Survey: CA Finds API Security, Usability Taking Center Stage
As APIs capture the attention and imagination of more devs, a survey of API professionals finds security and usability now rank as top areas of focus. The survey, from CA Technologies’ Layer 7, polled approximately 180 API enterprise stakeholders, from front-line devs to IT architects. IDN speaks with CA execs.
svp, business unit strategy
“Enterprises use APIs for different purposes, and they demand flexible solutions.”
As APIs capture the attention and imagination of more devs, a survey of API professionals finds security and usability now rank as top areas of focus. The survey, from CA Technologies’ Layer 7, polled approximately 180 API enterprise stakeholders, from front-line devs to IT architects.
One top-line takeaway from the survey is that APIs are becoming popular options for many types of projects.
“Enterprises use APIs for different purposes . . . and they demand flexible solutions that can accommodate a variety of use cases and protocols,” Dimitri Sirota, CA’s senior vice president of business unit strategy, told IDN. “Early on, API projects may have focused on reaching outside devs. But as APIs are proving their value and agility, enterprises are looking to use APIs to deliver core functionality to others inside the enterprise.”
Sirota said the survey points out how the drive to design and deliver enterprise caliber API projects is triggering changes in how companies think about APIs. “Today’s APIs are not simply web services. Successful API architectures need to balance security and consumability,” Sirota said. “Companies can protect their assets against unwelcomed [attacks] but provide developers easy ways to interact and consume what’s behind them.”
CA’s survey revealed this growing awareness of the need to balance security. It found:
- 44% ranked “API security” as their top concern
- 38% ranked “API usability” as their top concern
- 60% said their companies’ current API programs include both private and public APIs.
- 26% were concerned only with private APIs
- 14% were concerned only with public APIs
Sirota wanted to emphasize this last point – the huge amount of interest in using APIs within the enterprise.
“What’s striking about this survey is that it underscores the fact that APIs are not just for external developers. APIs play a critical role across diverse developer communities both inside and outside an organization,” Sirota said. In fact, the survey found API programs will most often target internal devs, he added.
As for implementation issues, the CA survey found when deploying APIs, an overwhelming majority (78%) said they build prototype APIs before launching their API programs. Nearly 25% of API programs currently provide devs at least one SDK. Another 35% of programs intend to provide an SDK in the future.
Another Big API Trend – APIs as Architecture
CA’s survey revealed one more API trend – one that will be most interesting to architects. “In the survey we found API projects are not simply one-off [deliverables],” Sirota said. Rather, API stakeholders are looking to put in place what he called “a foundation” that can ensure APIs are scalable, secure and flexible.
To get more insight on this API foundation, IDN spoke with Ronnie Mitra, director of API design at CA’s API Academy, the organization that led the survey.
Mitra put it this way: “API professionals should see themselves not simply as ‘API developers.’ They are architects in their own right . . . In many [enterprises], we already see API designers thinking about APIs as an ‘ecosystem’ and not simply as ‘an interface.’"
Mitra shared an example. “We found many API professionals working in large enterprises want to migrate or evolve from their traditional web services to APIs,” Mitra said, adding that this isn’t simply recoding SOAP to new generations of APIs. “Enterprises have a deeper concern, and that is how to create a common access layer – one that may be REST or JSON today but also will need to support new [API technologies] as they are developed.”
This approach to API delivers benefits to IT, lines of business and the company as a whole, Mitra added. “Thinking like this can speed up the cycle of innovation using APIs.”
He explained why having a “common access layer” will be important to a company’s ability to continuously reap benefits from API projects. “Not long ago, SOAP was an important API style. But it didn’t adapt for mobile or even Internet of Things. So, for those, new API [styles] are needed that are light-weight and less chatty,” he said.
View a CA Survey summary infographic here
This latest CA survey on APIs follows a survey from last year, where CA found API adoption set to explode. In that survey, some 85% of all enterprise respondents reported they expected to have an API program in place by next year.
“Enterprises are increasingly recognizing APIs as a cornerstone of the modern open hybrid enterprise. APIs are here to stay, and are becoming more and more ubiquitous,” Sirota told IDN at the time.