Early in 2015 I predicted that API management and security solutions, microservices development, and application integration across platforms and devices would converge in a major way. I have been predicting this convergence for quite some time (2015, 2014, 2013); first when we established the concept of the API Economy in 2012, and more recently when we changed our company name and identity. Part of that move was driven by the recognition that SOA was no longer what kept together all the elements of digital access, communication, and transactions. What the market required, and what we provided, was “digital glue” – the elements of API security, application development, API management and integration that are held together through Akana solutions.
While the market clearly bears out the fact that enterprises are investing heavily in APIs, from our vantage point we expect many enterprises to rapidly shift from sideline observers to active participants. This convergence will continue in 2016, but we are going to see far more adoption and practical implementation of services-based solutions that take advantage of secure, innovative API-driven methods. I expect to see some incredibly interesting things happen in 2016:
- API management will emerge as a strategic corporate initiative to help enterprises extend their digital reach
An organization that conducts any aspect of its business through digital channels is most likely using an API. In fact, if they are doing secure digital business with any sort of transaction – commerce, communication, collaboration – their entire business may be DEPENDENT on APIs. Remove the API and you’ve killed the digital element of their business. Even seemingly “traditional” businesses must have an effective API strategy or they will see themselves losing against their digital counterparts who do have a solid API. APIs clearly hold sustainable, repeatable value, but increasingly that value is tied to business success. As a result, we are going to see more executives treat them as strategic within their organizations. While development, security and management will continue to reside within the domain of core technical and product teams, API management initiatives will be prioritized by C-level execs who demand brand, product and revenue growth. API management accelerates the outreach across digital channels, drives partner adoption, monetizes digital assets and provides analytics to optimize your digital transformation.
- Microservices will replace SOA as the primary model for application architecture
We started our company with the foundational ideology that a services-based approach to application architecture and integration provided the most efficient and scalable model. Now we see a vast reliance on service-oriented principles that make up most software development and management. Microservices have garnered much interest because they provide simplicity (unlike an ESB), alignment with agile and scalable development and deployment to enterprise architecture. Flexibility and connectivity are critical to growing organizations, and microservices, with their componentized nature and emphasis on smart endpoints, allow organizations to scale their applications as well as their development and delivery processes. Clarity will emerge as the role of microservices will play as their adoption and usage increases –especially as they relate to services and APIs.
- API developers will embrace continuous integration with DevOps automation
Software development has unwittingly been predicated on the concept of obsolescence. The process of shuffling a product release through antiquated, largely manual operational processes result in a finished product that is outdated before it is even available. Digital businesses rely on speed, and they understand that they need a new model that gets solutions out the door quickly and allows for rapid and continuous improvement. As DevOps leverages new automation technologies and platforms to an unprecedented degree, Product Managers and developers can increase the velocity of change and benefit from a quicker time to market. This allows the Product Manager to quickly take advantage of a particular business climate or, conversely, limit the cost of a failed experiment. As the speed of innovation and competitive pressures continue to build in 2016, we believe that organizations will ‘adopt or die’ as it relates to DevOps and we will see technologies emerging around the amalgamation of DevOps, Microservices and APIs.
- CXOs will use API analytics tools to get a deeper understanding of their digital business
The former Netscape CEO once said, “If we have data, let’s look at data. If all we have are opinions, let’s go with mine.” Barksdale proved to be a solid leader, but no organization should be beholden to guesses and opinions. The good news is that wrapped up in all this digital activity is an ongoing tracking of usage and efficacy. API analytics highlight what is and is not effective, and provide predictive capabilities and analytical components to get a cross-sectional view of the digital elements of your business. You have analysis of how the infrastructure responds to requests from different devices, locations and request types. You have the ability to manage the quality-of-service of APIs, oversee quota usage and troubleshoot and react to problems before they can adversely impact the business. Analytics about APIs have largely been used by API developers and strategists to improve performance, but because they deliver so much insight into the business, they will become an important part of the CXO toolkit.
- API Gateways will become the answer to the requirement for “no-ESB”
We are seeing general themes driving specific changes in application infrastructure. Flexibility, simplicity and access are important for the uninterrupted and elegant flow of information within and across applications, and to users who need that information. API gateways have typically been compliance and management solutions performing the heavy lifting of things like security, routing, orchestration, mediation, auditing and other governance issues. But in keeping with the trend to simplify application management, API gateways are starting to be used more as the answer to “no-ESBs” to quickly integrate applications. This is a logical evolution; API gateways already adhere to security principles and are optimized to deliver API functionality, integration and connectivity.
- Enterprises will make API security their number one priority…and will do so with a sense of urgency
The reality is that when you expose your data and provide access to your applications, you potentially run the risk of making it available in unintended ways. Hackers are getting more creative and there is a never-ending list of security breaches; virtually no digital business is immune to these threats, and a single security breach can do irreparable damage to a company’s brand.
As the use of APIs have become more critical to an enterprise’s operations, the need to secure APIs and their activities becomes more a priority. We already see in Key Findings from the Global State of API Security Survey 2015 that API security is one of the very first items on the list of things that need to be addressed by CIOs and even CEOs. Smart companies will evaluate the balance between “enough” access (or, perhaps, the right kind of access) and a complete lock down. Authentication of users and sources will be scrutinized, DoS attacks and malformed messages will be addressed, and the orchestration and mediation of services and messages will be given proper consideration. We fully expect to see major investments in API security in 2016 and as a result, fewer security lapses for companies.
- The healthcare industry will be recognized as one of the leaders in industry-specific APIs
The healthcare industry is going through a massive digital transformation. Healthcare records must become digitized to ensure that patients’ electronic health records are available, discoverable and understandable as people move around the healthcare eco-system. The healthcare industry is pacing itself to be an example of how to open up and collaborate in order to compete in a changing environment and this is driven by APIs. By working together on a resource specification led by HL7 and by focusing on technology and innovations for hospital operations instead of proprietary integrations and data transformations, the healthcare industry is able to provide better healthcare outcomes, reduce costs, and differentiate their services. The HL7 FHIR specification is already gaining widespread acceptance and will continue to help position healthcare as a first-mover among industry-specific API adoption and usage.
- A new Era for in Open Banking will emerge driven by PSD2 and other regulations
The European Union has taken steps to establish financial services regulations in the form of something called the Payment Services Directive (PSD2) which uses APIs to create a unified payment service driving open banking through competition and increased security. API usage is obviously not new in financial services, but APIs are leading the rapid adoption of PSD2 because of their ability to communicate and facilitate transactions across all different types of secured accounts and data sources. This directive along with the need for secure payments with PCI 3.0 compliance will be a major requirement. We expect to see the financial services sector become a major driver of digital innovation this year.