Professional Documents
Culture Documents
06 34 54
2012 Exploiting the growing Consumerization Embracing open IT:
Issue 2 value from information: of APIs: Scaling Enabling the permeable
Creating an operating integrations enterprise
model for permeability
Features
2012
Issue 2 Exploiting the growing
value from information:
Creating an operating model
for permeability
Creating open interfaces to engage a
growing digital ecosystem will empower
enterprises to embrace social, mobile,
analytics, and cloud (SMAC) trends.
06
Consumerization of APIs:
Scaling integrations
A new generation of tools based on
RESTful APIs will help enterprise
IT to scale integrations.
34
Embracing open IT: Enabling
the permeable enterprise
By positioning IT capabilities as a
platform composed of open, self-
describing, modular services, CIOs
enable the permeable enterprise.
54
Interviews Departments
21 02
APIs: An architecture for speed Acknowledgments
John Donovan, Sanjay Macwan,
and Jacob Feinstein of AT&T detail 04 Social
how the API program is a driver of Message from the editor
speed in their innovation efforts.
74
24 Subtext
Tapping value in information
David Zanca and Thomas Wicinski
of FedEx Services describe how
FedEx is a connected enterprise
and provides digital access to its
services on the customer’s terms.
30 Mobile
The rising value of
linked information
Mark Noworolski and Peter Leiser
of Streetline detail how they are
transforming the parking ecosystem
with cloud, mobility, and analytics
technologies using RESTful APIs.
Value from atoms
46
The digital indirect channel
Sam Ramji of Apigee explains why
APIs are of strategic importance
to all businesses.
b i ts
Value from
50
Getting into the
Analytics
customer’s context
Devon Biondi of Mashery details
how APIs allow businesses to engage
with customers in their context.
64
Creating a platform
Laura Merling and John Musser of
Alcatel-Lucent share how enterprises
can use APIs to create platforms from
existing assets to unlock new value.
Cloud
68
Users as partners
Brian Katz of Sanofi discusses how
consumerization of IT means enterprise
IT should treat users as partners.
Editorial Advisor
Larry Marion
Copy Editor
Lea Anne Bantsari
Transcriber
Dawn Regan
Laura Merling
Senior Vice President of
Application Enablement
Alcatel-Lucent
John Musser
Founder of ProgrammableWeb
Alcatel-Lucent
Social
Value
Cloud Mobile
bits
Value from
Analytics
from new vendors (see the article, value of the physical product or human-
“Consumerization of APIs,” on page delivered analog service (atoms).4
34) and examines how the CIO should The confluence of SMAC trends is
think about permeability as it impacts driving this shift in business value. PwC
the IT organization (see the article, anticipates that information associated
“Embracing open IT,” on page 54). with products and services will
increasingly account for a rising share
Digital transformation of in the customer’s experience of value
ecosystems: How bits increasingly delivered, as illustrated in Figure 2.
complement atoms
The notion of the digital company Streetline uses bits to transform
has been around for years. Gains in a business built on atoms
operational efficiency can be credited to Parking spaces and parking meters have
a more expansive use of IT to make the always been part of the atoms world.
business run faster and more effectively. One space was available to one car,
That’s a powerful benefit of IT. However, and a meter was a simple device with
few companies outside the pure a coin slot, a timer, and sometimes a
web space have become truly digital credit card capability. The user and
companies in which information and the owner dealt with the meter in a
the ability to act on it creates significant one-to-one relationship and had to be
economic and competitive value. physically present to use or manage it.
5 http://www.streetline.com/manage-parking/for-cities/
Value of experience:
product or service
Known Emerging
Value from Value from
domain of value domain of value
atoms bits
Content Content
Communication
Form Function (unchanging (related
(changing
information) information)
information)
Internal External
Design Usability Digital
to enterprise to enterprise
operations
use use
Permeability
Enterprise Ecosystem
des
no
io n
at
rm
fo
in
g
in
nk
li
m
f ro
l ue
Va
There are many reasons why appliances, cars, homes, and Figure 6.) Such growth manifests
emerging domains of value are based parking meters. This increasing the advantage of Metcalfe’s Law,12
more on bits than on atoms. Some instrumentation, connectivity, which recognizes that the value of a
reasons include the following: and digitization deliver more and network is proportional to the square
more bits into the value system.11 of the entities in the network.
• Bits are increasing—With a
phenomenon such as the Internet of • Bits are fungible and limitless— • Bits persist over time—Whereas
Things,9 products become smarter They can be repurposed, reused, a consumer eventually replaces
through embedded sensors, which duplicated, or deployed in any a car or shoes, the information
produce digital representations number of use cases without being accumulated around that product
of the analog activities. Sensors “used up.” This flexibility multiplies will persist beyond the life of the
convert any type of analog signal, the options created by bits for ongoing atoms. As new hardware endpoints
such as temperature, pressure, or innovation and value extraction. The arrive, bits can be adapted to new
acceleration, into electrical signals value of the bits increases the more values and new endpoints. The
that digitize that information. that multiple parties exploit them, value accumulates over time.
