I presented last week at AgilityWorks’ Innovation day, and talked a bit about APIs. One area I briefly mentioned was using an API gateway not just as an enabler for new revenue models, but as a consolidation point, ostensibly to remove the existing cost of running multiple web-facing lines-of-business.
You may discover as your security guys test your data centre for attack, that you have quite a few web-facing interfaces. These interfaces were put in for good reason – they served the needs of the business, of a project, at the time. But they also expose your business, your data to attack. As their existence tends to arise from single-purpose projects or joint-ventures or outsourcing, there’s usually limited administration and support for them. So, any attack is relatively likely to succeed, and may go unnoticed for quite a while. Whether there’s adequate resolution and escalation processes in place, especially regarding data, is a very moot point. Over time, as these problems arise, they’re dealt with. But what happens at the next project or business model that requires third-party services or consumer connectivity? Does the business have to go through the same cycle of discovery?
Would not a strategy wherein you combine all these interfaces onto a single operating platform more sensible? Yes. But there’s other benefits.
Each access node, currently, operates in their own oblivion, with overlapping security models, roles, and service throttles, you can remove the overlaps, and reduce the operational footprint. As each costs time and money to run, and keep running, there’s an immediate cost benefit to be had here. The administrative nightmares of managing certificates, onboarding partners, developer education, support issues, network issues are more easily addressed – you now manage certificates in one place, not twenty. Your business has a strategy now for developer and partner enablement that’s known and is consistent. Analytics and insights from colleagues can be more easily shared. Upgrades are significantly easier. This is achieved by having the functions of the existing gateways and interfaces consolidated down into a single box (virtual or otherwise), and life is much simpler. The enterprise can better manage how it is connected with the internet, with partners, suppliers and customers – all in one place. Related issues such as load-balancing, failing-over between data centres and so on, also get simplified. Also simplified is the impact on the enterprise services and the data (caching can be more broadly consumed).
But you also get to see how each and every consumer of your services behaves: you have consolidated your channels. Now you can see which developers and partners create more errors and more support calls, but also which apps generate more revenue and from which customer segment. You now have a single channel for interaction, irrespective of line-of- business, of data centre, of geography.
In the next article, we’ll look and how you can take this channel and turn it into a channel of 1.