Any project to open up an information system undoubtedly involves a phase of asset mapping. This may seem obvious when you write it, but how many companies fail to apply it exhaustively?
Lire cet article en français ici.
How should IT assets be organized?
In a recent French study by Axway and the APIthinking collective on API exposure and governance strategies, we noted an excellent score of 82% of respondents declaring that they were carrying out an inventory of their services.
But behind this excellent score lies a slightly less glowing reality, since less than 42% are equipped with unified catalog tools that enable them not only to have an automatic inventory, the only one capable of providing exhaustiveness thanks to universal API management foundation, but also to obtain metrics concerning the concrete use of these services, their level of security, their exposure perimeter and user typologies.
In any case, these metrics will be needed at some point to answer questions from business lines, who will inevitably realize that these API services are new distribution channels for their products.
Securing and leveraging APIs
A unified catalog is first and foremost an IT governance tool. It cannot be treated lightly, with cobbled-together solutions. It is essential that this “control tower” has the industrial-strength qualities required for reliable system supervision.
See also: API catalog + API marketplace: the yin and yang of your digital strategy
What can we say about the 18% of companies who say they don’t inventory or don’t know whether their services are inventoried, except that they are heading straight for an industrial disaster, that their information system potentially exposes their services and customer data without them even being aware of it, and that with the evolution of attack campaigns via these new API attack vectors, they are totally helpless.
The 39% who have cobbled together an automatic inventory or who manage an inventory manually are no better off, as the lack of certainty as to the completeness of the information entered and the poverty of the attributes of these ersatz dashboards do not protect them from a service that is badly or overly exposed to attack.
The importance of a marketplace for a holistic view
The manual or semi-automated management of digital service inventories, as implemented 10 years ago, should no longer be questioned by IT Departments, and investment in industrial tools should be a priority.
Finally, it is thanks to this inventory that the IT department will be able, firstly, to set up a developer portal and, secondly, to decide how this inventory will be used to capitalize on existing APIs in order to transform these API services into digital products.
See also: How API product intelligence helps you measure impact
This is an essential step in supporting the digital transformation of companies, and we’ll soon see how our respondents position themselves on the topics of API exposure and monetization strategy.
Learn more about unifying all your API assets so they’re easier to consume.