Lacking common practices and patterns, identity professionals have applied tried-and-true enterprise-centric techniques to their customer-centric use cases. This is a mistake. Customer Identity is significantly different from Employee Identity. This talk walks through some of those difference.
No Person is an Island: How Relationships Make Things BetterIan Glazer
My slides from Defrag in which I discuss how relationships and identity relationship management can improve interactions with customers and rehumanize our digital world. These make much more sense if you read the speech here: http://wp.me/p4ro7X-2ux
Learn more about the key metrics you'll need to monitor and tactics to implement to ensure the world's biggest search engine starts 'loving' your business.
Self-Service: The Golden Ticket for a Personalized Customer ExperienceDesk
In this guide, you’ll learn how self-service can lower costs, improve productivity, and lead to a more personalized and profitable customer experience. From setting goals to measuring your results, discover industry-proven steps to using self-service successfully in your own organization.
Taking a page from the work that Kim did with “The Laws of Identity,” I wanted to provide the starting point for the community to build a similar set of design constraints and considerations for relationships and relationship management technologies. Our current IAM methods will be insufficient in a near future in which we are dealing with an unreasonable number of people and things and the relationships between them. At the IRM Summit, I’ll be presenting a strawman set of laws for relationships to help us think about this coming future. To that end, here is a preview of the laws (and axioms and attributes) of relationships.
No Person is an Island: How Relationships Make Things BetterIan Glazer
My slides from Defrag in which I discuss how relationships and identity relationship management can improve interactions with customers and rehumanize our digital world. These make much more sense if you read the speech here: http://wp.me/p4ro7X-2ux
Learn more about the key metrics you'll need to monitor and tactics to implement to ensure the world's biggest search engine starts 'loving' your business.
Self-Service: The Golden Ticket for a Personalized Customer ExperienceDesk
In this guide, you’ll learn how self-service can lower costs, improve productivity, and lead to a more personalized and profitable customer experience. From setting goals to measuring your results, discover industry-proven steps to using self-service successfully in your own organization.
Taking a page from the work that Kim did with “The Laws of Identity,” I wanted to provide the starting point for the community to build a similar set of design constraints and considerations for relationships and relationship management technologies. Our current IAM methods will be insufficient in a near future in which we are dealing with an unreasonable number of people and things and the relationships between them. At the IRM Summit, I’ll be presenting a strawman set of laws for relationships to help us think about this coming future. To that end, here is a preview of the laws (and axioms and attributes) of relationships.
8 Issues Preventing Connected Customers From Doing Business with YouFive9
Discover and learn how to address the 8 issues preventing connected customers from doing business with you. Watch the full webinar recording here: http://bit.ly/1qaPh5Q
Beyond CRM - Collabor's Customer Engagement & Insights SoftwareCollabor Inc.
This presentation gives an overview of how Collabor's clients use the SaaS software to better understand, engage, manage and grow their existing client base.
Public cloud Identity-as-a-Service (IDaaS) providers are not immune to data breaches. IDaaS companies will live and die by their appetite for innovation and speed to market.
CIS14: Identity at Scale: Building from the Ground UpCloudIDSummit
Anthony Randall, Monsanto
A discussion of the concept of large-scale engineering of millions of customer identities combined with many applications and partners, identity information engineering, and thoughts about how to better to mesh the internal IT landscape to improve identity services, user support and user experience.
Libra OnDemand LLC is a leading Software-as-a-Service (SaaS) provider of hospitality solutions natively built using Cloud technologies. The comprehensive Libra OnDemand Hospitality Management System provides a suite of affordable, easy to use, web-based applications: CRM & Email Marketing; Concierge Desk; Sales, Groups & Events; and, Loyalty & Rewards. Additionally, Libra Portals offers Libra Customer Portal (custom designed, consumer-facing websites) and Libra HMS Portal (mobile device accessible, employee collaboration tools).
How to Stay on Top of Users' Identities and their Access RightsIvanti
With the widespread adoption of cloud services and mobile devices, today’s modern IT environment has experienced rapid change. Your users now need access to dozens of applications to do their jobs from day one. Onboarding users has become more complex and time-consuming for IT, especially if undertaken manually. And when users leave or change roles, deprovisioning access to applications is often last on the list of tasks or slips through cracks completely.
