It comes as no surprise that governing access to sensitive identity data is more complicated than it’s ever been before. In the “good old days,” security and privacy were just as important as they are today, but establishing and maintaining control over data access was relatively straightforward—secure the perimeter of your network, and limit internal access as much as possible with role-based access controls. Today, the perimeter is fading away while data assets are growing in volume and value. The complexities involved in securing and governing access to identity data, particularly customer identity data, are significantly higher along with the stakes if a breach occurs.
Digital business initiatives are driving more customer-facing applications and systems of engagement across an expanding array of channels. These applications are new customer touch points requiring access to customer identity data. Companies have marketing automation and CRM systems requiring data access to run promotions and campaigns. Customers themselves want self-service access to change their opt-in/-out and privacy settings. And as if that were not enough, heightened security threats and increased industry regulations add even more pressure to carefully govern customer data use.
Digital business initiatives are requiring more of IT’s involvement due to the complexity of the issues above. However, IT’s traditional identity data access solutions aren’t working for today’s customer-facing use cases. And the answer is not for IT to lock down customer data stores. Customer experience has become such a high priority brand differentiator that companies are being forced to find new ways to leverage customer data for a more personalized digital experience or they will find it increasingly hard to compete.
What’s needed are new solutions to govern access to customer identity and preference data to support multi-channel digital business initiatives. These solutions must provide fine-grain access controls by creating and enforcing policies that implement the “need to know” rules for data access by other internal systems, teams, and third-parties. In this way, businesses can expand their interactions with customers in meaningful, personalized ways while respecting the customer’s privacy and preference choices and any applicable corporate or industry regulatory restrictions.
IT needs to help business leaders walk this fine line between customer experience and customer data security/governance by implementing solutions capable of the following:
- Deliver an actionable, single view of the customer – It’s important to combine customer identities and preferences into a unified customer view so that you have a single point of data governance, and can also enable delivery of a consistent, cohesive customer experience across channels and devices.
- Use governance policies to access customer identity and preference data on a “need to know” basis – You’ll need to codify, automate and make actionable policies to proactively prevent data usage mistakes by internal teams and partners by restricting data access on a “need to know” basis. This includes the ability to change/refine policies without re-coding applications and integration logic along with the ability to react quickly by turning off some data usage without affecting others.
- Collect customer preferences and opt-in/-out consent to support advanced personalization – Provide fine-grain controls that allow customers to opt-in and out of specific offers, methods of communications, communication frequency, and other attributes relevant to optimizing their experience. Make their choices and consent immediately enforceable across all channels, and in accordance with applicable corporate and industry regulatory compliance.
- Centralized visibility, audit, and compliance – Obtain visibility into real-time opt-in/out trends to “sense and respond” rapidly to changing customer sentiment. Provide dashboards to monitor policy enforcement and compliance across your engagement channels
- Provide web-scale performance contributing to a fast/convenient customer experience – Provide a high-availability, high-throughput, high-security data governance layer in front of your systems of record, increasing security and performance.
New digital business initiatives are increasing across industries and are changing the way organizations interact with their customers. The innovation and experimentation has really just begun, but already it’s clear that new solutions are needed to govern and secure access to customer identity and preference data. By implementing these solutions, companies can better achieve the optimal balance between customer experience personalization and customer data security/governance. The result will be higher value interactions with customers, new business model innovations, and potentially game-changing competitive advantages.
Steve Shoaff is ceo of UnboundID