When you think of customer identity and access management (CIAM), what do you think of? One of the first things I think of is a network. That's because I believe security teams need to map out all the different ways in which your customer interacts with you, and how they end up authenticating themselves in each of those flows. Think of them as the different points in your "business network" that customers use to get in. If you haven't mapped out each and every one of them, you have a problem. To use a different analogy, making the front door stronger won't matter much if you've left a window open somewhere. Your defenses are only as strong as your weakest checkpoint. And in far too many enterprises, the weakest checkpoint will often turn out to be something that was missed, overlooked or just not paid enough attention to.