Developing Best Practices for API Security

APIs are pivotal to the overall success of a digital transformation. They allow developers to work across the digital assets and across multiple systems with ease. More organizations are adopting API initiatives and are approaching digital transformations with an API-first attitude, according to a report from Google.

“Some 58% say top API initiatives emphasize speeding up new application development; 47% include creation of a developer platform among their core API projects; 32% are using APIs to develop B2B partner programs; and 10% are focused on monetizing APIs to unlock new revenue streams,” the report stated.

But with increased use of APIs comes increased security risks, largely because developers struggle with API security for mobile use. One major reason is that too many developers don’t follow security best practices in the design and development phases.

Sam Rehman, SVP, Chief Information Security Officer, EPAM Systems: “From a strategic/design level, APIs prioritize access and reusability. It allows others to take advantage of what has already been built without reinventing the wheel. Then, they can build on top of what has already been tested, scaled out and, hopefully, properly managed.”

To read the full article, click here.