We interviewed Colin Tankard, Managing Director of the cyber security and data encryption company Digital Pathways, pictured, in our July print edition. Here he writes of APIs as the new threat.
Application programming interfaces (APIs) have become the must have option for many organisations, with enterprise developers relying heavily on them to support the delivery of new products and services. This is no surprise since APIs allow programmers to integrate functionality from externally provided services instead of having to build those functions themselves.
While interconnections offered by APIs have been around since the first programmes were written, the landscape is changing, especially with the rapid growth of mobile applications. Even legacy applications now have API’s written for them, to extend their life cycle which otherwise would make them redundant, as rewriting an old application to work with new processes would be too costly.
However, with the rise of APIs also comes the potential for more security holes, meaning developers need to understand the risk to keep corporate and customer information safe. The challenges start with programmers’ priority lists, as they tend to be driven by functionality and style rather than areas such as security. This is seen as a speed bump in design. Companies rely on their APIs to build applications that drive innovation and revenue, so there is no room for deployment delays. But many reports indicate that projects have had to slow down a rollout of a new application because of an API security concern.
Furthermore, the increasing regulatory focus on sensitive data leaks is impacting profitability and, the Public is taking notice. Poor API design and security practices are often at the root ..
Support the originator by clicking the read the rest link below.
