SensediaSensediaSensediaSensedia
  • API Products
    • API Management Platform
    • API Governance
    • Event-Driven Architecture
    • Service Mesh & Microservices Architecture
    • PCI
    • Flexible Actions
  • API Services
    • Consulting & Professional Services
    • Developer Experience
    • API Care
  • Solutions
    • Insurance
    • Open Banking
    • Retail & E-commerce
  • Blog
  • Contact
    • Contact
    • Customers
  • Career
  • English
    • Portuguese (Brazil)
    • Spanish

API Governance and Strategy: why it must be considered

    Home API API Governance and Strategy: why it must be considered
    estratégia de Monetização de APIs

    API Governance and Strategy: why it must be considered

    By Eduardo Arantes | API | 0 comment | 23 April, 2020 | 0

    Based on Gibson Nascimento’s webinar

    We’ve already talked about some opportunities here on the blog about the three forces that are driving the architectural models of companies. These pillars will serve to guide technologies, and how IT infrastructures will need to adapt to these new demands.

    To recap, we’ll briefly quote these forces here:

    Multi-experience

    The evolution of experience delivery has been remarkable over the past decades. If we think about it, 30 years ago this was not even a very relevant topic, since the availability of products and services was much lower. Today we have evolved into a much more complex structure, with an immense variety of suppliers of the same type of product or service. As a complement, experience has become a central theme in business strategies, requiring specialists to improve deliveries.

    In a first scenario, we can recall the unique channels (physical) for contracting. The client needed to go to a store to make a purchase or hire a service. Later, new channels appeared, such as telesales, mobile and more recently internet. However, the connection between these channels practically did not exist yet.

    Today we see the expansion of channels, with omnichannel being a reality, and APIs serving as the basis for enabling organic functioning between them. This technological evolution brings many possibilities to be explored, but the degree of complexity for managing all channels grows exponentially. At this point we can still add integrations with several partners that are part of your ecosystem with a range of API drives that need to be monitored.

    Multi-cloud and hybrid-cloud

    Evolving infrastructures are also quite significant for the increased complexity of management. In the past, the scenario was of internal infrastructures, with multiple virtual machines that could be controlled, since they were still part of the same infrastructure. Later, the migration to the cloud began to be adopted, with an increase in management difficulty, since the infrastructure becomes a third. 

    Today the containerization is solving many difficulties of IT teams, on the other hand the complexity also brings challenges, especially in the mobility of deploys of these services in different clouds.

    Besides that, we have the hybrid model, which has been increasingly adopted. In this scenario, the approach is broader, as multiple services, from different clouds talk to each other. Here the scenarios can vary a lot, such as services in private clouds, which connect to public clouds services. The model is quite advantageous in relation to costs, and even security of service stability, but here too there is a large degree of complexity that needs to be analyzed, especially regarding the traffic of this data between clouds, and if there are no gaps to be explored, because we are dealing with internal and third party clouds that are connected and exchanging data.

    Basically here they approach an idea of the evolution of the scenarios that IT teams face and how to deal with it all generates an effort from the companies, often placing a heavy burden on the teams, who need experts dedicated exclusively to such functions that ensure the performance and security of the APIs and the business as a whole.

    Multi-service explosion

    When we talk about complexity management, perhaps here is the most critical point of the operation. In the beginning, it was just a one-piece, which was being broken into more bits. Nowadays, with the expansion of microservices the amount to be managed is quite large, and we don’t stop there, because we can still have serverless within the architecture. In other words, the complexity in this scenario is quite large, and results in great challenges within the company to deal with all this, besides, of course, providing new products and services through APIs.

    Why is Governance important?

    Having clarity about everything that is happening internally is fundamental to the health of the business. Imagine having to deal with all those factors that add a very high level of complexity and not having the right tools for it. It’s not hard to realize how much this can burden your teams, and suddenly find yourself in a scenario with more human effort to avoid problems than to solve them. The costs are very high, and the chance of things getting out of control too.

    Let’s look at three models of governance that are happening today. 

    Centralized model: a team that centralizes all reviews and approvals of any kind of change in architecture. This can be from new features or updates. This approach is quite costly to the team, since it is necessary to rely on the human factor for all revisions. 

    Decentralized Model: Quite similar to the previous model, but here we can have subdivisions that can take care of certain topics. Here there is a gain since we have a range of minor revisions to be made, but still all teams have to be aligned with each other to ensure standardization of routines.

    Distributed model: In this third approach, the model is basically to have several teams for specific products, and each team is a specialist only in this product, knowing in detail what each one does and how they can best be exposed. Thus, ensuring the governance around each one of these products.

    Pillars of Governance

    Keep It Running: Ensures that your APIs are always running, especially managing the available versions, and also that they are all working.

    Managing complexity: Provides the inputs so your team has full understanding of the available APIs, ensuring that your developers have clarity about the complexity of environments.

    Security and Compliance: Ensuring correct access to APIs is critical to ensuring security. So be clear about who has access to your APIs and whether they’re just the right people.

    Value Cost and Business aligning: APIs need to deliver value to the business. So, make sure APIs fulfill that role, otherwise they will be useless.

    Adaptive Governance

    As the name suggests, Adaptive Governance is the possibility of adequacy to several business scenarios, guaranteeing agility and adequacy to specific operation contexts. For example, models based on Control need much more complex and essential routines and standards to ensure a good operation, as in the case of banks and financials that deal with sensitive customer data. For Agility-based models, each team has clarity of purpose and control over its own APIs. Finally, the Autonomy-based model is the automation of all these Governance processes, ensuring that only the APIs that meet the necessary requirements are released. 

