options:

  • They can choose to edit, export or even delete their profiles.
  • They can choose the level of consent to provide in relation to the data they’ve given and its usage. For example, they have the ability to opt-in or opt-out of receiving regular messages from your brand.
  • They can add personal facts, such as their email addresses or phone numbers.
  • They can modify security preferences, such as password reset and management of their own devices for multifactor authentication. The latter function helps make the transfer of those preferences easier when getting a new smartphone, making it more convenient.

Profile management allows your users to handle how they want to present themselves to you as your customer. For best results, consumers should have access to all the content they’ve provided to you in this building block at all times.

Your users want to feel in control. Manage is the building block that gives them this chance.

What You Get: Data Privacy and CIAM

Although focused on your users, the Manage CIAM building block also empowers you and your business in several ways. One benefit is compliance by obtaining and tracking their data privacy consent and adapting to new industry and government needs. Examples of the latter include General Data Protection Regulation when doing business in the European Union, and the California Consumer Privacy Act when doing business in the states.

This building block provides you with a history of users’ actions and communication and security preferences. You can also establish management of devices and relations of your users, including allowing parents to limit access to the profiles of their children.

Along the same lines, remember that multiple people within the same household can use the same device and expect to access their profiles easily without security being compromised. In these cases, you need one-to-many and many-to-many management schemes. These can allow for account switching, parental governance, Internet of Things relations and federated access.

In addition, with the Manage step of CIAM, you can determine how often users can update their profiles and modify other profile data. Because it can do all of this, this process is ideal for line-of-business managers and developers to incorporate into their business flows when setting up their CIAM systems.

Key CIAM Questions to Consider When Establishing Manage

Allowing your users to determine what information they will share with you can be a tricky proposition. Ask what they consider are too many or too personal questions and they might stop filling out their profiles. At the same time, if you have too few fields available, your visibility into your users can feel limited.

When determining how to best use Manage and CIAM in your organization, it’s recommended that you ask yourself these questions:

  • How do users get to manage their consent?
  • Is there a way for them to remove their accounts? When that event occurs, will all data be deleted from all systems?
  • How can users make changes to their profile and information?
  • What data is being captured and what will it be used for? Can and should that use of data change over time?
  • How can your organization minimize the data request to ensure only relevant information is requested?

The answers can determine how successful your interactions are with your users. If you’re encountering retention problems or reluctance to fill out optional areas, you might want to modify what details you solicit from your consumers and how you obtain that information.

The Manage building block is essential to establish and maintain trust with your users and achieve ROI as a result. The goal is to be fully open about what data you capture from users and know how you’re engaging with your customers.

While Manage offers many great advantages to you and your users, to complete the CIAM cycle you should follow up with Admin. We’ll discuss that final building block for CIAM in a future blog.

Register to read more

More from Intelligence & Analytics

BlackCat (ALPHV) Ransomware Levels Up for Stealth, Speed and Exfiltration

9 min read - This blog was made possible through contributions from Kat Metrick, Kevin Henson, Agnes Ramos-Beauchamp, Thanassis Diogos, Diego Matos Martins and Joseph Spero. BlackCat ransomware, which was among the top ransomware families observed by IBM Security X-Force in 2022, according to the 2023 X-Force Threat Intelligence Index, continues to wreak havoc across organizations globally this year. BlackCat (a.k.a. ALPHV) ransomware affiliates' more recent attacks include targeting organizations in the healthcare, government, education, manufacturing and hospitality sectors. Reportedly, several of these incidents resulted…

9 min read

Despite Tech Layoffs, Cybersecurity Positions are Hiring

4 min read - It’s easy to read today’s headlines and think that now isn’t the best time to look for a job in the tech industry. However, that’s not necessarily true. When you read deeper into the stories and numbers, cybersecurity positions are still very much in demand. Cybersecurity professionals are landing jobs every day, and IT professionals from other roles may be able to transfer their skills into cybersecurity relatively easily. As cybersecurity continues to remain a top business priority, organizations will…

4 min read

79% of Cyber Pros Make Decisions Without Threat Intelligence

4 min read - In a recent report, 79% of security pros say they make decisions without adversary insights “at least the majority of the time.” Why aren’t companies effectively leveraging threat intelligence? And does the C-Suite know this is going on? It’s not unusual for attackers to stay concealed within an organization’s computer systems for extended periods of time. And if their methods and behavioral patterns are unfamiliar, they can cause significant harm before the security team even realizes a breach has occurred.…

4 min read

Why People Skills Matter as Much as Industry Experience

4 min read - As the project manager at a large tech company, I always went to Jim when I needed help. While others on my team had more technical expertise, Jim was easy to work with. He explained technical concepts in a way anyone could understand and patiently answered my seemingly endless questions. We spent many hours collaborating and brainstorming ideas about product features as well as new processes for the team. But Jim was especially valuable when I needed help with other…

4 min read