Traditionally, Identity and Access Management (IAM) was focused on allowing or denying access to data storage systems, but today, protecting identity data is far more complex. The growing digital ecosystem and increasing cyber risks mean that organizations are faced with securing data across multiple channels and apps against a varying range of threats. With so many potential vulnerability points, not every app or person should have access to all of the data in a profile, particularly highly sensitive and valuable Personally Identifiable Information (PII).
In this multichannel, multi-threat environment, answering the question, "Who can access the data?" isn't going to provide adequate defenses. The more effective question is, "What data can each app, service or business function access?"