"Over the last couple of decades, the humble API has reinvented its role in the IT and business landscape, jostling for a starring role in some of the most disruptive and transformative phenomena we’ve witnessed emerge."
— Joseph Feller, Editor
Welcome to another issue, and another year, of Cutter Benchmark Review. In this issue we take a close look at application programming interfaces (APIs). Now, APIs are both perennial and ubiquitous in computing. They've been around since the beginning and occur at every level of the IT stack -- from software-hardware interaction through system software to applications. They reside in protocols, libraries, and frameworks; in fact, they are intrinsic to the design of programming languages themselves. This raises the question: how can something so commonplace be causing so much excitement?
Well, water is common, too. So is air. Heat is also pretty ubiquitous (although we don't get much here in Ireland). And, of course, if I told you the world was spinning, it would not exactly be news. But in the right combination, water, air, heat, and a bit of spin can give birth to a hurricane. This is what I think is happening here.
Over the last couple of decades, the humble API has reinvented its role in the IT and business landscape, jostling for a starring role in some of the most disruptive and transformative phenomena we've witnessed emerge. APIs are at the heart of SOA and the consequent evolution of enterprise (and interorganizational) architecture, and also a key component to our successful exploitation of an increasingly powerful mobile computing space. They do some pretty heavy lifting in the realm of both Big Data and real-time data and are central to transforming social media noise into business intelligence. They are one of the core technologies enabling the "Web as Platform," transforming what was once a file-sharing protocol into both a full-featured execution platform for rich applications and a rapid application development platform for modular and reconfigurable data services. I could go on, but you get the idea.
In short, they are a technological hurricane -- very powerful and thus potentially dangerous. But unlike a natural hurricane, APIs are eminently harvestable. Which is what this issue is about: understanding the drivers, barriers, opportunities, and effective management of API programs.
Like every issue of CBR, this issue employs a simple recipe: take one part fresh data, drawn from a survey of your peer organizations, and add equal parts of insight from the academic/analyst community and from the practitioner community. The result is a data-driven, up-to-the-moment measure of what's going on "out there" and a rich variety of perspectives on what it all means.
Our first article, providing us with an academic/analyst viewpoint, is written by Claude Baudoin and Giancarlo Succi, both Cutter Consortium Senior Consultants. Claude has 35 years' experience and is a proven leader and visionary in IT and knowledge management with extensive work in a global environment. Giancarlo is a professor at the Free University of Bolzano-Bozen (Italy) and Director of the Center for Applied Software Engineering. He brings along his extensive experience in Agile methods, software quality, architecture, design and development, and IT strategy.
Claude and Giancarlo open their article by providing some background on the survey and a clear definition of what we mean by an API program, and by making an important point: the need to view APIs through both strategic and tactical lenses. Examining the survey data, they position our respondent community in the middle phase of the API evolution (moving beyond internal APIs into exposing APIs to partners) and argue that the survey suggests API activity is focused on synergies and consolidations rather than competitive expansion. They go on to suggest that this infrastructural flavor to API activities is a potential challenge -- divorcing API investment from clear business-centric returns and thus dampening high-level buy-in.
Turning to technology -- and technological capabilities -- Claude and Giancarlo provide a welcome reality check, calling for a more methodical "portfolio management" approach to governing API deployment and usage. They then consider an issue that was highlighted in the survey data as one of the primary concerns of our respondents (and their organizations): namely, security. Claude and Giancarlo certainly don't turn a blind eye to the issue, but they do try to quell any undue panic, arguing that with proper systems and processes in place, "it should be possible to avoid paralysis, even if vigilance is still required." In other words, security concerns should be addressed and managed, not allowed to become showstoppers. They close their article with some useful advice, calling again for more systematic portfolio management practices, the need to shift the organizational conversation from the "tactical" to the "strategic" level, and the corresponding need to better educate senior business decision makers about the value-creating potential of API technologies.
Next, Ramesh Ranganathan provides the practitioner perspective on the data. A Principal Consultant at Wipro Technologies, Ramesh leads Wipro's SOA consulting practice, providing both technological and strategic advice to support the application integration, SOA, and social, mobile, analytics, and cloud services (SMAC) integration activities of large enterprises.
Ramesh begins by taking a measure of the impact of APIs on a variety of computing spaces before rolling up his sleeves and discussing the ways in which APIs both support and depend on key organizational capability needs, such as protocol mediation, security, monetization, policy management, and so on. He highlights the capabilities considered most critical by our survey respondents and briefly considers the ecosystem of firms seeking to address these needs. After making the important point that API programs are not one-off projects but rather ongoing endeavors, he discusses the main business and technology drivers identified in the survey, pointing to an API market focused on partnerships, revenue, efficiency, and new business models. Ramesh goes on to identify some of the critical considerations to be addressed in API adoption -- a useful checklist in and of itself. Finally, he looks at two central questions: what kinds of APIs to expose and how to manage the risks in doing so.
I think all our readers will find something useful to take away from this issue. The survey data gives us up-to-date insights into both the drivers behind, and the challenges in the way of, API implementations from a wide cross-section of peer organizations. Our three authors then breathe life into the numbers, highlighting the key trends emerging from the data, speculating on the implications of these trends, and providing useful advice on how to overcome the challenges and exploit the opportunities to be found in APIs.
Enjoy the read!
ABOUT THE EDITOR
In this issue we take a close look at application programming interfaces (APIs). Now, APIs are both perennial and ubiquitous in computing. They've been around since the beginning and occur at every level of the IT stack -- from software-hardware interaction through system software to applications. They reside in protocols, libraries, and frameworks; in fact, they are intrinsic to the design of programming languages themselves. This raises the question: how can something so commonplace be causing so much excitement?