- La colaboración entre Seguridad y FinOps puede generar beneficios ocultos en la nube
- El papel del CIO en 2024: una retrospectiva del año en clave TI
- How control rooms help organizations and security management
- ITDM 2025 전망 | “효율경영 시대의 핵심 동력 ‘데이터 조직’··· 내년도 활약 무대 더 커진다” 쏘카 김상우 본부장
- 세일포인트 기고 | 2025년을 맞이하며… 머신 아이덴티티의 부상이 울리는 경종
5 keys to a successful API strategy
For enterprises seeking to overhaul their operations and offerings, application programming interfaces (APIs) have become key facilitators of digital transformation — especially as organizations increasingly move data and applications to the cloud.
Once largely viewed as a technical means to an end, APIs are now a high-level strategic concern, with developing, managing, maintaining, and securing these resources becoming a major consideration — and a big challenge — for technology leaders.
More than just vital components for enabling automation by providing communication between applications and services, APIs now also deliver business value to a range of enterprises through a variety of monetization efforts.
An April 2022 report on APIs by research firm 451 Research, sponsored by Noname Security, asserts that in the wake of the digital transformation wave web APIs have experienced “exponential growth as the rise of integrated web- and mobile-based offerings requires significantly more data sharing across products.”
The study, based on a January 2022 survey of IT experts at 350 global companies in various industries, shows that the average organization is using 15,564 APIs — an increase of 201% over the past 12 months.
“When it comes to defining a successful API strategy, there’s no ‘one size fits all’ path to success,” says Scott Hanawait, senior vice president at consulting firm Booz Allen Hamilton. “API design is not easy, and each project has its own unique requirements, stakeholders, and capabilities, [along with] desired outcomes. Use of a particular technology, architecture style, or support for a particular API type does not guarantee success.”
At their core, APIs must solve a real problem and make that solution easy for others to apply, Hanawait says.
Here are some of the keys to creating and maintaining a successful API strategy, according to experts.
Codify data ownership
APIs have undergone extensive innovation since the concept originated back in the 1940s, says Chris McLellan, director of operations at the Data Collaboration Alliance, a nonprofit dedicated to helping organizations and individuals get full control of their information in order to advance global collaborative intelligence.
“That’s why this seemingly simple technology is so critical today to almost all digital interaction,” McLellan says. “However, APIs are fundamentally about data extraction and access, and that last function has seen almost no progress in perhaps four decades. We still make endless copies of even sensitive data, just like we did when IT tools first materialized, in the process undermining security protocols, violating compliance restrictions, and creating complexity.”
APIs have extraordinary access and reach, McLellan says, “but this should not violate fundamental rights. Most data belongs to specific parties, and should only be in the hands of the rightful owner or temporary custodians duly appointed. Data represents an organization’s crown jewels — easy access via APIs and other mechanisms should not take away that right of control.”
Deriving more data from more APIs accessing more applications and more systems will likely add to the business, but will definitely add to the costs and complexity, McLellan says. “That’s why a comprehensive API strategy shouldn’t be confined only to applications exchanging data,” he says. “Separating data from the application used to create and store it, and ensuring that it exists and flourishes outside of those systems enables stronger control and better governance.”
Simplify by ‘de-siloing’
One of the biggest challenges facing organizations is the sheer complexity of their data management landscape, McLellan says.
“Whether bought or built, it is now typical for businesses to maintain hundreds, even thousands of applications, each storing data,” McLellan says. “Add to this a myriad of legacy databases, a cluster of data lakes and warehouses, and an unknown number of operational spreadsheets, and the numbers quickly add up.”
Many of the application-based silos within enterprises are also exchanging copies of their data via point-to-point data integration, something many CIOs consider an “innovation tax” that adds ever-increasing friction to projects, McLellan says.
“However, through the tactical use of APIs, a strategy of decommissioning many of these silos can be established by connecting them to more secure and collaborative environments like data fabric and dataware platforms that make data accessible on a company-wide basis,” McLellan says. “Once connected and protected, the legacy silos — starting with spreadsheets — can be assessed for de-commissioning.”
Research firm Gartner recently placed the data fabric category on its list of top strategic technology trends for 2022, McLellan notes. “One of the reasons is that data fabrics can leverage APIs to connect data from legacy systems, data stores, and [artificial intelligence/machine learning] tools and enable it to be blended, extended, and upgraded via data collaboration,” he says. “The resulting ‘upgraded’ datasets can be used to power new analytics, web apps, and automations without performing traditional point-to-point integration,” potentially saving months of time and millions of dollars on the delivery of these projects.
Support inclusive, collaborative innovation
As access to data becomes more and more essential to problem solving, business users are finding ways to access and use organizational data outside the boundaries of sanctioned data governance and cybersecurity policies, McLellan says.
“The response from CIOs should not be to stifle the creativity and passion that’s inherent in such shadow IT projects, but to enable a more federated approach to innovation,” McLellan says. “The use of APIs is critical to establishing collaborative environments like data fabrics.”
In these environments, “everyone from business users to data scientists can work side by side on real, operational data to create datasets and data models that can be used to accelerate the delivery of new solutions, including web applications, dashboards, and automations,” McLellan says.
An API can only help solve a problem if users know that the solution exists, Hanawait says. “Making APIs discoverable, for example via a catalog or developer portal, helps prevent duplicative work within an organization and helps market solutions to external parties.”
Organizations also need to provide the resources for API consumers to be successful, ideally in a self-service fashion, Hanawait says. Documentation, including getting-started guides, a human/machine readable specification, schema information, and so on, helps developers understand how the API performs, he says.
Create a ‘reuse’ mindset
When creating an API strategy, enterprises should establish an object reuse mindset and methodology, says Al Liubinskas, vice president and Cloud Integration Practice lead at global consulting firm Capgemini Americas. “This [is] critical to accelerate time to market and reduce the cost of delivery for providing the necessary services for the business,” Liubinskas says.
For example, when Capgemini’s restaurant clients needed to quickly adopt different delivery service providers to support the shift within the market during the pandemic, object reuse significantly helped in supporting these business objectives, Liubinskas says.
“Reusing APIs to integrate their restaurant fulfillment services and local and regional menu services was essential for our clients to onboard different vendor options,” Liubinskas says. “Through multiple tiers of reuse, Capgemini was able to leverage full API executable reuse, source code snippets reuse, API pattern design reuse, and integration pattern design reuse.”
Enterprises should focus on leveraging pre-existing code, “which will ultimately improve efficiency and cut costs,” Liubinskas says.
At Pitney Bowes, a provider of mailing and shipping equipment, the strategy has been to leverage “framework-style coding,” storing reusable proxy resources in the company’s source code repositories that can be reused across development efforts. “In this way, frequently reused proxy code components can be written once, maintained in one place, and all teams get the benefit of well-thought-out reusable functions,” says James Fairweather, executive vice president and chief innovation officer.
Look outward
APIs can not only be used to support all kinds of back-office business processes; they can also help enable external services that add business value or enhance customer experience.
In addition to fostering reuse, another of Pitney Bowes’ main objectives with its API development strategy is to create new, external-facing services that clients and partners can access and integrate into their own applications and systems.
“The metadata on the usage of APIs can be an interesting source of signals to drive actions to anticipate or remediate issues,” Fairweather says. “The use patterns of an API and what data is accessed creates opportunities to enhance client experience.”
For example, if an API is being called to track a specific parcel more frequently than the norm, it could indicate that the parcel is of high value to the recipient, late, or even lost, Fairweather says. “We can then take rapid action to locate the parcel and communicate with the client.”