Global smartphone shipments reached 286 million* in the first quarter of 2014. Businesses everywhere are rushing to benefit from, and at the same time manage, our love for everything mobile. In that haste, many are focusing on the management and security of the devices themselves, whereas it’s the applications and data used by mobile devices that need the most attention. If anything, the design, implementation, and management of secure APIs should be given the highest priority in a corporate mobile strategy.
API Expansion Wide and Fast
APIs, of course, have been around for as long as we’ve had IT, mostly embedded in applications, enabling them to talk to their clients and other applications in a controlled and standardized way.
Originally, they were restricted to the corporate datacenter, but that’s no longer the case. In the consumer world, a common example is APIs that enable smartphone users to post images to Instagram and automatically share them on Twitter or Facebook as well. In business, APIs commonly enable users to directly access and reuse data held in a corporate database or CRM systems, collaborate on projects, and share information with co-workers and partners in other organizations.
As users become more mobile, application growth has gone off the charts, making it wasteful to handcraft a new API each and every time. Governance needs to play a strategic role in each corporate mobile strategy. Services and APIs are built following corporate standards and policies to ensure the exposed APIs have the right performance and security. Equally, companies need to work with and manage a growing number of APIs from third parties to make sure they function well and are used correctly. Moreover, with more and more open APIs being written to create new opportunities for revenue and market expansion, companies need to make sure they are as secure as possible—and that they stay that way.
An integration and management platform that coordinates and manages this “API economy” is fast becoming essential, and there are a number of ways this can be implemented. For example, many companies will have a hodgepodge of middleware, some of which could be repurposed and glued together to build something suitable. But that’s not always possible or advisable, especially in larger and rapidly changing environments.
Safely and Effectively Manage Open APIs
A better approach is to use an API management platform that provides both on-premise and cloud-hosted services. A hybrid API management solution will fit both requirements for API providers—by which we mean internal software developers and product managers—and API consumers, typically external developers and partners. It also includes runtime administration tools to provide secure API access and threat protection, traffic management policies, performance monitoring, utilization dashboards, and the possibility to monetize the use of the APIs, just to mention a few.
The solution should also make it easier to apply consistent branding, customize application interfaces, and conduct trials of new APIs. The main benefit is the rapid deployment of new applications through the use of consistent, well-documented, and managed APIs using an integration and management platform that is scalable, robust, and fit for the mobile future.
*Juniper Research – April 2014