How do you give an increasingly diverse and mobile group of users, access to the applications they need and stop them circumnavigating IT to get what they want? To keep your users productive, the best solution is a policy-driven identity and access management (IAM) system to ensure they are accurately identified from day one and to automatically remove access when a user leaves. By providing access to only the systems, applications and data your users need you also reduce the attack vector, common when users have more entitlement than required.
Pluto7 - Tableau Webinar on enabling Organization to be Data Driven in 201...Manju Devadas
Big Data and BI initiatives needs a holistic strategy and execution. The content walks through how an organization became data driven in less than 6 months with Tableau, Alteryx, Splunk and traditional BI enabled by Pluto7 ( www.pluto7.com )
CRM Options for Enterprise Nonprofits - Blackbaud CRM SolutionsHeller Consulting
Watch the webinar here:
http://teamheller.com/webinar-blackbaud-crm-options/
For over 30 years, Blackbaud’s CRM solutions have helped nonprofit organizations raise more money and build lifelong support with their constituents. If fact, with over 28,000 active clients, Blackbaud is a household name, with few in the nonprofit industry who haven’t worked with one or more of their products. In this presentation, nonprofit experts from Blackbaud will join Heller Consulting in a free webinar to share their solutions designed to power social good.
This is our third webinar in the “CRM Options for Enterprise Nonprofits” series. In this session, the Blackbaud team will outline the unique features and outcomes capabilities of their suite of CRM, engagement, fundraising tools.
Keith Heller, founder and Chief Strategist of Heller Consulting, will also share insights on CRM best practices for enterprise nonprofits based on his 20 years of advising and leading organizations on their CRM journey.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
More Related Content
Similar to Stop treating your customers like your employees
8 Issues Preventing Connected Customers From Doing Business with YouFive9
Discover and learn how to address the 8 issues preventing connected customers from doing business with you. Watch the full webinar recording here: http://bit.ly/1qaPh5Q
Beyond CRM - Collabor's Customer Engagement & Insights SoftwareCollabor Inc.
This presentation gives an overview of how Collabor's clients use the SaaS software to better understand, engage, manage and grow their existing client base.
Public cloud Identity-as-a-Service (IDaaS) providers are not immune to data breaches. IDaaS companies will live and die by their appetite for innovation and speed to market.
CIS14: Identity at Scale: Building from the Ground UpCloudIDSummit
Anthony Randall, Monsanto
A discussion of the concept of large-scale engineering of millions of customer identities combined with many applications and partners, identity information engineering, and thoughts about how to better to mesh the internal IT landscape to improve identity services, user support and user experience.
Libra OnDemand LLC is a leading Software-as-a-Service (SaaS) provider of hospitality solutions natively built using Cloud technologies. The comprehensive Libra OnDemand Hospitality Management System provides a suite of affordable, easy to use, web-based applications: CRM & Email Marketing; Concierge Desk; Sales, Groups & Events; and, Loyalty & Rewards. Additionally, Libra Portals offers Libra Customer Portal (custom designed, consumer-facing websites) and Libra HMS Portal (mobile device accessible, employee collaboration tools).
How to Stay on Top of Users' Identities and their Access RightsIvanti
With the widespread adoption of cloud services and mobile devices, today’s modern IT environment has experienced rapid change. Your users now need access to dozens of applications to do their jobs from day one. Onboarding users has become more complex and time-consuming for IT, especially if undertaken manually. And when users leave or change roles, deprovisioning access to applications is often last on the list of tasks or slips through cracks completely.
How do you give an increasingly diverse and mobile group of users, access to the applications they need and stop them circumnavigating IT to get what they want? To keep your users productive, the best solution is a policy-driven identity and access management (IAM) system to ensure they are accurately identified from day one and to automatically remove access when a user leaves. By providing access to only the systems, applications and data your users need you also reduce the attack vector, common when users have more entitlement than required.
