Building Your Own Identity System. Be Careful What You Wish For.


In the past few months, there have been a lot of top-level companies that have incurred data protection breaches, which has in turn compromised the personal data of millions of online users. A blog that we’ve written a few months ago aimed to advise users as to how they could remain safer and more vigilant online, which you can see here.

Nevertheless, with the Equifax breach that’s been reported in October, it seems that staying secure when online is becoming a very hard task to achieve. But a very important question has been asked, where does the blame stem from? Do businesses need to tighten up their security measures or should users pick up better habits when creating passwords? Well, long story short, technology is always evolving, and therefore, we can never be too sure and safe when it comes to security. But let’s just play devil’s advocate for a second. You may argue that the IAAF, McDonald’s, and Yahoo breaches that occurred this year are all on the heads of the corporations and not the customers, and we’d be inclined to agree with you. Mass breaches aren’t the fault of the consumer’s passwords being too weak – on the contrary- they’re the fault of organisations who have security systems that aren’t complex enough, and here’s why.



Customer Identity Systems

Data. Data makes the world go round, and organisations have realised that this is the case. There’s never been as much an onus on data up until this present moment, and the value of being able to eventually use this data for monetisation purposes is very appealing of course. So organisations will have a business strategy which will aim to get consumers to hand over their data, so that they can market to them in later stages. The strategy makes perfect sense, however these organisations would need a place to store all of this data. This is where things become slightly tricky. Organisations can go a few different ways at this step, but the choice that we’ll be focussing the most on here is Customer Identity Systems (or CIMs).

CIMs are essentially where organisations store all of their customer data. Whether it’s social logins, bank details, email addresses, 9 times out of ten, a company will store them in a CIM. There isn’t any issues at this stage yet, apart from of course who is running the CIM. Every major corporation in the world will have web developers as staff, and instead of going out to a third party to store data for them, a lot of the time they’ll actually ask their developers to build these CIMs, and that can pose a lot of problems in the future in regards to security.

You can understand from a business strategy point of view to ask your developers to build one, as you wouldn’t have to pay a third party company to do it for you, but this is a very risky strategy. A lot of organisations don’t have a single view of their customers’ data, which in turn means that they’ll build a CIM for bank details, one for contact details, another for social media details for example. Due to the fact of their being more than one CIM, then it’s significantly easier for hackers to get access of data, as they only need to get it right once. And this is where Evolok come in. We have a single view of all our consumer data, stored on a cloud platform. This significantly increases the security levels, as it’s trying to find a needle in a haystack. Please contact Evolok for a further demonstration.

Talk to Sales

Sign up for our latest blog updates direct to your inbox