Site iconAxway Blog

API protection: How to create a fortress around your data

API protection: How to create a fortress around your data

If data is the new oil, APIs are the pipelines through which it flows. If they aren’t secure, the resulting spill can be devastating to a business. In fact, it’s estimated that API insecurity results in a loss of $41 billion-$75 billion annually. 

Ensuring API protection involves more than just checking a box. It requires a multi-layered defense that starts with centralized API management and includes measures to establish a robust fortress around your data. Before we look into some best practices, let’s see what can happen when API security isn’t where it needs to be. 

One retailer experienced a $1 million dollar loss due to API insecurity 

I shared the following story in a recent webinar: drawing from a repository of internal APIs with minimal security measures, a popular retailer chose a tax calculation API that required an upgrade to create a better user experience.  

A new version of the API was fully integrated in a few weeks and well-received for the streamlined, intuitive experience it delivered. 

Unfortunately, on the day most retailers drop new releases, the store’s typically booming online sales plummeted to zero. The new API was unresponsive, and orders could not be processed.  

After two hours of trying to mitigate the issue, IT teams discovered the API was overwhelmed by an excessive number of requests. 

The requests weren’t from an external hacker, but rather from a desktop within the retailer’s accounting department, which was running an end-of-month report and, in doing so, sent hundreds of requests to APIs that crippled its use.  

That two hours of downtime translated into a $1 million dollar loss in sales. 

See also: Round up & secure APIs for universal API management.

API management needs to account for API protection 

The real-world example shared above is a testament to two factors:  

 

 

The moral of the story is that security isn’t an option for APIs — it’s a necessity. It’s important for API developers to include the documentation internal and external app developers need without the red tape. This could include instructions on effective use of the API or details on self-service capabilities.  

Similarly, the degree of attention given to security can make or break an API’s value to your business. So naturally, when it comes to APIs, the policies around data protection must be a priority. 

Learn more about API security with these 12 essential best practices. 

What does good API management look like? 

One of the foundational elements of proper API management is having a uniform approach to policy enforcement. You’ll want to secure APIs in a central location so you can create a consistent, comprehensive defense that is easy to update and monitor.  

With this foundation in place, you can focus on implementing a series of measures that support API security such as: 

Manage your API ecosystem with Axway’s Amplify Platform 

As the sprawl of APIs and their associated gateways grows, so does API complexity – often at an exponential rate. 

Axway’s Amplify platform can help you manage your API ecosystem more efficiently.  

Amplify is an API management platform that offers a universal approach to API governance. Featuring built-in capabilities for access control, data privacy, threat mitigation, and more, Amplify is designed to ensure your APIs adhere to the highest security standards based on your digital infrastructure. It offers the exceptional visibility and control that businesses need to develop and deliver secure APIs faster. 

We’ll leave you with another real-world example… 

A data platform provider for the healthcare, energy, and finance sectors, was dealing with a complex API landscape. Multiple in-line API gateways led to growing security concerns.  

In an effort to avoid API duplication and foster reuse, IT teams adopted the Amplify platform, which offered a single pane of glass into all APIs and enabled robust API security, compliance, and business insights. 

Discover more customers succeeding with the Amplify API Management Platform.

The impact has been notable. The company reduced API duplication by 40%, eliminated security incidents, and increased operational efficiency by 30%. 


For more insights into unleashing the power of secure APIs, watch this webinar.

Exit mobile version