By Scott Monro, Regional Vice President, Asia, Okta
From customers checking out of a retail store to corporate partners and contractors accessing digital resources, digital identity is an increasingly important part of any business today.
This is particularly so with the rapid transformation occurring in Asia-Pacific (APAC). E-commerce in the region is expected to double by 2025, reaching US$2 trillion, according to Euromonitor International.
So, it is not surprising that businesses of all sizes are turning to customer identity and access management (CIAM) solutions to help them deliver secure and seamless digital experiences.
CIAM enables them to embed a secure layer into their customer and cloud applications. This means customers can easily access a e-retailer website, while contractors and suppliers can access a partner’s resources with a digital identity. CIAM also enables organisations to track customers’ buying behaviours for targeted marketing purposes.
With the pandemic accelerating the shift to digital across all business sectors and cyberattacks rising to an all-time high, the need to secure these interactions has become more critical than ever.
Thankfully, awareness of CIAM is quite widespread in APAC, according to a new Okta study. Nearly three-quarters of respondents here (72%) say they have a good or expert understanding of CIAM, and only a small minority (7%) admit to not knowing anything about it at all.
The study, conducted by Statista in earlier this year, surveyed 320 C-level and senior IT decision makers in Australia, Japan, Singapore, South Korea, the Philippines and Hong Kong.
It revealed that a large majority (82%) have implemented a CIAM solution, whether this has been built in-house or outsourced. The exception is Japan, where one-third have yet to adopt CIAM.
Even among those that do not currently have a CIAM solution, nearly half (48%) are planning to implement one in the next 12 to 18 months.
With compromised credentials often the cause of rising cyberthreats across the globe, it is understandable that the biggest motivation to adopt CIAM in APAC is security.
In the Okta study, almost nine in 10 respondents (89%) said CIAM was very important or important to their overall security strategy, and just 3% reported it had no importance at all.
Implementation may be a challenge due to complexities
As a critical piece of the digital puzzle, however, CIAM is often more complex to implement, operate and maintain than many businesses realise.
Getting CIAM wrong, after all, could have serious consequences for security and user experience. A user could give up on the items in his cart if it is too difficult to log in. Worse, a poorly configured system might expose the user and the business to cyberthreats.
The biggest obstacle, according to 61% of respondents in the Okta study, is the risk of adversely impacting user experience, with many struggling to do this right internally. A lack of available in-house expertise (42%) and the need to create a business case to justify implementation (30%) are other barriers that organisations face in APAC.
Of those that do not yet have a CIAM solution, there is considerable uncertainty on knowing where to start. Most (56%) have only a rough idea, with over a third saying they would need help to begin.
Of those businesses that have a CIAM solution, 60% say their biggest barrier in managing it is the need to improve their security posture, while 57% are challenged by the high level of complexity.
It does not help that threats evolve over time and audit and compliance requirements change regularly, which means speed and agility are essential in managing customer identity. This creates another challenge for business, with over 40% citing this as a key barrier in using their existing CIAM solution.
When implementing a CIAM solution, businesses often face an urgent timeline to provide an improved and more secure experience. This is not just for end-customers, but also partners and suppliers looking to collaborate efficiently by logging in to access digital resources.
A major challenge for many businesses is finding the talent – a scarce resource today – to deploy their CIAM solutions, should they choose to do it in-house. Not only does this take away hours from IT teams, but it also involves the hard work of designing a seamless user experience and creating adequate security to ward off credential-based cyberthreats.
For most businesses, outsourcing to a trusted partner is likely a better way forward. This means IT teams are freed up to build better solutions and deepen customer engagement, instead of worrying about the complexity of CIAM solutions.
Organisations going down this path will do well to find a vendor-neutral CIAM solution − one that is able to plug into different technology stacks that a business may be using.
As a central component of any digital experience, customer identity will be key to success for truly customer-centric businesses. Getting it right lays the foundation for building customer trust and loyalty for the long term.