Pluto7 - Tableau Webinar on enabling Organization to be Data Driven in 201...Manju Devadas
Big Data and BI initiatives needs a holistic strategy and execution. The content walks through how an organization became data driven in less than 6 months with Tableau, Alteryx, Splunk and traditional BI enabled by Pluto7 ( www.pluto7.com )
CRM Options for Enterprise Nonprofits - Blackbaud CRM SolutionsHeller Consulting
Watch the webinar here:
http://teamheller.com/webinar-blackbaud-crm-options/
For over 30 years, Blackbaud’s CRM solutions have helped nonprofit organizations raise more money and build lifelong support with their constituents. If fact, with over 28,000 active clients, Blackbaud is a household name, with few in the nonprofit industry who haven’t worked with one or more of their products. In this presentation, nonprofit experts from Blackbaud will join Heller Consulting in a free webinar to share their solutions designed to power social good.
This is our third webinar in the “CRM Options for Enterprise Nonprofits” series. In this session, the Blackbaud team will outline the unique features and outcomes capabilities of their suite of CRM, engagement, fundraising tools.
Keith Heller, founder and Chief Strategist of Heller Consulting, will also share insights on CRM best practices for enterprise nonprofits based on his 20 years of advising and leading organizations on their CRM journey.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Full-RAG: A modern architecture for hyper-personalizationZilliz
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
48. Identity World View
Identity is at the core of every interaction
Connected
Customers
Connected
Employees
Connected
Partners
Connected
Products
User Name
Password
Login
49. Business World View
Customer is at the core of every interaction
Delighted
Customers
Connected
Employees
Connected
Partners
Connected
Products
User Name
Password
Login
52. Cross-Channel
YOUR CONTENT HERE
Just change the background layer
(right-click > arrange)
Don’t have an
account?
Forgot your
password?
Mobile Web API
61. IAM
Techniques
Employee-
Centric IAM
• Traditional
• Organization is
owner & authority
• Lots of User
Provisioning
• Web Access
Management plus
some federation
Customer-
Centric IAM
• Modern
• Individual is owner;
no single authority
• Profile
Management
• Federation and
social sign-on
63. Employee-Centric Technologies Customer-centric
HR(s) System of Record
User Provisioning
Directory Synchronization
Pushing Attributes
Attribute Management and
Propagation
Most legacy systems
Reducing to Active Directory
Islands of Identity
Proprietary WAM for legacy
Federation for newer apps & SaaS Single Sign-On
Common
Mobile Device
Management
Implied in employer/employee
relationship Consent
64. Employee-Centric Technologies Customer-centric
HR(s) System of Record
Internal: CRM and LOB databases
External: Social Providers, Banks,
Universities, Governments, etc
User Provisioning
Directory Synchronization
Pushing Attributes
Attribute Management and
propagation
Profile Management
Lookup at time of use and JIT
Pulling attributes
Most legacy systems
Reducing to Active Directory
Islands of Identity
Legacy systems but federation-
ready apps increasing
Proprietary WAM for legacy
Federation for newer apps & SaaS Single Sign-On
Standards-based federation
Some proprietary social providers
Common
Mobile Device
Management
Uncommon, if not forbidden
Implied in employer/employee
relationship Consent
Must be gathered and adhered to
consistently
76. HR used to provide the privacy coverage Identity need
Internal-facing identity system are rarely subject to Privacy Impact Assessment
Customer identity requires:
• Data retention and protection
• Persistence and respect of privacy preferences
• Attribute release consent management
Previously ignored privacy challenges
82. Broker social login to content
portals and other 3rd party
properties
Ability add and protect attributes
passed to other platforms
Ability to pass entitlements
OpenID Connect unlocks many
doors
• But there’s plenty of
proprietary too
Security Token Services
• SAML
• OAuth 2.0
• OpenID Connect
• Proprietary
Federation
Social Provider
Connectivity
Protocol Brokering
Federation
83. • Automated – via a social
provider or directory service
• Manual – Self-service sign-up
• Consistent branding control
throughout
Self-service control over:
• Social providers can be used
• Apps can access data
• Attributes can be used
• Marketing preferences
• Manual - Mechanisms to ask
the user for a little more data
• Automated – data verification
and record enhancement
Registration Services Profile Management Profile Enhancement
User Profile Management
84. Techniques to raise identity assurance
2nd Factors:
• Can work but user experience suffers
• Adaptive access control must play a roll here
• Ideally this is recognition’s territory
Plugins for different proofing providers
• Often based on geography
Two modes:
• Asynchronous for offline proofing
• Synchronous for user quizzes
• But mind the user experience
Integration with internal proofing sources
Assurance and Proofing
Identity Assurance Identity Proofing
85. Service providers have to be
better neighbors
Follow Finance model of FS-ISAC
Teams to help people get their
accounts back
Part of expected customer service
Attribute release consent from the
social provider isn’t sufficient
Service Provider should provide
generic consent management
layer
Shared Signals
Account Take-Over
Response
Consent Management
IAM-like components
Not core traditional IAM services
86. Meaningful integration designed
to create 360° view of the
customer
• Sales
• Service
• Marketing
• eCommerce
• Content Management
Conversion rates
Segmentation
Usage via Channel
Behavior analysis to fuel
marketing, service, sales, and
recognition
Encryption and Tokenization
“Who access what data and what
were the values at that time?”