These sensors are increasingly as demonstrated by Streetline.
ubiquitous, and their usage grows
9 http://en.wikipedia.org/wiki/Internet_of_Things
as they continue to become cheaper • Bits can be linked—As RESTful API
10 Caroline Kazmierski, “Semiconductor Industry Posts
and smaller. According to the technologies gain wider adoption, Record-Breaking Revenues Despite 2011 Challenges,”
Semiconductor Industry Association, an information network made of Semiconductor Industry Association, February 6, 2012,
http://www.sia-online.org/news/2012/02/06/global-
sensors and actuators are the smallest information nodes likely will develop sales-report-2012/semiconductor-industry-posts-
semiconductor market segment internally and externally to an record-breaking-revenues-despite-2011-challenges/.
but showed the highest year-to- enterprise, much like the network of 11 See the article, “Consumerization of APIs,” on page 34
year growth of any segment, at devices on the Internet. (See Figure for more details on sensors.
15.5 percent to $8 billion in 2011.10 5.) ProgrammableWeb, which tracks 12 Although initially defined in relation to
telecommunications networks, Metcalfe’s Law today
Today, sensors are in a wide range externally published APIs, already applies to all networks, and it states that the value of a
of devices and environments, reports more than 6,000 APIs, and network is proportional to the square of the number of
nodes in the network. See http://en.wikipedia.org/wiki/
including wristbands, toothbrushes, the number is quickly increasing. (See Metcalfe's_law for more details.
3
mo
6,000
4
mo
5,000
6
mo
4,000
9
mo
3,000
18
months
2,000
8 years
1,000
0
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011
Source: ProgrammableWeb
Scaling integrations requires to think about the SMAC technologies Table 1: The interdependent and
a digital operating model as an integrated whole from a complementary roles of SMAC in
While each SMAC technology has its strategic viewpoint. (See Table 1.) doing work
own unique impact, the technologies
are complementary in support of work But as a collective whole they also
Trend Relationship with work
getting done. The cloud increasingly represent an unusual, perhaps
contains more of the information and unprecedented challenge: how to Social Who we work with
applications that people use. Mobile embrace the comprehensive challenge
devices give people access to the cloud, they create at a technological level Mobile How we get to work
to other data sources, and to each other. without being overwhelmed. Leading
Analytics help them make actionable companies are overcoming this Analytics What we work on, the
meaning of work
sense of all that data. Social media helps challenge by adopting what PwC calls
people find colleagues with whom to a digital operating model. This model is
Cloud Where we do the work
collaborate and co-create. The collective inspired by the open linking tradition
impact of SMAC on the enterprise evident in the web marketplace that is
operating model is so broad that it helps accelerating, driven by SMAC trends.
Figure A: Despite decades of IT investments, most companies do not have a digital operating model
because they could not scale integrations easily, an opportunity possible today with RESTful APIs.
A1 A2 A3
Historically, the front, middle, With SOA, enterprises adopted an The new architectural principle and programming
and back offices of an enterprise architecture using a service bus for model based on RESTful APIs reduces integration
were integrated point to point by integration, creating loose coupling and cost and complexity, so integrations can scale for
tight coupling, suitable only for a the potential for reuse and flexibility. The many internal as well as external uses.
small number of integrations. complexity of integration meant use
remained largely internal to the enterprise. API
Front office
Enterprise
service bus
ice
Ba
(SOA)
off
ck
le
off
dd
ice
Mi
Key source of value Organized around atoms as the source of value Organized around atoms plus bits as the source
of new value
Extent of Mostly analog activities (except digital native Mostly instrumented, connected, digital activities
digitization companies)
Asset strategy Assets exist to fulfill a particular function Assets are platforms and therefore extensible
and are not extensible by others
Key performance Efficiency-centric: resistance to new value creation Customer-centric: increasing value to customer
indicator (KPI)
Nature of Tight coupling among systems of coordination Loose coupling among systems of coordination
interdependencies
Participants in Largely the enterprise itself Co-creation and collaboration with the ecosystem
value creation
Business creation High barrier to new business creation Low barrier to new business creation
potential
s fu n ct Business functions
s in e s io n
Bu s
The
product
The
customer
Customers
Product-centric Customer-centric
Navigating the far-flung functional, than 150 startups. As a result of this care for AT&T, new revenue opportunity
organizational, and technical structure outreach, 40 projects are in the works for SundaySky, and increased satisfaction
to bring new ideas to any large company and 11 are deployed commercially, for the customer. AT&T and SundaySky
can be slow and confounding. For a generating revenue for AT&T and co-created a solution facilitated by the
company the size of AT&T, this had the its collaborators or delivering new transparency and ease of programming
potential to create lengthy delays for efficiencies that benefit customers. to the billing API. Without that, such an
developers seeking to test innovations endeavor might have taken too long.
against the network. Today, external APIs are the key
innovators and developers access The underlying enabler to increase the Making AT&T addressable:
much of AT&T’s network and other pace of innovation is the company’s Network as a platform
capabilities in a self-service manner, application programming interface AT&T has opened up several categories
allowing them to bring new offerings to (API) program. By opening up core of RESTful APIs so far and processes
market three times faster than before. horizontal and vertical capabilities about 4.5 billion API calls every month.
