This slide deck will explore the role of the CIAM strategy in digital transformation, key components of a successful CIAM strategy and how privacy concerns should address on CIAM strategy.
Watch video: https://wso2.com/library/conference/2018/07/wso2con-usa-2018-evolve-or-die-privacy-and-the-future-of-your-enterprise-with-ciam/
2. 97% of consumers read online
reviews, and 85% of them trust
online reviews.
“BrightLocal Local Consumer Review Survey 2017”
One-star increase on Yelp
leads to a 5-9% increase in
business revenue.
“Reviews, Reputation, and Revenue: The Case of Yelp.com :
Harvard Business School”
Impact of Consumer Reviews
3. Digital technology has shifted
the power of businesses from
the enterprise to customers.
Impact of Digital Transformation to Business
14. GDPR : Individual Rights
5
3
Comply with requests not to
automate decision making using
personal data
Right to restrict processing6
7
8
Allow individual’s data to be stored
but not processed.
Provide transparency over how
personal data is collected, stored,
managed, protected, and
processed
Right to be informed1
Right to stop processing
Provide copies of all stored data in
a portable format
Right to data portability
Honor requests not to process an
individual’s data for specific purposes
Right to access2
Provide individual’s access to their data
and explain how they-and any
supplemental data-are used
4
Correct any personal data if
incomplete or inaccurate
Right to rectification
Remove personal data on request
when there is no compelling reason to
keep it
Right to be forgotten
Reject automated decisions
16. What California Consumer Privacy Act Offers
16
Gives You
Ownership
1
Protect your right to
tell a business not to
share or sell your
personal information.
2 Gives You
Control
Gain control over the
personal information
that is collected about
you.
Hold businesses
responsible for
safeguarding your
personal information.
Gives You
Security
3
18. Key Privacy Considerations for CIAM
Customer
Controlled
Personal Data
Transparency,
Fairness and
Lawfulness
Data Minimization
and Storage
Limitation
Accuracy,
Confidentiality and
Accountability
19. Key Privacy Considerations for CIAM
Customer
Controlled
Personal Data
Transparency,
Fairness and
Lawfulness
Data Minimization
and Storage
Limitation
Accuracy,
Confidentiality and
Accountability
20. ● Personal data under customer control
○ Self-service user portal
■ Right to access
■ Right to be forgotten
■ Right to data portability
■ Right to restrict data processing
● Keep up to date
Customer Controlled Personal Data
21. ● Review user profiles
● Alteration of user profiles
● Deletion of user profiles
● Keep user profile
up-to-date
● Support user profile
portability
Self-service User Portal
22. Key Privacy Considerations for CIAM
Customer
Controlled
Personal Data
Transparency,
Fairness and
Lawfulness
Data Minimization
and Storage
Limitation
Accuracy,
Confidentiality and
Accountability
23. ● Clear privacy policy
● Get the consent for personal data processing
○ Personal data processing based on active consent
○ Ability to review given consent and revocation
○ Ability to demonstrate proof of consent
○ Consent design
● Purpose limitation
○ Consent per purpose
Transparency, Fairness and Lawfulness
25. Selfcare Portal to Manage given Consents
● Review, modify and revoke consent
26. Key Privacy Considerations for CIAM
Customer
Controlled
Personal Data
Transparency,
Fairness and
Lawfulness
Data Minimization
and Storage
Limitation
Accuracy,
Confidentiality and
Accountability
27. ● Personal data shall be
○ Adequate
○ Relevant and limited to purposes
● Store data no longer than necessary
● Storage limitation should be in a data retention policy
● Pseudonymized data
● Regional data localization
Data Minimization and Storage Limitation
28. Application Specific Claim Management
Name : ishara
Email :
isharak@wso2.co
m
ID : 225
Org : WSO2
Name : ishara
Mobile : 0717996791
30. Key Privacy Considerations for CIAM
Customer
Controlled
Personal Data
Transparency,
Fairness and
Lawfulness
Data Minimization
and Storage
Limitation
Accuracy,
Confidentiality and
Accountability
31. ● Prevent unauthorized or unlawful processing
● Prevent accidental loss, destruction or damage
● Adequate measures to prevent data breaches
○ Inform about the breaches without delay
● Organization culture of accountability
Accuracy, Integrity, Confidentiality and
Accountability
34. ● Digital transformation is critical for business survival
● CIAM plays an integral part in digital transformation
● Privacy is a competitive differentiator in CIMA
● CIAM solution should address
○ Privacy by design
○ Privacy by default
● CIAM should follow future -proof privacy guidelines
Conclusion