• Think DAM for customer data
Integration Analytics Information Protection
Non-IAM Components
Peer services
94. IAM
Techniques
Employee-
Centric IAM
• Traditional
• Organization is
owner & authority
• Lots of User
Provisioning
• Web Access
Management plus
some federation
Customer-
Centric IAM
• Modern
• Individual is owner;
no single authority
• Profile
Management
• Federation and
social sign-on
When it comes to identity services for customers, consumers, citizens our industry doesn’t have the same maturity. There is a great deal of innovation in this area to be sure. In pursuit of external identity this industry has created notions of user-centric identity and personal data stores – all great achievements. But there is not a lot in the way of common patterns or practices. To serve our citizens and our customers we need to deliver the right experience to the right person at the right time and in the right place.
And we have to serve an entirely new set of stakeholders within the business. We have to deliver an experience to a connected fridge or an iBeacon as well as an app.
And we have to do so on behalf of sales, marketing, or alumni affairs.
In the absence of best practices, as an industry, we have defaulted to using what we know works for employees on our customers. “Please continue to hold…” And this is a little sad, but not surprising.
External identity management, customer identity management, consumer identity management – call it what you will. It is a growth opportunity for the business as well as identity professionals. It is an opportunity to deliver services to our citizens like we have never done so before. It is an opportunity to delight the most important thing that every organization in every industry has – it’s customers. And it is an opportunity we cannot, must not squander.
External identity is IAM’s killer app. After years of search we have found it! External identity is the “email” of IAM. It transforms us identity professionals into business enablers and that is tremendously exciting.
However, IAM isn’t the star of the external identity show. Much in the same way that TCP/IP isn’t the star of the Web, IAM isn’t the start of this new opportunity. IAM can help support it but IAM isn’t the entire solution.
It is an opportunity to delight the most important thing that every organization in every industry has – it’s customers. And it is an opportunity we cannot, must not squander.
Every part of the business gets an accurate current picture of the customer
Baby-steps towards recognition
The first one to form a relationship will win
If you don’t, your competitor will
External identity is IAM’s killer app. After years of search we have found it! It’s our “email.”
However, IAM isn’t the star of the external identity show. Much in the same way that TCP/IP isn’t the star of the Web, IAM isn’t the start of this new opportunity. IAM can help support it but IAM isn’t the entire solution.
From an identity professional’s view of the world, identity is the center of every interaction. But from the business’ point of view the customer is the center of every interaction. In order to serve that customer best we need a complete picture of them. This picture needs to be cross-channel, cross-business function, and cross-organization.
We might be tempted to think of cross-channel as web, mobile, and API, but it is more than that. In a non-IT-centric setting, cross-channel includes things such as brick and mortar sales and points of presence, social listening, and call centers.
In order to fully address the business, each business function must be able to share a complete picture of the customer. This means that sales, service, product, marketing, everyone has to be on the same page as to who is the customer and how do we delight them.