through RESTful public APIs, AT&T AT&T has an aggressive road map to
This new speed is central to AT&T’s has established a digital platform that open new APIs across several service
innovation strategy. Whether ideas drives an ecosystem of network-centric categories. This plan makes the network
are generated internally or co-created services. “It is an architectural choice an intrinsic part of an innovation
with outside innovators, AT&T wants to one makes for speed,” Donovan says. ecosystem and gives AT&T an opportunity
match the pace at which the market is for new monetization by serving
changing and innovating—particularly When a company has the size and consumers and business customers.
around mobile and cloud technologies. scale of AT&T, speed is not easy or
a given. The API program removes Ultimately, the goal of an API program is
“If you have infrastructure assets and organizational, functional, and technical to make internal capabilities addressable
are going to operate at a pace at which barriers to accessing AT&T’s network by others. “Many people think API equals
the external market is moving, you and information assets. Extensive open and open equals free; that’s not the
have to take capabilities—industry- documentation, sample code, immediate case at all. What is needed is a thoughtful
specific or not—and make platforms access to RESTful APIs, and sandboxes architecture that allows you to take layers
from them. And then make them easy for testing are some of the features above and below your platform, and make
to address,” says John Donovan, senior that reduce the friction for a thriving them modular and addressable,” Donovan
executive vice president of technology ecosystem of developers and innovators. says. AT&T’s goal is to make its network
and network operations at AT&T. the most addressable network globally.
Consider the case of SundaySky, a
The emphasis on speed extends beyond company AT&T chose to work with With APIs making capabilities addressable,
technology. Startups participate in “speed after a speed dating session. Telecom the network becomes a platform that
dating” sessions with AT&T executives, bills can be difficult to understand for accrues many advantages. Developers
a fast-paced 20 minutes in which they some customers, particularly when they save time and resources and build on
have a deal or an understanding of start or change services. AT&T’s billing top of AT&T’s assets instead of investing
why not. “We always have some of our system has more than 1,000 elements. in network and telecom equipment
top decision makers in the room—not Confusion stemming from a bill leads to themselves. A platform approach
just the technology leadership, but our high call volume to customer care. Using positions legacy assets for the future
business unit leaders, chief marketing AT&T’s billing API, SundaySky created a by abstracting and combining them to
officers for enterprise and consumer, service that dynamically builds a custom increase their relevance to emerging
and others. Because the key decision video to address customers by name and trends in cloud, mobile, and social
makers are listening to the pitch at the walk them through their bills. In a trial technologies. “APIs give you the ability
same time, we can decide whether to of new subscribers for the IPTV service to better manage the legacy environment
move forward immediately after the (U-verse), the call volume to customer and future-proof them,” Donovan says.
speed dating session,” says Sanjay care dropped by 20 percent among
Macwan, assistant vice president in customers who had access to the video A well-executed API program reorganizes
the AT&T chief technology office. review service developed at the AT&T capabilities to establish consistency and
innovation center with SundaySky. ease of use. It makes an organization’s
In 2011, AT&T met with more than internal knowledge accessible in a
500 startups, and in early 2012, the The result is a three-way win: cost savings
company already has met with more from fewer or shorter calls into customer continues to next page ›
Tapping value
cloud, and social technologies
trends impacting your world?
DZ: What we are seeing is that these
from the very beginning of the company. the hubs—almost everything has to us and the customer. For example,
For instance, in the past we have technology embedded in it and tells us over the years we added more and
distributed desktop software, which where it is or what its state is. Without more scans on a package as it moved
would run on the dock at the end of a the connectivity, we would not get the from pickup to delivery, which digitized
fulfillment line to generate a label. That’s information about the package that more locations and increased the
a production scenario, and we’re fitting we and our customers value so much. granularity of information we capture.
into the customer’s context; in this case, A typical package, over its journey,
somebody who’s operating a fulfillment Connectivity is core to our operating gets scanned more than 25 times
office and needs to generate a label. model, and we have become good at today, and we make a subset of these
enabling, creating, and managing a scans available to our customers.
Today it goes to the other extreme. connected world. Also, we keenly seek
As David said, we are becoming more out new sources of information to Other characteristics also push us to
relevant on mobile phones. Every increase connectivity and, as Thomas be more and more digital. Although
package that gets sent has a recipient. said, make relevant information most people think of us as transporting
Increasingly for all recipients, the available to customers in their context. documents, the company was founded
mobile device is a device that they live on the notion of the fast cycle times
on, as much as any other. I compare PwC: What are the fundamental necessary for critically needed goods,
this to where we were in 1993 and characteristics of having such as equipment and computer spare
1994 when we were deeming the web the connectivity DNA? parts, that must be moved quickly
as the next place for FedEx to be. We DZ: We essentially operate two to repair a broken-down machine or
are growing in that same way now, networks: the physical network of equipment. So speed and responsiveness
as mobile and cloud and social will planes, vehicles, and packages, and are core to our operating model.
have some of the same implications. the second network of information
about the package. The information PwC: What is an example
PwC: FedEx has a long history network is a digital equivalent of of where you are stretching
of treating information about the physical movements of our the edge of connection?
