Currently, many agencies use outdated technology for their customer identity and access management (CIAM) needs. CIAM frameworks manage the identities of customers who access digital channels such as websites or mobile applications, so a poor CIAM strategy can lead to experiences that are fragmented and full of friction for employees and the citizens they serve.
Fortunately, cloud computing can modernize an agency’s CIAM offerings. Below are best practices for connecting cloud and CIAM to strengthen agencies’ CIAM programs, and customer experience (CX) as a result.
1. Reduce your user friction
When customers have difficulty using public services, they avoid them. CIAM can help increase engagement by reducing friction, first by meeting citizens on the devices they prefer to use. Citizens appreciate access to digital public services on their laptops, smartphones and other devices.
Accessibility and convenience are equally important for CIAM. For instance, uncomplicated logins are attractive to citizens who aren’t tech-savvy. By simplifying engagement, CIAM allows agencies to reach as many citizens as possible.
2. Select a secure cloud vendor
When moving CIAM to the cloud, security should be a defining requirement, not an afterthought. Agencies should pick a vendor that can meet their security needs from Day 1 – a vendor with a proven track record in government. Without a secure vendor, agencies risk exposing sensitive citizen data to cyberthreats.
Initiatives such as the Federal Risk and Authorization Management Program (FedRAMP) help provide a common approach to cloud security. FedRAMP standardizes security and risk assessment for all federal cloud products and services. Although useful for consistently shielding data across agencies, complying with this framework can be cumbersome.
Fortunately, cloud can help shoulder some of this burden. Solid cloud solutions typically comply with all relevant regulations out of the box, saving agencies the extra step of meeting those regulations themselves. Vendors that earn authority to operate (ATO) certifications prove they can meet the stringent requirements set for government cloud security. ATOs grant vendors permission to provide services such as cloud to agencies.
To further validate the security of their potential cloud vendors, agencies can look at certifications such as a FedRAMP ATO. They can also examine non-federal audits such as Health Insurance Portability and Accountability (HIPAA) certifications for additional peace of mind. Passed in 1996, HIPAA stipulates how the healthcare industry protects the personally identifiable information (PII) it maintains from fraud and theft.
Ultimately, citizens must trust agencies with private information such as their addresses, or they’ll lose faith in those who can’t protect their delicate details.
3. Reduce reliance on legacy CIAM systems
Cloud can ultimately help agencies leave their legacy CIAM systems behind. Not only are older CIAM systems costlier and harder to maintain, they’re also more frustrating for employees and users. It’s three times more expensive for agencies to manage and maintain CIAM internally, said Peter Zavlaris, CIAM Product Marketing Manager at Okta.
Over time, agencies that cut ties with legacy CIAM systems save energy, money and time formerly spent on maintenance. They also produce experiences that are more pleasant for everyone involved.
4. Boost developer efficiency
Cloud isn’t just about revamping agencies’ technology, but also about making the workflows for their developers easier. Developers who build CX shouldn’t get bogged down with complex identity projects. Instead, using code samples, documentation and how-to guides created in their programming language of choice, they can become far more efficient. Gradually, cloud can make customizing CIAM systems simple and straightforward for developers.
This article is an excerpt from GovLoop’s recent report, “Modernizing Citizen Experiences With Cloud Identity.” Download the full report to explore the four capability pillars of a modern CIAM approach here.