And we need to share that picture across multiple organizations. Our partners extend our brand and extend our services. Sharing, with customer’s permission, the picture of the customer across organizational boundaries improves service. Consider when a service professional comes to your house to repair your hot water heater. They already know what model heater you have. They are up to date on how to repair it. They also know the service history of the unit. This can only happen when the water heater’s manufacturer and the service company work in concert to delight the customer
But from the business’ point of view the customer is the center of every interaction. In order to serve that customer best we need a complete picture of them. This picture needs to be cross-channel, cross-business function, and cross-organization.
We might be tempted to think of cross-channel as web, mobile, and API, but it is more than that. In a non-IT-centric setting, cross-channel includes things such as brick and mortar sales and points of presence, social listening, and call centers.
We might be tempted to think of cross-channel as web, mobile, and API, but it is more than that. In a non-IT-centric setting, cross-channel includes things such as brick and mortar sales and points of presence, social listening, and call centers.
Consistent view across multiple touch points
Consistent experience across multiple parts of the organization
Salesforce as system of record for “customer”
Reduced identity integration
In order to fully address the business, each business function must be able to share a complete picture of the customer. This means that sales, service, product, marketing, everyone has to be on the same page as to who is the customer and how do we delight them.
And we need to share that picture across multiple organizations. Our partners extend our brand and extend our services. Sharing, with customer’s permission, the picture of the customer across organizational boundaries improves service. Consider when a service professional comes to your house to repair your hot water heater. They already know what model heater you have. They are up to date on how to repair it. They also know the service history of the unit. This can only happen when the water heater’s manufacturer and the service company work in concert to delight the customer
There is a wide spectrum of approaches to identity management. On one end of the spectrum you have employee-centric identity. It is traditional. The enterprise owns the identities in this world and furthermore the enterprise is authoritative for those identities. There’s a lot of user provisioning as well as web access management, which an increasing amount of federation. At the other end of the spectrum is customer identity. It requires a modern approach to identity management. In this setting, the individual owns their identity and there is no singular authority for that identity. We observe profile management instead of user provisioning. There is a lot of federation and social sign-on as well.
Put simply, the techniques and tricks we have used to serve our employees are not the same ones that are needed for customer identity.
THIS IS A TABLE TO BE RENDERED IN THE SLIDE. Looking a bit deeper at enterprise-centric identity we see that the system of record is HR. Often this really means multiple HR systems of record but you get the idea. In terms of attribute management and propagation, user provisioning and directory synchronization of various forms is employed. We tend to find islands of identity in our legacy systems but we are getting down to one large identity continent – AD. In terms of SSO, often proprietary WAM-based approaches are used with an increasing amount of federation thrown in, especially for access to modern apps and SaaS. Mobile device management is common and consent is inherent implied in the relationship between employer and employee.
Customer-centric identity is different. We find that the systems of record are CRM and major line-of-business databases. And those are just the internal systems of record. There are also the external systems of record that include social providers, banks, universities, governments and the like. Attribute propagation is handled by user profile management and lookup at the time of use. We still see islands of identity, especially in legacy applications, but thankfully fewer as apps are built federation-ready. In terms of SSO, we see identity standards-based federation and with a bit of proprietary from the social providers. Mobile device management is uncommon if not forbidden. And lastly, consent must be gathered from the user and adhered to consistently.
But it isn’t just the different in technology and approaches that makes customer identity different from employee identity. We see different lifecycles as well. Where Join, Move, Leave has served employee-centric identity well. But in customer identity we observe different lifecycles: transaction value progression and access path progression.
As the relationship grows more valuable the need for stronger identity grows. To be clear a valuable relationship isn’t necessarily one in which money is changing hands. My relationship to my local government is extremely valuable. My relationship to my university is extremely valuable. What we tend to find is that people move from being an anonymous user on a web site or app to a pseudonymous user, relying on social providers as a way to log in. Eventually the organization turns those pseudonymous users into ones that have been proofed and vetted. Mapping this to JML is hard. We observe that the anonymous stage maps well to the Join event. The transformation to pseudonymous maps to the Move (change) lifecycle event, and so too with the transformation from pseudonymous to proofed.
We also recognize that the same person will access enterprise services across multiple channels from the web, to apps, to connected devices, and even directly via APIs. It used to be that people “Joined” to an organization via a web site, but increasing that “Join” event happens with an app. A person working with connected devices or “Things” or even APIs maps well to the “Move” event.