the package with the same assets and packages. Extending and DZ: Looking back, when most other
importance as the package. combining the two networks is how sites were just rendering content, our
How does this principle embody we create value for our customers. tracking service was one of the first
itself in your company? functional web applications. Fast-
DZ: That’s right. In the late 1970s, our On the surface, you may think of the forward 20 years, and our first iPhone
founder and CEO Fred Smith said, “The information as what we present to app was one of the first functional
information about the package is just customers to track their packages. It apps from a business perspective. Our
as important as the package itself.” It’s is much more than that. Indeed, the web applications from 20 years ago
a vision that has given our company a customer wants to know where the and our mobile apps from today both
culture that values information and that package is, but the information about stretch the connections between our
uses it in all we do. The vision embodied the package tells us all sorts of things enterprise and our customers. There is
itself by seeding a connectivity DNA. about our internal quality, productivity, a lesson in innovation here: the ideas
Almost every piece of our business effectiveness, and operations. for both of these came from somebody
is instrumented; it has some degree Information about the package helps in a cubicle playing with the web
of intelligence and automation on it. us run our business better. That comes technology or the iPhone well before
Our planes are all intelligent and they from a digital operating model where the web or building apps were popular.
tell us where they are. The trucks, all our assets are connected and surface We encourage such experimentation
the couriers, the knowledge workers, information to increase overall value with emerging technologies.
expect us to react to changes and resolve medical industry. If a temperature try to have a common code base all
problems if they occur. This is called drops below a certain level, then that across, so you’re not writing custom
intervention—customers are expecting item could be damaged. The customer software for every channel each time.
it. They’re trying to ensure successful can drive an operational change, such Your mobile device may have some
delivery, not just know that something as return, reship, reroute, or any other native apps running, but they are calling
went wrong along the way. That’s one suitable action. From our viewpoint, it’s web services that are the real brains
of the fundamental business shifts that’s an element of being in the customer’s for shipping, tracking, and so on.
causing us to need to provide more context by ensuring successful delivery.
information than we ever did before. TW: You could say that we have gone
PwC: How have the methods from a proprietary specification at
PwC: So in some sense, the for making your capabilities the very beginning, distributing a
customer is becoming part of accessible changed over time? piece of software, to now where we
your operating environment, DZ: We have multiple platforms that we are migrating to a pure web services
and you need to surface more support to interface with our vast pool capability. We’re seeing more of our
information to bring that of customers, and our methods have partners move to using the web services,
value to the customer? surely evolved over time. We started which basically gives them one less
TW: Absolutely. It allows us to have a in the 1970s, making our systems and piece they need to worry about. We’re
closed-loop system with our customers. information accessible by our customers. definitely seeing a market shift there.
A very interesting thing about our As Thomas indicated, the early methods
business is that every transaction is were proprietary, and we gave customers PwC: What are some changes
high intensity. Customers anxiously software and sometimes hardware you are seeing in terms
await their packages. We recognize to access our transaction systems, of how IT operates?
it is the most important thing to the generate shipping labels, and so on. DZ: One change I see is that we in IT
person who’s getting the package, so don’t have to do all the coding anymore.
we try to build the experience and our More recently, we are also using web The key role for my group is to be the
operations with that notion in mind. services, and it is by far the fastest- owner, producer, and platform of the
growing platform right now. Customers services. Business units, even third
More information matters on packages call our APIs [application programming parties, can use the services to develop
because if something occurs, then we interfaces] or web services and access a new capability; they can write the
and the customer can do something real-time information. In either case, thin veneer of code around it and we
about it. Right now, SenseAware gets we empower and engage millions of don’t have to do that. It’s a win-win
used a lot for perishable items in the customers. Underneath all of that, we situation: less work gets added to an
already full IT pipeline, and the new We also have a continuously connected Do you manage APIs as products? Are
capability comes to market quickly. We strategy where we create a thin layer of you thinking in terms of publishing
may be involved in some code review, services, which are independent of end- APIs and making them available?
but we’re going to end up concentrating user devices and use cases. We take our
on being a platform of core services. enterprise services and apply that thin PwC: And are you driving
layer of customer experience services an ecosystem?
And we’re already experiencing this on top, which in turn exposes our DZ: Yes. And how do you manage
because we have third parties that services as RESTful [representational the ecosystem? I think sophisticated
take our software, couple it with their state transfer] web services. Then we enterprises are starting to think
software, and then sell that as part of have all the different types of end- more like a software company—
their capability in the marketplace. user devices flowing across the top. as a platform and an ecosystem.
