Even to someone like me, who has worked in Identity and Access Management for over 13 years, it’s pretty amazing how the consumerisation of technology has elevated the importance of what we do from enabling systems which support the business to driving the business itself.
Take the rapidly emerging area of API Management. Once upon a time Application Programming Interfaces were something only software developers cared about. Now APIs are so common it looks weird to even spell it out. With the explosion of Web and mobile apps running on all kinds of devices, APIs are fast becoming the preferred way for enterprises to do business with digital consumers.
As our partner Layer 7 Technologies says: “Increasingly, enterprises are looking for ways to publish APIs to external developers, in order to expand channels to market, create new revenue opportunities, and grow customer loyalty. By exposing data and application functionality to external apps on iPads, iPhones, consoles, and affiliate Web sites, an organisation can remake its business into an extensible platform.”
Leading global companies like PayPal, Visa, MasterCard and TomTom have already done just that, leaving the rest of us to playing catch up. Whether or not it’s obvious in your sector yet, an organisation’s ability to meet consumer demands to access information whenever and wherever they need it has become a major source of competitive advantage. Without an API Management strategy, meeting or driving these consumer demands to stay competitive or get ahead of the game will become prohibitively difficult and costly.
Done properly, API Management is a way to make money and save money – to achieve a size and capability beyond your current capacity. APIs open organisations up to a broader developer community, increasing innovation and agility, reducing the cost of development and making it easier to support new devices, issues that many are struggling with. At the same time, an API Management solution allows organisations to retain control over information assets by implementing solid security and risk management techniques.
As companies and governments increasingly move from dealing with their clients, customers and citizens in person or over the telephone to online and via a range of smart digital devices, Identity and Access Management becomes absolutely critical. With API Management, there are three aspects to this – the APIs themselves, developers who consume the APIs, and the consumers who use the apps. Achieving the right balance between openness and control for each of these groups is important if your strategy is going to be successful.
As an example, an API Management solution needs to make it easy to consume your services while still protecting consumers’ privacy and security. With OAuth and OpenID support you can bring your own identity – provide a social sign-on using Facebook, Google, Twitter etc. – so consumers are only inconvenienced when it is valuable for them to be so. A consumer may be able to log into a Pay TV service to access an Electronic Program Guide via Facebook, for example, but not be able to access their Pay TV subscription until they link their Facebook and Pay TV accounts – a process known in the trade as stepped intimacy.
In fact, the capacity to interact with consumers via social sign-on provides a whole new way for organisations to leverage the value of their information assets. It’s another good example of how the consumerisation of technology has elevated the importance of Identity and Access Management from enabling the business to driving the business.
Which probably makes it a good time to stop. Until next time!