Although we can map from these two progressions to Join, Move, Leave, the map is poor and incomplete. Neither progression has a step that maps to “Leave.”
No “Leave”? Do relationships ever really end? My relationship with my university begins as a prospect, turns into a student, but it certainly doesn’t end when I graduate. I posit that in most cases external identity relationships are never completely severed, they just change. And this means that external identity brings with it a set of previously ignored privacy requirements. For employee-centric identity, HR used to provide the privacy coverage identity teams needed. Rarely was an internal-facing identity system subject to the Privacy Impact Assessment. But that won’t work in an external identity scenario. Customer identity requires data retention and protection policies and services. It requires persistent and respected privacy preferences. It requires attribute consent management. These are not things employee identity has commonly dealt with.
There is a wide spectrum of approaches to identity management. On one end of the spectrum you have employee-centric identity. It is traditional. The enterprise owns the identities in this world and furthermore the enterprise is authoritative for those identities. There’s a lot of user provisioning as well as web access management, which an increasing amount of federation. At the other end of the spectrum is customer identity. It requires a modern approach to identity management. In this setting, the individual owns their identity and there is no singular authority for that identity. We observe profile management instead of user provisioning. There is a lot of federation and social sign-on as well.
There is a wide spectrum of approaches to identity management. On one end of the spectrum you have employee-centric identity. It is traditional. The enterprise owns the identities in this world and furthermore the enterprise is authoritative for those identities. There’s a lot of user provisioning as well as web access management, which an increasing amount of federation.
At the other end of the spectrum is customer identity. It requires a modern approach to identity management. In this setting, the individual owns their identity and there is no singular authority for that identity. We observe profile management instead of user provisioning. There is a lot of federation and social sign-on as well.
Put simply, the techniques and tricks we have used to serve our employees are not the same ones that are needed for customer identity.
Put simply, the techniques and tricks we have used to serve our employees are not the same ones that are needed for customer identity.
Looking a bit deeper at enterprise-centric identity we see that the system of record is HR. Often this really means multiple HR systems of record but you get the idea. In terms of attribute management and propagation, user provisioning and directory synchronization of various forms is employed. We tend to find islands of identity in our legacy systems but we are getting down to one large identity continent – AD. In terms of SSO, often proprietary WAM-based approaches are used with an increasing amount of federation thrown in, especially for access to modern apps and SaaS. Mobile device management is common and consent is inherent implied in the relationship between employer and employee.
Customer-centric identity is different. We find that the systems of record are CRM and major line-of-business databases. And those are just the internal systems of record. There are also the external systems of record that include social providers, banks, universities, governments and the like. Attribute propagation is handled by user profile management and lookup at the time of use. We still see islands of identity, especially in legacy applications, but thankfully fewer as apps are built federation-ready. In terms of SSO, we see identity standards-based federation and with a bit of proprietary from the social providers. Mobile device management is uncommon if not forbidden. And lastly, consent must be gathered from the user and adhered to consistently.
But it isn’t just the different in technology and approaches that makes customer identity different from employee identity. We see different lifecycles as well. Where Join, Move, Leave has served employee-centric identity well. But in customer identity we observe different lifecycles: transaction value progression and access path progression.
As the relationship grows more valuable the need for stronger identity grows. To be clear a valuable relationship isn’t necessarily one in which money is changing hands. My relationship to my local government is extremely valuable. My relationship to my university is extremely valuable. What we tend to find is that people move from being an anonymous user on a web site or app to a pseudonymous user, relying on social providers as a way to log in. Eventually the organization turns those pseudonymous users into ones that have been proofed and vetted. Mapping this to JML is hard. We observe that the anonymous stage maps well to the Join event. The transformation to pseudonymous maps to the Move (change) lifecycle event, and so too with the transformation from pseudonymous to proofed.