PwC: So you are co-creating So, we’re powering a new multitude of TW: When I talk about the priorities in
new capabilities? Is this an customer solutions that do not have to be my digital access group, one of them is
easy change to make? fully developed by my IT shop. Thomas to think and act the way a best-in-class
DZ: Indeed, we are co-creating with the and other marketing leaders, as well as software company would, as a company
constituents we serve. And no, it’s not an third parties, can create new solutions that sells software for its own business.
easy change to make. It’s a big change for our customers by using the services We have absolutely been implementing
and needs to be part of IT strategy and we expose. This expands the value this. You called it a business model;
it takes some leadership. At the highest universe a lot quicker than submitting I call them business processes. That
level, this is an architectural change. the work and adding it to our queue. would be very consistent with what
You need to architect your platform a company does that sells its wares.
and environment for co-creation and PwC: One premise PwC has
treat APIs as products that you publish is that all sizable companies Between David’s group and my
and maintain for long periods of time. are becoming software group, we are a pretty big software
companies, although it’s not company sitting inside of this big
PwC: What are the technologies their core business. Do you transportation company. Many of
enabling this change? think of yourself as a software our activities are identical to what a
DZ: We maintain a FedEx Developer company in some regard? big software company does. When
Resource Center, where third- DZ: As we look at our API strategy, I benchmark our group, I actually
party developers from enterprises our web developer center, and how we do it against the leading software
or commercial developers can find share information with third parties, vendors, long before I look at what our
our web services in a WSDL [Web we are starting to think of it more that transportation competition does. So
Services Definition Language] way. The question is what makes a the idea of having a single platform
specification for shipping, office software company. For us, that means: that will support multiple customer
and print, and other capabilities. Are you thinking platforms? Are you interfaces—that’s our mechanism
thinking of allowing others to build to do it in an affordable manner.
new capability on top of your platform?
Peter Leiser is vice president of engineering, We have digitized the process of parking
platforms, and applications at Streetline.
and created new value for consumers,
parking garage operators, and local
governments concerned about parking
enforcement and the impact that
parking-seekers have on the quality
of life in cities. We get two pieces of
information from the field in real time:
occupancy and payment information.
We use this information to transform
the parking process and create a smart
parking ecosystem. [See Figure 1.]
Private parking
Merchants
providers
New sources of data
Source: Streetline
PwC: What’s possible now that time with messages such as, “I have a
was not possible before? special on parking right now near your
MN: In our system, we address several location.” There’s also the ability to
“We often asked ourselves,
use cases. The first innovation is to offer reserved parking. For example, ‘Where can I derive
guide consumers to available parking if OpenTable1 is integrated with the
spots. Parker is our consumer guidance ParkEdge platform, a restaurant could
some value from the
application, available on iPhone and offer a reserved parking space with bits of information
Android platforms. Parker takes the dinner reservations. Similarly, if you’re
parking availability, policy, and pricing a merchant, you could validate parking
that I’m able to squeeze
data, and displays it to drivers in real for consumers shopping at your store. through a wireless
time so they can find parking quickly. Many such use cases are now possible.
We also have a mobile payment
mesh network?’ We
capability inside the Parker app, so PwC: How does the system work? were looking for
you can set reminders for yourself to PL: On the street, we have sensors
add new payment before the parking in each parking spot and meter
something where we
meter expires, thereby avoiding a fine. monitors, as well as wide area network can assign a value to
You can even take a picture of where gateway devices on lampposts.
you parked, and that picture will be Everything is connected to everything.
each one of those bits of
marked with GPS. Then when you’re Information flows from the field information.”
done shopping, for example, and need and is posted to our data center. Our
to find your car, just pop up the picture detection engine generates arrival —Mark Noworolski
and it will show you where to go. and departure information in real
time. This information is published
One of our other solutions is ParkEdge, onto a messaging queue to update the
which is a parking management appropriate systems. We also aggregate
platform that is a self-service solution information about payments from
for private garage operators. Now meters. We have a meter payment
a parking garage operator who has API [application programming
excess inventory in the middle of the interface] to aggregate information
day can access parking-seekers in real from different meter vendors that
all have their own data semantics.
1 OpenTable is a real-time online restaurant reservation
network, www.opentable.com.
mobile and web client consumes from.” PwC: What are some benefits
you are seeing with an API-
—Mark Noworolski driven approach?
MN: One of the interesting things
about our APIs is that the core data
is the same. What changes is how the
data gets used. Different use cases want
parking data presented in different
ways. For example, in Parker, if you’re
MN: Also, through our ParkEdge but there’s also a lot of value to the trying to do real-time guidance to
product, garage operators can enter historical aspect of the data. This is empty parking spaces, you’re not after
their inventory into our system and where analytics comes in. It turns out historical data; you’re after what’s
indicate that some amount of capacity that occupancy varies from day to happening right now or what’s likely to
could be reserved. They can handle day. The advantage of having sensors be happening by the time you get there.
it any way they want: publish their and real-time meter information is
charges, change pricing dynamically, that you can then feed that into a Whereas if you’re sitting in the parking
offer valet parking, and so on. back end that will allow you to look department office and need to see
at historical trends over time. You can what’s going on out on the streets,
PwC: So you instrumented compare one city street to another, that’s a different API on the same data.
parking spaces, surfaced new and if you have a true global reach to In Los Angeles, we will cover close
information, and digitized the that data, then you can also compare to a third of the city’s entire metered
parking process so that it can be how your city is doing to other cities. parking spaces. A parking control
transformed with cloud, mobile, officer now has a global view that shows
and analytics technologies? PwC: You are using RESTful how many violations there are in each
MN: Indeed, that is what we have [representational state transfer] individual city block and can be guided
done. The key for us, as I said before, APIs to publish and share data. by that information to specific blocks.
has been to find information that we What is the strategy behind that? The officer can zoom in, and it shows
could assign value to. It was clear to MN: We’ve had an open business where the parking violations are on
us that real-time information about strategy from the beginning, and that individual block. As the officer
occupancy and payments is valuable to we’ve come to see RESTful APIs as a gets out and writes that ticket, it sends
lots of constituents. You can probably key enabler of that. We use them in information back to the server, and
appreciate that there’s a lot of value our internal development as well as that information then gets republished
to the real-time aspect of the data, in how we interface externally. The to all the other officers in the city.
