August 13th, 2013

What ist DaaS?

DaaSWe live in the age of Big Data but Big Data is not showing up to the party alone. Fast data and open data are also coming along for the ride. This is why we need an “as-a-service” approach to data sharing. In a recent article for Big Data Republic, I explored the concept of data-as-a-service (DaaS) and some of the operational challenges associated with providing access to Big Data.

The fact that these challenges are not just theoretical considerations was driven home to me by one of our customers, who told me that he simply didn’t have enough IT cycles to keep writing and rewriting all those queries and APIs his customers were asking for.

Similarly another recent article on Big Data Republic, refered to three powerful drivers for machine learning identified by Tibco CTO Matt Quinn – drivers that I believe are equally relevant to data APIs:

  • “A surge of data being liberated from places where it was previously hidden (aka big data’s volume challenge)
  • A need for automation that manages the complexity of Big Data in an environment where humans have no time to intervene (aka Big Data’s velocity challenge)
  • An absolute requirement to create adaptable, less fragile systems that can manage the combination of structured and unstructured data without having a human write complex code and rules with each change (aka Big Data’s variety challenge)”

The efficiency gains and resulting agility and potential for innovation created by data-centric APIs are enormous – not just in respect to open data but also the ability to turn data into an active asset and monetize it. For an inspiring story, head over to Andorra via FastCompany.

Meanwhile, an interesting take on the way IoT is increasingly driving data democratization – and creating new governance challenges in the process – comes from  Christopher J. Rezendes and W. David Stephenson in an article at the HBR blog network. Naturally, the best place to implement and enforce data governance is in the API that provides access to the data.

Secure API design and management is not rocket science. Our API Academy is offering best practices and practical advice on everything from API design to API security to API lifecyle management (and yes, that includes versioning). And if you are curious about how Layer7′s API Management Suite can help your Big Data access challenge, download our Data Lens solution brief or contact me at hreinhardt@layer7.com.

June 24th, 2013

Are APIs the New Toll Booths for the Information Superhighway?

APIs can turn Obama’s Open Data Mandate into city, state, and federal government Revenue.

As the recent Obama Open Data mandate is intended to increase federal government transparency, many agencies are forced to compliance yet have not been provided with additional funding.

The solution to this is tiered API plans and pricing that acts like toll roads for the data flowing out.

As a nation that derives most of its revenue from taxation of citizens and businesses, a new revenue stream can be created from placing tolls on the government data that flows on the information superhighway.

The data flowing out of the US Govt Federal Agencies, States, and Cities is a valuable bi-product of government operations. All of that government “big data” can provide businesses, US and International, with critical information about how to optimize and improve their products and services.  For example, the insurance industry can fine-tune their rates for health and auto insurance policies based on crime data, census data, and IRS data.

Just as drivers pay access to use better and faster roads, data consumers (businesses or citizens alike) will pay for access to use better and faster data resources.  The driver license is represented in the form of an API Key.

The maps we plan out our driving trips are similar to how data is represented through an API Explorer.  The road speed limit signs are represented through API Throttling and Rate Limiting. Will the government eventually launch a Department of API Access, that provides a similar function to a Department of Motor Vehicles?

The tollbooths on the information superhighway are API Gateways, and to pass through either one, the government can require good old-fashioned monetary currency for access.

June 6th, 2013

It’s Official… Layer 7 Joins CA Technologies

Layer 7 and CAThis week, CA Technologies officially closed its acquisition of Layer 7. As a Layer 7 co-founder, this represents the culmination of a decade’s worth of hard work. Equally important, it represents the opening of a new chapter for the company and an opportunity to amplify the vision we have been promoting.

Since our founding, we have preached the vision that enterprises can open their data and application assets programmatically in a secure way. When we started off, the primary driver for opening up was tighter business integration with partners. Today however, the demand for opening up data and application assets has exploded alongside the growth of mobile, cloud, Big Data and the Internet of Things (IoT).

The idea of organizations as walled-off castles is gone. Mobile is forcing organizations to deliver new business apps to customers and employees beyond the enterprise perimeter. Cloud is redefining how applications are consumed and delivered across a hybridized, extended organization. IoT will upend our notions of outside connectivity and data processing. APIs play a central role in making all this happen. Layer 7 gives customers the confidence to open up via APIs, without compromising security or operational integrity.

For us at Layer 7, security has always been a paramount consideration because our customers are enterprises and enterprises care about security. The CA Technologies acquisition reflects a common point of view on how to deliver new business value in mobility, cloud etc. while protecting the data and applications that are the lifeblood of a today’s enterprise.