As the relationship grows more valuable the need for stronger identity grows. To be clear a valuable relationship isn’t necessarily one in which money is changing hands. My relationship to my local government is extremely valuable. My relationship to my university is extremely valuable. What we tend to find is that people move from being an anonymous user on a web site or app to a pseudonymous user, relying on social providers as a way to log in. Eventually the organization turns those pseudonymous users into ones that have been proofed and vetted. Mapping this to JML is hard. We observe that the anonymous stage maps well to the Join event. The transformation to pseudonymous maps to the Move (change) lifecycle event, and so too with the transformation from pseudonymous to proofed.
We also recognize that the same person will access enterprise services across multiple channels from the web, to apps, to connected devices, and even directly via APIs. It used to be that people “Joined” to an organization via a web site, but increasing that “Join” event happens with an app. A person working with connected devices or “Things” or even APIs maps well to the “Move” event.
We also recognize that the same person will access enterprise services across multiple channels from the web, to apps, to connected devices, and even directly via APIs. It used to be that people “Joined” to an organization via a web site, but increasing that “Join” event happens with an app. A person working with connected devices or “Things” or even APIs maps well to the “Move” event.
Although we can map from these two progressions to Join, Move, Leave, the map is poor and incomplete. Neither progression has a step that maps to “Leave.”
No “Leave”? Do relationships ever really end? My relationship with my university begins as a prospect, turns into a student, but it certainly doesn’t end when I graduate. I posit that in most cases external identity relationships are never completely severed, they just change. And this means that external identity brings with it a set of previously ignored privacy requirements. For employee-centric identity, HR used to provide the privacy coverage identity teams needed. Rarely was an internal-facing identity system subject to the Privacy Impact Assessment. But that won’t work in an external identity scenario. Customer identity requires data retention and protection policies and services. It requires persistent and respected privacy preferences. It requires attribute consent management. These are not things employee identity has commonly dealt with.
? My relationship with my university begins as a prospect, turns into a student, but it certainly doesn’t end when I graduate. I posit that in most cases external identity relationships are never completely severed, they just change.
For employee-centric identity, HR used to provide the privacy coverage identity teams needed. Rarely was an internal-facing identity system subject to the Privacy Impact Assessment. But that won’t work in an external identity scenario. Customer identity requires data retention and protection policies and services. It requires persistent and respected privacy preferences. It requires attribute consent management. These are not things employee identity has commonly dealt with.
But it isn’t just the different in technology and approaches that makes customer identity different from employee identity. We see different lifecycles as well. Where Join, Move, Leave has served employee-centric identity well. But in customer identity we observe different lifecycles: transaction value progression and access path progression.
There are more stakeholders. Subsequently, there are more requirements. There are more opportunities. From a component perspective, customer identity requires more than traditional enterprise identity. To be sure, there are some familiar components: federation, profile management, and assurance and proofing. There are some IAM-ish components as well: shared signals, consent management, and account take-over response. And then there are some non-IAM components: integration into business automation systems, analytics, and information protection.
There are more stakeholders. Subsequently, there are more requirements. There are more opportunities. From a component perspective, customer identity requires more than traditional enterprise identity. To be sure, there are some familiar components: federation, profile management, and assurance and proofing. There are some IAM-ish components as well: shared signals, consent management, and account take-over response. And then there are some non-IAM components: integration into business automation systems, analytics, and information protection.
There are more stakeholders. Subsequently, there are more requirements. There are more opportunities. From a component perspective, customer identity requires more than traditional enterprise identity. To be sure, there are some familiar components: federation, profile management, and assurance and proofing. There are some IAM-ish components as well: shared signals, consent management, and account take-over response. And then there are some non-IAM components: integration into business automation systems, analytics, and information protection.
But it isn’t just the different in technology and approaches that makes customer identity different from employee identity. We see different lifecycles as well. Where Join, Move, Leave has served employee-centric identity well. But in customer identity we observe different lifecycles: transaction value progression and access path progression.
The technology needed is different.
Instead of user provisioning and WAM, external identity requires social sign-on and profile management. Furthermore external identity requires more than just IAM technologies, but also things such as integration into marketing and sales automation systems, as well as complete information protection services
The lifecycles are different.
Where Join, Move, Leave served us well for employee-centric identity management, those lifecycles events don’t work external identity. External identity presents the relationship value and access channel progressions. Furthermore, the relationships we form with our customers do not end. There is no Leave.
The privacy expectations are different.