PwC: Are there benefits outside of know the entire stack and understand debt.” The longer you’re in business
parking to what you are doing? all the interdependencies. Just because and the more things you’ve built, the
MN: Indeed, a key benefit we plan of that, you need to do something like more technical debt you have. That
for is the extensibility of our platform. this. You need to become more API technical debt is really like financial
An example that we’ve considered driven, because if you don’t, you’re debt, where sometimes just servicing it
that’s not directly related to parking is going to have intricate dependencies. ends up eating all your time and capital.
to open up our sensor mesh network I would advise CIOs to not be afraid
to collect other types of information PL: In the past, we ended up with big to start over. If you use this loosely
from the environment. The idea pieces of software. When you looked coupled RESTful API approach, you
being that you could then spur open at it, you could determine what was accumulate less technical debt for every
development of different sensors. shared and what had been added new piece of functionality created.
specifically for another application,
Consider pollution sensors, for example. but it’s all one big soup. That becomes With loose coupling, it’s a lot easier to
Let’s say we weren’t sure whether a maintenance nightmare, because replace modules one by one, piece by
there was a market for those, but we there’s always this problem where you piece. When you have an API contract,
opened up the APIs and we allowed change one thing over here and you’ve those systems that talk to your API don’t
somebody to build hardware that just broken something over there. need to worry about what goes on under
could use our already-deployed mesh the hood. What is important is to keep
network infrastructure to move pollution Now we have multi-tenant, system-of- the API stable, so it needs to be managed
data from highly distributed sensors record APIs. There are APIs for each like a product that would be maintained,
back to pollution control officers. Or use case: a parking status API, a meter supported, and evolved with good
because the APIs are open, we could payment API, a payment status API, change management practices.
get information from some other and so on. It makes it much easier
infrastructure entirely. That data can to organize and run engineering MN: Strategically, you need to take an
be published to our servers, and then it development and much, much easier educated guess about what information
can be mashed up or brought into the to integrate with external code bases. and APIs will add to business value.
Parker app. Anybody could use the open We think API first now. We think, Technically, if I were starting a company
APIs to extend the parking experience “What is the API contract based on the now, or doing an application that had
to include pollution information or use cases?” and that helps us establish a mobile and web component at any
other environmental information. clear boundaries. Even with an internal enterprise, I can’t think of any way to do
application, the question is, “What data it other than focusing on the platform
PwC: How has the transition does that application need?” So you that provides the RESTful APIs that
to RESTful APIs affected drive that through this API framing, the mobile and web client consumes
your software engineering which has the added benefit of not from. This way, you can actually get to
practices, enterprise constraining other potential use cases. market fastest because you can have
architecture consideration, one built in parallel with the other.
and that side of things? PwC: Based on your experience,
MN: If you think of everything you code what would be your advice to
as a module that has an API, it’s much CIOs considering a move to more
easier to run development. As a small openness and more focus on
startup company you have a few people linking to other sources of value
who know the full software stack and both internally and externally?
all the interdependencies in that stack. PL: Internally, we talk about our older
Inevitably as you grow, fewer people practices as having created “technical
e
os
Lo
CORBA Common Object Request Broker Architecture
EAI enterprise application integration
SOA service-oriented architecture
SOAP Simple Object Access Protocol
REST representational state transfer
Low
Nature of Tight
coupling
1960s Now
EDI RPC CORBA EAI Web services REST
(SOA/SOAP)
RESTful APIs enable what PwC calls the The rise of RESTful APIs
permeable enterprise, in which capabilities APIs have been used as a mechanism
“When we step back to see
and assets inside the enterprise are easily for linking programs since the early
what the big revolution combined with assets and capabilities days of software. However, API creation
outside the enterprise. Once the sole and design have significantly changed.
is, we see that APIs are
province of highly experienced software Early methods were proprietary and
the first serious digital developers with deep knowledge of the created interdependent coupling among
enterprise context, APIs are becoming pieces of code and systems. If one
indirect channel.”
the basis for creating digital value chains side of the coupling required a code
that access and act on information from change, the other side was affected.
—Sam Ramji, Apigee
traditional data stores, humans, and an Over time, APIs evolved to reduce the
increasing number of physical objects that interdependency of tightly coupled
contain digital content; in short, we’re interfaces, generally lowering the
witnessing the consumerization of APIs. complexity of integration. (See Figure
1.) Table 1 describes the evolution of
integration and interface technologies
to create distributed systems.
