Identity Silos: shining a light on the problem of shadow identities

Many companies are rightfully being more proactive about improving data privacy, security, and customer experience

However, too many are overlooking a crucial ingredient: ridding their company of identity silos.

When organisational departments deploy digital services independently of the business’ central IT function, they inadvertently create separate identities for the same customer across a business – these are called identity silos.

Businesses with identity silos lack a comprehensive view of their user base, while their customers receive inconsistent customer service. Meanwhile, data controllers can face security breaches, privacy concerns, and regulatory nightmares. 

For business chiefs, ridding their companies of identity silos should, therefore, be at the top of their to-do list. 

The chickens have come home to roost

It’s important to stress that identity silos – sometimes referred to as ‘shadow identities’ because, similar to shadow IT, they are created without central organisational approval – come about during routine business expansion.

If a business unit wishes to roll out a new digital service, in the absence of an existing centralised identity management function that can do the job, they often end up either buying an off-the-shelf identity and access management (IAM) system or create their own. When a business merges or acquires a new organisation, the new unit often keeps its own IAM infrastructure. In both cases, the result is the same: hundreds of invisible silos of duplicated user identities.

The chances are you’ve experienced the problems caused by identity silos. If you use the same broadband, mobile, and television provider, you’ve probably had to update the same information multiple times for each account, rather than just once. Or if you’ve been subjected to marketing calls (even though you’re already a customer!) that try to sell you products you already have. This is all because your customer data is siloed in each department throughout the company, thereby ruling out cohesive customer experiences.

Your customers will thank you sooner rather than later

The rising digital tide will raise all boats, but only if companies can deliver the type of user experience that consumers are demanding in 2020. And to do that, a business must have an omnichannel, 360-degree view of the customer – an impossible feat for a company littered with identity silos. The result: companies finding themselves unable to deliver the dynamic personalisation, authentication, and other digital features that customers expect.

This isn’t limited to online: without an omnichannel customer view, a business will struggle to deliver a consistent experience whether customers are physically in its store or phoning into a call-centre.

Organisations with shadow identities are also flying blind when it comes to cross-selling products and services to existing customers. With customer data siloed throughout the business, departmental sales teams have no way of knowing who is already a customer. A big lost revenue opportunity.

Your balance sheet will thank you sooner rather than later

The UK Information Commissioner’s Office is no stranger to flexing its muscles when it comes to GDPR violations, and with fines of up to 4% of global turnover, identity silos can lead directly to privacy failures. An enormous – and avoidable – risk to businesses.

For example, if a customer asks to opt-out of receiving marketing communications, that business would have to cross-reference that customer’s data across the entire organisation to make the necessary updates. But if some of their data is siloed, this task becomes difficult in the extreme.

Viewed in this light, it becomes clear that shadow identities not only present a real data privacy and compliance risk, but they also directly affect an organisation’s balance sheet. 

I understand the problem, but how can we fix this?

Thankfully, the answer is straightforward: businesses which are currently operating with a chaotic mix of legacy, in-house, and standard IAM products, should consolidate their shadow identities with a single, centralised IAM platform. The first step is a full audit to identify where silos exist and are introducing friction into the customer journey.

With this information, step two is to set up a centralised IAM system that integrates seamlessly with existing legacy identity systems, applications, and any new IT solutions your company wishes to deploy. The final step is to leverage these insights to provide ongoing context-based authorisation and multi-factor authentication so only the right people get access to the right information, while at the same time delivering dynamic personalised customer experiences and creating new revenue opportunities. 

Treat the disease, not the symptoms 

This approach will give businesses the panoramic view of their customer and user base they need to thrive in an era defined by customer experience. What’s more, factoring in the capital saved by the knock-on improvements to customer service, revenue growth, and privacy risk, it can be a cost-neutral exercise.

For anyone serious about their business thriving in 2020, the message is clear: if you don’t want to get left behind by the digital transformation, then it’s high time you began addressing your identity silos.

About the Author

Peter Barker is Chief Product Officer at ForgeRock. ForgeRock®, the leader in digital identity, delivers modern and comprehensive Identity and Access Management solutions for consumers, employees and things to simply and safely access the connected world.