That is what a six-nation study in the region has suggested about the state of customer identity and access management

In an online survey conducted between 28 February and 4 March 2022 involving 320 senior-level employees in South Korea, Hong Kong, Singapore, Philippines, Australia and Japan to gauge regional sentiments toward customer identity and access management (CIAM) adoption and implementation, lack of in-house expertise was cited as one of the main barriers.

The study revealed a high level of understanding of CIAM across the region, with 72% of respondents indicated they had a good or expert understanding, against 7% indicating they did not know anything about it at all. Some 82% had already implemented CIAM solutions (whether built in-house or outsourced), and 48% of respondents were planning to deploy one in the next 12 to 18 months.

The top driver for CIAM adoption was security, with 89% indicating that CIAM was very important or important to their overall security strategy, and 3% assigning no importance to it at all. Security was also cited as a top attribute by 33% of developers selecting a CIAM solution, followed by reliability (22%), ease of use (16%) and a good user experience (15%).

Other CIAM findings
Respondents indicated that the biggest barrier to CIAM implementation was the risk of adversely impacting the user experience (61%), with many struggling to get this right internally, followed by a lack of available in-house expertise (42%), and the need to create a business case to justify implementation (30%). Also:

  • 60% of respondents using a CIAM solution indicated that their biggest barrier in managing it was the need to improve their security posture, while 57% were challenged by the high level of complexity. 
  • 40% cited another key barrier in using their existing CIAM solution: the fast-changing threat landscape and ever-evolving audit and compliance requirements that make speed and agility essential in managing customer identity.  
  • Other data showed that respondents not using CIAM were hampered by knowing where to start, with concerns about user experience and security proving to be a barrier to implementation. Some respondents relied on home-grown solutions that were complex to maintain, less secure, and diverted developer and engineer time away from business-critical activities.

According to Richard Marr, CIAM Lead (APAC), Okta, which commissioned the survey, despite a high level of awareness and adoption of CIAM solutions in the region, challenges remain for organizations that may lack in-house expertise or the necessary resources to keep up with an evolving cyber threat and regulatory environment.

“In a world where in-house IT and security talent is scarce, keeping up with the fast changing security landscape can be unsustainably stressful,” Marr said, suggesting that organizations consider outsourcing customer identity management so that they can focus on the more strategic aspects of customer loyalty development, and business growth.