Q&A: APIs needed to accelerate IoT growth, says CA

September 7th, 2018 | by Alfred Siew
Q&A: APIs needed to accelerate IoT growth, says CA

Mehdi Medjaoui. PHOTO: Twitter

With billions of connected devices coming online with the Internet of Things (IoT), one of the big challenges facing enterprises is having a way to connect them all on a simplified platform.

How best to use the data they provide for as many people as possible in the organisation? All this, while ensuring that the data only gets into the right hands, not hackers.

Mehdi Medjaoui, lead API economist at enterprise software company CA Technologies, argues that APIs (application programming interfaces) will be crucial to IoT deployments.

The sheer speed that is needed to make sense of the data from these devices means that enterprises cannot build everything from ground up, he says. They have to connect through ready-to-go APIs, he notes, in this month’s Leaders Q&A.

NOTE: Responses have been edited for brevity and house style.

Q: Standards have become an issue for IoT, as more devices come online. What are we doing to make it easier to manage all these devices?

A: As the IoT market continues to grow in the region, one of the key challenges that organisations face is the lack of a single platform of standardisation, due to the multitude of language, protocols and standards as well as the heterogeneity of connected things.

This can lead to challenges in ensuring scalability, interoperability and security of IoT devices and networks. And the massive IoT opportunity in the market might be dramatically undermined without seamless and secure data-sharing.

To unlock the potential of IoT, data must be open and accessible to trusted third parties – and secured against others. And developers must be enabled to quickly build and deploy powerful mobile apps that use IoT data to deliver exceptional customer experiences.

APIs enable the secure flow of data between systems, devices and developers without the need to build new systems or write complex, custom code. With APIs, systems can interconnect and share data without having been built with this goal in mind.

Although data will be coming from sources as different as sensors, mobile apps and business systems, it can be integrated into a common format and central system from which insights can be drawn.

Through APIs, developers can control and simplify access to apps, and can create reusable interfaces that apply common security and management standards to new connection points, allowing more data to be available to more developers and partners. This opens up a variety of new business opportunities for organizations.

Q: APIs make it easy for different software and devices to connect but how do you manage your APIs as they grow in number?

A: In today’s digital economy, IoT initiatives require app development speeds that cannot be accomplished by building new applications or features from the ground-up. It demands near real-time propagation of events and data, and the re-use of data and interfaces through APIs.

However, in many organisations today, data sharing and integration are slowed by silos, and enterprises are increasingly seeking to fuel collaboration and enable developers with the resources to succeed.

In addition, data exposed via APIs can also be vulnerable to breaches or misuse, and poorly managed security can inhibit application performance or slow development.

Organisations have to develop a centralised API management architecture. API management is not simply a technical requirement. It will inevitably play a role in the business success of any enterprise API program.

It is vital for businesses that embrace IoT as part of their digital transformation strategy to actively engage and manage developers to ensure they build apps that create business value.

For most enterprises, an API management infrastructure will prove essential to designing, deploying and maintaining APIs that developers will use to create truly powerful new apps to support IoT initiatives.

However, developing such an infrastructure internally can be a significant challenge. Thankfully, a range of enterprise software vendors now offer API management solutions that remove the need to develop this critical infrastructure in-house.

No matter what type of API an organisation wants to expose, it will need an API management solution that can address several basic but critical areas such as security and life cycles.

Q: Mainframes are still a big part of the business for CA. How do you connect the data on these machines to a growing array of IoT devices?

A: Mainframes today are at an inflection point as many organisations are pursuing a “connected mainframe” strategy.

There is a treasure trove of strategic business assets that reside on mainframes. Many companies are finding ways to extract value from them, and the connected mainframe strategy is one effective approach.

Key steps in achieving the connected mainframe focus on two broad sets of initiatives – modernisation and integration.

You have to create a platform that is integration-ready within the data centre and with the outside world and subsequent business innovation. You have to connect the mainframe with the rest of the data centre infrastructure and IT processes, as well as opening the platform up to the outside world.

Organisations can integrate their mainframes with the rest of their digital environment, including their IoT ecosystem, with the use of internal and external APIs. This will allow organisations to extend, connect and reuse mainframe applications for mobile apps and IoT workloads.

However, the mainframe is also no longer immune to Internet-based cyber attacks as it becomes a constantly connected member of an organisations’ digital environment.

There are more ways to get to the mainframe now than were ever contemplated by its initial security architecture. As the mainframe takes on new roles of serving up webpages, collecting and analysing the explosion of data legitimately generated by IoT devices, it is now open to attacks from vectors never before possible.

Therefore, the data protection posture of mainframe-dependent enterprises must evolve. You have to prevent the compromise of privileged users’ credentials, constantly monitor transaction volume and be constantly vigilant.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.