Electronic data interchange (EDI): In use before the 1970s, EDI is an electronic exchange of business information (such as invoices) in a
standardized format. EDI connections are point to point and often use proprietary protocols.
Remote procedure call (RPC) or remote method invocation (RMI): In use since around 1980, RPC is an interprocess communication that
allows a computer program to request a procedure to execute on a remote computer. In object-oriented software, RPC is called RMI. The
details of the remote computer and procedure were hard-coded into the software and were platform dependent.
Common Object Request Broker Architecture (CORBA): Created around 1991, the CORBA standard was defined by the Object
Management Group (OMG). It uses interface definition language (IDL) to enable distributed components to work together. IDL provides
platform independence. CORBA is complex and requires an Object Request Broker (ORB) to facilitate communications.
Enterprise application integration (EAI): Gaining popularity in the mid-1990s, EAI is a mechanism to integrate applications within an
enterprise. Integrations are complex, often point to point, and mediated by middleware. Integrations are tightly coupled and often need to be
re-done with each upgrade of the application(s).
Service-oriented architecture (SOA)/web services: Gaining popularity since the late 1990s, SOA uses a service-based architectural
approach in which software is developed as a collection of services that can be reused in multiple applications. Although SOA can be
implemented using any integration technology, including RPC and CORBA, broad industry acceptance increased with the use of web
services standards such as Simple Object Access Protocol (SOAP). Business functions or processes are rendered as web services software
components. SOA use has been largely internal to the enterprise.
Representational state transfer (REST): In rising use since 2005, REST architecture builds from existing web protocols, allowing large
pools of developers to easily and quickly build loosely coupled, accessible basic web services. Resource based rather than task based,
REST tipped the balance from internal integration to external integration.
Within the last decade, enterprises began However, the use of a REST architecture,
to expose APIs to allow external parties along with associated technologies such
to build new functionality, something as JavaScript Object Notation (JSON),
software companies did in the past. is accelerating the development and
ProgrammableWeb maintains a catalog use of APIs. Some of the most popular
of these publicly facing APIs. (See Figure services such as Twitter, Netflix, and
2.) Its directory has topped 6,000 APIs, Facebook are now processing API calls on
and RESTful interfaces far outpace other the order of billions per day or month.
styles, such as Simple Object Access
Protocol (SOAP).5 (See Figure 3.) Today, APIs are becoming the basis for creating
communication on the web has evolved digital value chains, including digital
from the early days of using SOAP indirect channels previously established
standards to using features of RESTful mainly by software companies and purely
methods, making REST-compliant web-based companies. “When we step
APIs a major class of web services. back to see what the big revolution is,
we see that APIs are the first serious
Service-oriented architecture (SOA), digital indirect channel,” says Sam
which gained wide acceptance using web Ramji, vice president of strategy at
services built on SOAP, has been popular Apigee, an API management vendor.
within organizations as a mechanism for “Although physical indirect channels
sharing information across the enterprise. have supported businesses for a long
time, the equivalent in the digital
domain has been unclear so far.”
5 According to Wikipedia (http://en.wikipedia.org/
wiki/SOAP): “SOAP is a protocol specification
for exchanging structured information in the
implementation of Web Services in computer networks.”
8 years
1,000
0
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011
Source: ProgrammableWeb
One big reason behind the successful scalable and undeniably simpler, but
adoption of RESTful APIs is developers’ depending on the protocols, clients, or
“ In the past, everything ability to build modular capabilities servers used, it may have performance
was a heavy integration. with lightweight interfaces that don’t inferior to other integration styles,
require heavy integration. “RESTful such as CORBA. Therefore, a cost-
This meant that if interfaces create a level of simplicity that benefit analysis of specific IT use cases
there was a seemingly didn’t exist previously, and simplicity will determine the optimal integration
always speeds things up, making style that must be implemented.
small need, the cost integrations cost-effective,” says John
of integration was a Musser, founder of ProgrammableWeb. More about REST
As noted earlier, REST stands for
barrier to fulfilling The potential to lower cost expands the representational state transfer, meaning
that need.” opportunities to integrate. “In the past, that a client communicates with a
everything was a heavy integration. server—not directly with the source of
—Devon Biondi, Mashery This meant that if there was a seemingly information on that server. This transfer
small need, the cost of integration was a is done through representations of
barrier to fulfilling that need,” says Devon the state of that resource. The REST
Biondi, vice president of strategy services architectural style for distributed systems
at Mashery, an API management vendor. was developed around 2000, and it is
patterned after the HTTP6/1.1 Protocol.
Despite rising adoption, integration via In RESTful designs, the client does not
RESTful APIs is best regarded as a tool need to know about the implementation
in the integration toolkit, and is not the on the server. The server is free to store
right solution in all use cases. Each of the data as it likes, and the client can store
integration approaches in Table 1 have the same information differently. This
their advantages and disadvantages. loose coupling means that as long as the
For example, a REST architecture has interface is stable, the implementation on
added benefits such as being highly
6 HTTP is Hypertext Transport Protocol, the protocol
used for communications on the World Wide Web.