CA and Layer 7 both appreciate that the old enterprise security perimeter is disappearing and that the only way to effectively enable online business while protecting information assets is to make identity the new perimeter. We need to focus on managing who gets access to what and what they can do with data once they have that access. Put another way, we need to focus on the identity, data and access that drives modern initiatives around Web, mobile, cloud, social and IoT. Together CA Technologies and Layer 7 Technologies offer enterprises the first truly multi-channel approach to enabling the business while securing its information assets.

Looking into the future, one clearly sees the scope for APIs will increase. IoT will make every formerly detached device connected – all through APIs. Where networking used to be about discrete routers and switches, it is now being transformed, via SDN, into something that is programmable and agile – again, this will be brought to you by APIs. And as for the server and storage infrastructure that underpins the data that drives the Web and mobile, Amazon Web Services has given us a glimpse of the future. As the “Web Services” part of that name suggests, APIs will play a significant role in provisioning in management of the cloud.

As we join CA Technologies, we now have the necessary reach and breadth to make Layer 7 the unassailable leader in the API security and management space. For customers, this means more of what they liked plus the ability to accelerate delivery of our original vision. We’re here to help organizations open up via APIs. And we’re open for business.

March 22nd, 2013

Enterprise Mobility & BYOD – Live Interactive Q&A

BYOD Tech TalkCalling all Enterprise Architects, Application Architects and Senior Developers! For our next API Tech Talk, we’ll be discussing Enterprise Mobility & BYOD live on March 26 at 9am PST. My special guests will be Layer 7 VP of Client Services Matt McLarty and Product Manager for Mobile Leif Bildoy.

The BYOD movement seems to be changing the hardware landscape permanently and it’s showing no signs of slowing down. Naturally, this presents both opportunities and challenges. Security managers within the enterprise have less control then ever. “Anywhere access” has blurred the lines of what used to be called the corporate network perimeter.

So what are CIOs and CTOs specifically worried about with BYOD? Well for one, mobile devices can easily go missing while containing sensitive data and employers often cannot even assess the impact of data security breaches from compromised devices. But locking down employees’ personal devices is generally not an option.

So how can enterprises re-assert control over their data assets while still allowing employees to use their own smartphones as they choose? We’ll be discussing this and other questions during out live, interactive Q&A. So, be sure to clear your calendar and join in the discussion on March 26 at 9am PST.

Here’s How to Join the Discussion
Make sure you click Add to Calendar to get the event details and a reminder in your calendar. Then, on the day of the event, click here to join:

To ask questions, you can:

March 8th, 2013

Nation Building in the Age of APIs

I’ve been working with a number of companies lately on their API strategies.  People seem to recognize that having an API is modern day necessity, but they’re not sure how to get started.  Since APIs are viewed as a technical innovations, responsibility for rolling them out is frequently handed to IT groups.

Clearly, there is business value to be attained by companies who utilize an API, and an accessible web API is a requirement for modern corporations.  For companies looking to launch an API, there is a temptation to focus on the technological aspects of implementation.  Good API design, architecture, and infrastructure are vital to the success of a company’s API, but there are other areas to address first.  I am currently reading the book “Why Nations Fail”, and recently read “Thinking Fast and Slow” by Daniel Kahneman.  Although the former is a geopolitical study whereas the latter focuses on the human mind, both share an identical observation that is the foundation of their arguments: a great amount of economic study is flawed because it fails to account for human behavior and tendencies.  I feel the same way about technology.

Every paradigm shift in technology has been driven by both innovation—the new technology itself—and application—how that technology can be used.  In other words, there is a machine side and a people side to every technology change.  The technologists responsible for implementing these changes often bias towards their comfort zone—the machine side—and overlook the people side.  This has led to frustration for companies who invest significantly in new technology only to miss the intended benefits of the change.  For APIs, the people side of the change is especially important.  In fact, the social nature of the API world means there are even more groups of people to consider.  Ultimately, the success of a company’s API will depend on the creation of a diverse community for that API—end users, partners, developers, and more—as well as the adoption of a business model that allows the API to contribute to the company’s bottom line.  Taking the community and the economics together, this means you will need to build a nation for your API.

Some of the biggest companies on the web have taken this approach with their APIs, and I recently explored some of their winning tactics in this VentureBeat article.  Please have a read and let me know your thoughts, and perhaps your own API lessons