    These concepts, when well applied and adapted to each of the companies’ scenarios, have a direct impact on the business, mainly in cost reduction, since their teams can be relieved and directed to more strategic activities. Another important point is risk mitigation and compliance, since automated and standardized routines ensure that deploys are made with higher quality, and that control of the operation is maintained.

    Why Sensedia Adaptive Governance?

    Sensedia Adaptive Governance is the new module of the Sensedia Management Platform API that offers a low-code interface with advanced features for Adaptive API Governance, including:

    • Advanced API catalog with attributes and detailed search;
    • Graphical display of dependencies and impact analysis;
    • Definition of requirements and models for publication of APIs;
    • Automatic checking of policy enforcement and creation of workflows;
    • API Interface Completeness Score;
    • Configurable and preventive alerts;
    • Timeline of changes (audit);
    • API Governance

    These features add to the governance-related features already native to the Sensedia API Platform, for example:

    • Customizable, real-time dashboards with technical and business metrics;
    • Configuration of access plans and application of security resources;
    • Complete logging & tracing (payloads and additional data);
    • Creation of teams, roles, permissions, environments;
    • Version and deploys control, automatic creation and updating of documentation;
    • Dev portal for publishing and organizing APIs; 

    In addition to the Sensedia Adaptive Governance module, Sensedia’s consulting team has developed an API Governance playbook to support its clients in setting up an API Governance Team and defining governance models, policies, standards, security mechanisms, KPIs, impact analysis, API prioritization, workflow configuration… – in order to ensure the control and evolution of their digital strategies with APIs.

    No tags.

    Eduardo Arantes

    Content & Communications - Ajudando a conectar ideias através de APIs

    More posts by Eduardo Arantes

    Related Post

    • Aumento sazonal na prática

      Capillary action: how e-commerces thrive

      By Lucas Tempestini | 0 comment

      To make your business grow, it’s necessary to reach as many prospective new clients as possible, besides developing customer loyalty from previous clients. For that, investing in creating capillarity has a fundamental function. Amazing! But,Read more

    • What REALLY is Omnichannel?

      By Lucas Tempestini | 0 comment

      Omnichannel, multi-channel, crosschannel… I bet that you have already found these terms sometimes when searching on the Internet. You have even read some things about omnichannel, maybe you already know what it is. But doRead more

    • Health Insurance market with wearable technology

      By Eduardo Arantes | 0 comment

      Soccer with friends on Saturday… The first 10 minutes go well, you run through the sides, throw deep passes, and even score a goal in a rebound from a shot. And from the eleventh minute on?Read more

    • lo que CIOs necesitan saber sobre APIs

      What CIOs must know about APIs

      By Lucas Tempestini | 0 comment

      We’ve already written multiple articles here in the Blog about how APIs are part of our daily routine, from login on websites through our social network profiles, to the color of your house’s lamps dependingRead more

    • Sensedia ready to go International

      By Lucas Tempestini | 0 comment

      Sensedia, a Brazilian technology company focused on APIs (Application Programming Interfaces), Agile Architecture, and API Management solutions is starting its business in the US. For the first time in the Gartner’s Magic Quadrant for FullRead more

    • What CIOs need to know about Microservices

      By Lucas Tempestini | 0 comment

      Microservices has gained a lot of strength during the last few years, and no wonder why. With poster boys like Amazon and Netflix, it’s hard to argue against it. But what do CIOs need toRead more

    • What CIOs really need to know about Partner Ecosystems and Integrations

      By Eike Malavasi | 0 comment

      Imagine if everything your company needed to create was a platform, working as a means of communication so that a range of users could add content and create value to your business. Or that yourRead more

    • Open Banking

      What is Open Banking and why it can make all the difference?

      By Lucas Tempestini | Comments are Closed

      Think about a while ago, when banks started to offer digital services, like Internet Banking or apps. How did you feel? Comfortable, modern, with a first-class service? Before that, could you imagine yourself performing aRead more

    Leave a Comment

    Cancel reply

    Your email address will not be published. Required fields are marked *

    Categories

    • Analytics
    • API
    • Digital Business
    • Events
    • Internet of Things
    • SOA
    • Uncategorized

    Tags

    Acquisitions API API Design API Economy API Management API MANAGEMENT PLATFORM API MANAGEMENT SOLUTIONS API Platform APIs APIs Management Architecture Banks Business Business Model Development Digital Ecosystem Digital Experiences Digital Strategies digital transformation eCommerces ecosystem Ecosystems Event Driven Architecture Events Financial Services Full Lifecycle API Management Global Health Home Home Insurance Innovation Insurance APIs Integration Integrations International Management Market MicroServices Omnichannel Partner Partners Ecosystem Retailes Security Strategy Technology

    Recent Posts

    • Black Friday Post – The Via Varejo experience
    • The importance of a good support service
    • Optimizing Event Driven Architecture in Java (from the low level)
    • The importance of using metrics in APIs
    • Preparing for Black Friday | E-commerce
    • Política de Privacidade
    Copyright © 2020 Sensedia | All Rights Reserved
    • API Products
      • API Management Platform
      • API Governance
      • Event-Driven Architecture
      • Service Mesh & Microservices Architecture
      • PCI
      • Flexible Actions
    • API Services
      • Consulting & Professional Services
      • Developer Experience
      • API Care
    • Solutions
      • Insurance
      • Open Banking
      • Retail & E-commerce
    • Blog
    • Contact
      • Contact
      • Customers
    • Career
    • English
      • Portuguese (Brazil)
      • Spanish
    Sensedia