The API economy is a general term that describes the way application programming interfaces (APIs) can positively affect an organization’s profitability. Basically the assumption is that APIs (service interfaces) are the currency of a software service’s value proposition. It’s your public contract that unlocks access to your service.
With the General Data Protection Regulation (GDPR) out of Europe upon us the practice of making multiple copies of personally attributable data to downstream systems will serve to dramatically increase costs for compliance. Did you know the client IP address in web logs can be in scope for this regulation?
Copying data is easy which is why a lot of corporations have internal “data marts” that facilitate copying of data. Each downstream system repurposes the data and even changes the data and its meaning making it even harder to know which system is the real system of record. Copied data typically never copies the business rules along with it – so downstream systems often will drift from regulatory compliance standards, data governance standards and data retention policies.
As an engineering principle we should avoiding data duplication as much as possible. In fact one measure of success would be the decommission of your internal data marts. Doing this will derive many data benefits for your organization:
- Lower storage costs
- Lower regulatory compliance costs
- Improved real-time customer response
In the featured image picture, you can see the issues with copying data, especially PII or SoX data, dramatically increases risk and exposure without the controls built into the system of record. Following the API focus for access to data not only makes it more cost effective it also allows us to reduce risk and exposure.
So what is the solution? You need to have all your developers embrace the API economy. This is a design culture change for some companies. Creating dependencies on APIs between systems will:
- Remove functional duplication thru API reuse
- Accelerate development speed thru API reuse
- Foster API consistency by adopting API standards
- Decrease regulatory compliance costs
Interested? Here is what you can do:
The following activities will bootstrap your API economy internally. Key ingredients are source code transparency, API discovery, API standards which include API quality and a program that rolls this out monitoring for compliance.
- All API investments work should follow an API guideline
- Microsoft offers Microsoft REST API Guidelines
- Build, test all API’s to be publicly available
- Embrace open source and move your code to Git
- Embrace an API manager like Azure API Manager or Amazon API Gateway
- This will give you publish (discovery) and subscribe capability
- Create a program to decommission as many data mart subscriptions as possible giving priority to any personally attributable data.
With an increase reliance on API’s you will need to realize that your API is a contract!. It’s important you don’t introduce breaking changes, its key to focus up front on your API design, market it with potential subscribers and factor in feedback. Allow extra time in your project to get your API right.
If you have additional questions, need further information or have feedback please contact Ken Knight or add your comment to the blog page for this article.
Jeff Bezos’ Mandate: Amazon and Web Services http://jesusgilhernandez.com/2012/10/18/jeff-bezos-mandate-amazon-and-web-services/
Explaining the API Revolution to your CEO <https://www.forbes.com/sites/danwoods/2011/12/15/explaining-the-api-revolution-to-your-ceo/#27f31ee81179>
Bezos, Schmidt, Ignition and others toss support behind API marketplace Mashape