We just raised a $30M Series A: Read our story

What are security features to look out for when choosing a Customer Identity and Access Management solution?


Choosing a good CIAM solution should take into account the user experience, and security of customer data. What specific security features should one look for when selecting a solution?

ITCS user
55 Answers

author avatar
Top 20Reseller

1) Good at managing user's credentials.
2) Support all kinds of authentication methods.
3) Provide a way to collect customer data.
4) Easy to integrate with your applications such as CRM.
5) Depends on your need, you may need the support of hundreds (or thousands) of transactions per second.
6) Open standards
7) Regulations and Compliance.
8) Personal data privacy control and user consent management.
9) Capability to classify users into roles and link roles to permissions.
10) Capability to collect all kinds of user data with an evolving schema (i.e. no need to be fixed).
11) Good user self-service features.
12) Identity proofing capability may be critical to you.

author avatar
Real User

Broad question but great question! To keep it quick, below are the "5 pillars" to ensure seamless integration and user experience (CIAM - IAM). I'm sure you've heard this referenced before by Gartner and others.

- SSO, 2FA, Multi-Factor and Adaptive Authentication
- Privacy & Compliance
- Integration, Flexibility, Scalability & HA
- API's
- Analytics & reporting

A great team by the way to connect with on all security related solutions and topics is the partner OPTIV.

Hopefully that helps. Not sure if your enterprise, if so I'd definitely take a look at the "all in one" solutions that provide both key CIAM & IAM features, with many additional services (ex. OKTA, Ping Identity, SecureAuth, OneLogin, DUO).

author avatar
Top 5LeaderboardReal User

Security starts within the enterprise first with strong security policies that the product should comply to. Examples are centralized administration, passwordless authentication. Two-factor authentication.

Also, one question is whether to provide the same level of security for your external and internal identities

author avatar

PAM (human to machine) = CyberArk and alike

Secrets Management (machine to machine) = Vault OSS and alike

Complete all-inclusive solution = Call me to see a demo of Akeyless Vault

author avatar

The access authentication should prove the identity of the human person, not the device they possess. If you do this we can stop bot attacks and access breaches.

Find out what your peers are saying about Microsoft, Okta, ForgeRock and others in Access Management. Updated: October 2021.
542,823 professionals have used our research since 2012.