using secure apis to drive digital transformation · api analytics generate deep business insights...
TRANSCRIPT
1 © 2019 Rogue Wave Software, Inc. All Rights Reserved. 1
Disrupt or be disrupted Using secure APIs
to drive digital transformation
2 © 2019 Rogue Wave Software, Inc. All Rights Reserved. 2
Olaf van Gorp
Akana Platform Senior Specialist
Presenter
3 © 2019 Rogue Wave Software, Inc. All Rights Reserved. 3
Agenda
• Setting the stage: the CIO in 2019 – Trends – Challenges – Consequences
• The way forward – Desired business outcomes – Common solution requirements
• The importance of secure APIs – Ensure a secure API strategy
4 © 2019 Rogue Wave Software, Inc. All Rights Reserved. 4
Trends Today’s CIOs are expected to help their organizations drive
more revenue…
…by developing high quality new products and delivering them efficiently through more channels.
This means:
• Leading digital transformation
• Defending against potential disruptors (through proactive disruption)
• Adding channels for partners to embed products and capabilities
5 © 2019 Rogue Wave Software, Inc. All Rights Reserved. 5
Challenges
• Internal: – Legacy systems and infrastructure that are hard to
manage and keep current
– Lack of agility
– Lack of standard integration technology
– Burdensome onboarding for new partners
– Threats of vendor lock-in
• External: – Ever-evolving security risks and vulnerabilities
– New regulatory requirements being introduced, and differing by market
6 © 2019 Rogue Wave Software, Inc. All Rights Reserved. 6
Consequences of these challenges
• Lose market share
• Harm to brand perception/reputation
• Liabilities/litigation/regulatory fines
• Miss market opportunities
• Risk of being disrupted
• High costs of IT
7 © 2019 Rogue Wave Software, Inc. All Rights Reserved. 7
• Increased revenue and shareholder value
• More routes to market
• Faster time to market
• Improved customer lifetime value
• Optimized IT-spend
• Less risk
• Secure, compliant products and services
Desired business outcomes
8 © 2019 Rogue Wave Software, Inc. All Rights Reserved. 8
API management enables digital transformation
Digital transformation demands…
Connectivity : to legacy and new applications
Alignment: between API strategy and business strategy
Consistency: enabling flexible API management and governance
Security: for customers and partners
Akana API Management platform fills those needs, and more…
9 © 2019 Rogue Wave Software, Inc. All Rights Reserved. 9
• Design and build robust, secure, available, and reliable APIs
• Automation of API development and deployment
• Create well-structured APIs from legacy assets
• Deployment model that aligns with my organization’s goals
• Centralized governance
• Ensured security with latest security standards
• Establish, monitor, alert and enforce SLAs
• Socialize and manage partner developer communities
• Configurable analytics for visibility into API traffic
Connect Innovate Secure Manage
Common solution requirements
10 © 2019 Rogue Wave Software, Inc. All Rights Reserved. 10
The importance of a security-first API management strategy
11 © 2019 Rogue Wave Software, Inc. All Rights Reserved. 11
API security matters
"Hackers Swipe Data On 2 Million T-Mobile Subscribers"… "Hackers managed to breach a database by exploiting a vulnerable API..."
"Salesforce Security Alert: API Error Exposed Marketing Data"
"2018 Sees API Breaches Surge With No Relief in Sight"
"Fitness app Strava showed the world how even seemingly innocuous APIs can have damaging consequences when not securely designed."
"Google announced that an additional bug in a Google+ API had exposed user data from 52.5 million accounts."
"Marriott says that 327 million customers had different combinations of name, address, phone number, email address, date of birth, gender, trip and reservation information, passport number, and Starwood Preferred Guest account information stolen. The Marriott incident is one of the largest data breaches in history."
12 © 2019 Rogue Wave Software, Inc. All Rights Reserved. 12
API security is fundamental to digital transformation
• High interconnectedness of technologies and processes needed for digital transformation drives demand for heightened security guarantees and SLAs
• Digital transformation and disruption requires the creation of partnerships and technological collaborations whereby security is at the very center of the value proposition
• Organizations expect to be able to innovate and enhance their business operations while enforcing the best possible security
Involving security in an integral and timely way in digital transformation initiatives accelerates them
Source: https://www.i-scoop.eu/undervalued-enabler-accelerator-digital-transformation-security/
13 © 2019 Rogue Wave Software, Inc. All Rights Reserved. 13
1 Authentication & Authorization
2 App Key Validation/ Licensing
3 Message Security
4 Threat Protection
5 Content Filtering
6 Rate Limiting
Developers
Securing APIs
14 © 2019 Rogue Wave Software, Inc. All Rights Reserved. 14
API Design Design your APIs how you want to
API Security Leverage the latest in security standards
API Traffic Management Establish, Monitor, Alert, and Enforce Multiple Service Level Agreements
API Portal Socialize and manage your communities through targeted developer portals
API Analytics Generate deep business insights from your API traffic through configurable analytic reports
Lifecycle Management Build APIs leveraging DevOps with auditable control
Mediation & Integration Create modern well-structured APIs from legacy assets and multiple backend sources
Deployment Options Choose fully hosted cloud, hybrid, or on-premises
End-to-end capabilities
15 © 2019 Rogue Wave Software, Inc. All Rights Reserved. 15
Proof points
16 © 2019 Rogue Wave Software, Inc. All Rights Reserved. 16
Why corporate leaders choose Akana:
• Comprehensive API Security
– Protects APIs and internal systems from threats
– Supports all industry standards for authentication, authorization, data privacy, attack prevention, and non-repudiation
• Flexible Deployment Options at Scale – Support for on-premises, cloud and hybrid environments
• Centralized, Declarative Policy Management – Automatic policy enforcement and implementation
• Integrated Portal
• Integrated Lifecycle Management • Enables troubleshooting and capacity management • Proven Domain Expertise and Thought Leadership
17 © 2019 Rogue Wave Software, Inc. All Rights Reserved. 17
Forrester leader Rogue Wave Software named a Leader by Forrester Research, Inc. in The Forrester Wave™: API Management Solutions, Q4 2018.
“Akana has particularly strong API security and policy capabilities and good breadth across almost all of our evaluation criteria. Its API user portal is among the most configurable and extensible.”
18 © 2019 Rogue Wave Software, Inc. All Rights Reserved. 18