Security Experts:

Security Considerations: Rising Use of APIs in the Enterprise

More Than 85% of Enterprises Will Have an API Program by 2018

Application Programming Interfaces (APIs) provide an excellent way for enterprises to interact with their partners and customers, and offer developers a way to enhance applications and offer key capabilities to end-users.

Now more than ever, enterprises are making their business applications and data available through APIs to open up new business opportunities and grow their ecosystem.

In fact, according to a recent study conducted by Layer 7 Technologies, more than 43 percent of respondents said that their organization currently has an API program in place, while 27 percent said a program would be launched within the next year.

While APIs provide a great avenue for business opportunities, especially in the areas of web-based applications, social media, and mobile applications, they also open up a new area of risk and bring an added attack vector.

In other words, APIs are another area that information security teams need to protect from abuse in order to safeguard company and customer data.

In Layer 7’s study, nearly half of those polled said data security and privacy were their biggest security considerations.

Respondents said that mobile performance optimization, developer enablement and data analytics were the three most important features needed in an API management solution.

Layer 7, which provides API management tools, said that despite the steady growth of cloud-based API management solutions, more than half (55.1 percent) still preferred an on-premise solution, while hybrid deployments (cloud with on-premise) were also popular (42.8 percent).

Of the 140 enterprise IT professionals that Layer 7 surveyed in May, respondents highlighted several business goals driving the growing need for API programs, including:

• Mobility programs (71.9 percent);

• Partner connectivity (69.1 percent);

• Cloud integration (67.6 percent);

• Enabling internal developers (66.9 percent); 

• Fostering external developer ecosystems (55.4 percent)

“Enterprises are increasingly recognizing APIs as a cornerstone of the modern open hybrid enterprise,” said Dimitri Sirota, senior vice president, Security, CA Technologies and co-founder of Layer 7. “For an organization to be successful, it must have a strategy to deploy and manage the APIs that will enable it to secure and leverage data, empower a mobilized workforce and engage with the developers driving the app economy.”

view counter
For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.