The fact that there is no “Leave” means that, as a service provider, be it public or private sector, we have different privacy and information protection duties. There is no HR in the realm of external identity; it thus falls to identity teams and their peers to address privacy requirements.
The goals are different.
Whereas with enterprise identity management we sought to delivery the right access to the right people at the right time in the right place, external management requires the delivery of the right experience to the right person as the right time in the right place.
Lastly, the opportunity is greater.
For the business, regardless of its mission, the opportunity is to deliver services more easily, more cost effectively, and at a higher quality using external identity. Selfishly, as an identity professional, our opportunity is that external identity transforms identity management, our profession, into a business enabler instead of its traditional role as a cost center.
This is the time to act. It is time to expand our notion of identity and the tools needed to deliver.
Stop treating your customers like employees. Start delighting them.
“Your time is important to me. Continue to enjoy the conference and thanks for your attention.”
Instead of user provisioning and WAM, external identity requires social sign-on and profile management. Furthermore external identity requires more than just IAM technologies, but also things such as integration into marketing and sales automation systems, as well as complete information protection services
There are more stakeholders. Subsequently, there are more requirements. There are more opportunities. From a component perspective, customer identity requires more than traditional enterprise identity. To be sure, there are some familiar components: federation, profile management, and assurance and proofing. There are some IAM-ish components as well: shared signals, consent management, and account take-over response. And then there are some non-IAM components: integration into business automation systems, analytics, and information protection.
As the relationship grows more valuable the need for stronger identity grows. To be clear a valuable relationship isn’t necessarily one in which money is changing hands. My relationship to my local government is extremely valuable. My relationship to my university is extremely valuable. What we tend to find is that people move from being an anonymous user on a web site or app to a pseudonymous user, relying on social providers as a way to log in. Eventually the organization turns those pseudonymous users into ones that have been proofed and vetted. Mapping this to JML is hard. We observe that the anonymous stage maps well to the Join event. The transformation to pseudonymous maps to the Move (change) lifecycle event, and so too with the transformation from pseudonymous to proofed.
At the other end of the spectrum is customer identity. It requires a modern approach to identity management. In this setting, the individual owns their identity and there is no singular authority for that identity. We observe profile management instead of user provisioning. There is a lot of federation and social sign-on as well.
Put simply, the techniques and tricks we have used to serve our employees are not the same ones that are needed for customer identity.
The fact that there is no “Leave” means that, as a service provider, be it public or private sector, we have different privacy and information protection duties. There is no HR in the realm of external identity; it thus falls to identity teams and their peers to address privacy requirements.
No “Leave”? Do relationships ever really end? My relationship with my university begins as a prospect, turns into a student, but it certainly doesn’t end when I graduate. I posit that in most cases external identity relationships are never completely severed, they just change. And this means that external identity brings with it a set of previously ignored privacy requirements. For employee-centric identity, HR used to provide the privacy coverage identity teams needed. Rarely was an internal-facing identity system subject to the Privacy Impact Assessment. But that won’t work in an external identity scenario. Customer identity requires data retention and protection policies and services. It requires persistent and respected privacy preferences. It requires attribute consent management. These are not things employee identity has commonly dealt with.
Whereas with enterprise identity management we sought to delivery the right access to the right people at the right time in the right place, external management requires the delivery of the right experience to the right person as the right time in the right place.
For the business, regardless of its mission, the opportunity is to deliver services more easily, more cost effectively, and at a higher quality using external identity. Selfishly, as an identity professional, our opportunity is that external identity transforms identity management, our profession, into a business enabler instead of its traditional role as a cost center.
However, IAM isn’t the star of the external identity show. Much in the same way that TCP/IP isn’t the star of the Web, IAM isn’t the start of this new opportunity. IAM can help support it but IAM isn’t the entire solution.
For the business, regardless of its mission, the opportunity is to deliver services more easily, more cost effectively, and at a higher quality using external identity. Selfishly, as an identity professional, our opportunity is that external identity transforms identity management, our profession, into a business enabler instead of its traditional role as a cost center.
It is an opportunity to delight the most important thing that every organization in every industry has – it’s customers. And it is an opportunity we cannot, must not squander.