3,500
3,000
REST
2,500 Distribution of API
SOAP
protocols and styles
JavaScript
2,000
XML-RPC
Other
1,500
1,000
500
0
2005 2006 2007 2008 2009 2010 2011
Source: ProgrammableWeb
SOAP REST
How Directory HTTP packet
communication
happens Service description in Web Services HTTP command RESTXML payload
Definition Language (WSDL) GET, PUT, POST, DELETE data representation
http:// http://
</> </>
SOAP SOAP
HTTP client HTTP server
XML
Services provider Services consumer REST-aware client SSL and HTTP authorization
REST-aware application
Capabilities expected from all vendors Capabilities available from leading vendors Capabilities to expect in the future
Free developer tools and tutorials Developer community portals— Face-to-face or personalized
proactive community building through developer outreach—for example,
wikis and forums organized hackathons
Tools for developer access Analytical tools for usage trends, API/business strategy analysis
management and authorization customer analysis, and brand awareness
Traffic control and management External threat management SOA governance aligned with API
management for private enterprise APIs
Table 2 shows the broader group of Figure 5: Life cycle for adopting and benefiting from APIs
capabilities and how they are evolving.
Fitbit Health and This wireless device tracks calories burned, Digitizes fitness information and tracks
personal care steps taken, distance traveled, and sleep activity continuously, and correlates with
quality and uploads reports to a website. outcomes such as weight and BMI
A Wi-Fi–based smart scale tracks weight,
body mass index (BMI), and percentage of
body fat.
Ginger.io Healthcare This mobile app collects data from a Digitizes health information, including
smartphone sensor and analyzes the psychosocial state, with automated and
data for subtle signals of behavior change self-reported data
that could signal changes in health status.
GreenGoose Internet of Things Users apply sensors to everyday things such Finds value in everyday activities through
as a toothbrush or garden rake. The company a sensor embedded in data collection
analyzes the data for behavior patterns. The and analysis
data translates into points, which then can be
used in games on the GreenGoose website.
Jawbone Health and A sensor embedded in a wristband measures Records actions automatically; provides
personal care physical activity and sleep patterns and sends the ability for users to also self-report
data to the user’s iPhone. some information
SenseAwareSM— Shipping and Multiple sensors in a package give near- Facilitates finer control of sensitive shipments
powered by transportation real-time data such as location, temperature, by using sensor-driven data collection
FedEx light exposure, relative humidity, and
barometric pressure about a particular
shipment via integration with a collaborative
web-based application.
Shopkick Retail shopping With this sensor-driven mobile commerce Creates a digital record of customer
app, users collect “kick” rewards for walking shopping behavior in a brick-and-mortar store
into participating stores or for scanning
product bar codes. Kicks can be redeemed
for rewards.
Streetline Public sector The app uses sensors and a real-time parking Creates an entirely new field of data
data feed to collect and distribute real-time collection, as it would be prohibitively labor
parking availability information to drivers via intensive to manually collect such data
text and smartphone apps. The app also uses
real-time data analytics to adjust meter and
garage prices to reflect supply and demand.
All of this feeds back directly to the the devices from which you are able
question, what is the economic basis? It to access them. The company did not
is unlike the web, where 1 billion web- need to perform all the R&D to learn
connected humans were mediated by how to build the software for each of
half a million developers. In the future, those different devices. Instead, Netflix
probably 5 billion device-connected said, “Here are our APIs, here are the
humans will be mediated by about 5 metadata APIs where people can log in
million developers. The value of each and discover content, here is the Netflix-
developer just went up by a factor of branded partner-restricted media,
20 to 50, and those developers are able and here is the codec to do license
to build many apps in their lifetime. management.” Netflix was in the role
of being QA; no engineering required.
PwC: Much of REST and JSON
adoption seems to be among So API use shifts not just the cost but
digital-native and Internet it also changes the agility, because
businesses. What is the relevance the ecosystem has changed from a
to non-digital-native businesses? vertically integrated monolithic business
SR: The API game is about unlocking concept to a distributed business
latent value in data and information where winners and losers can establish
assets by combining them with other themselves in the market without you
internal or external assets. The winners over-investing in any single one.
in the API game overall are going to
be the smartest legacy businesses, PwC: How do trends we have
because they have an unfair advantage talked about impact the IT
of decades of transaction data as well organization of any enterprise?
as other information and data assets. SR: There is clearly an impact at the
They may have only a decade that’s edge of the IT organization. The web
worthwhile, but they have that. In this taught business self-service. By making
market, if companies can overcome information and transactions open
their organizational inertia, incumbents and accessible, businesses found that
actually have every opportunity to be the customers could serve themselves.
big winners in each industry with APIs.
The next level of self-service is self-
PwC: What is the impact on service on the data, both for internal
the software engineering and external use. It is about opening
practices of organizations that data. For example, let’s say a marketing
need to adopt and offer their professional has $150,000 at the end
capabilities via RESTful APIs? of the quarter and gets an ad agency
SR: Since APIs really promote to build a mobile app to influence
co-creation dynamics, where you create the competitive dynamics in the
new value directly or indirectly with marketplace. How will they enable
third parties, the engineering and it to get access to corporate data and
R&D burden is shared with the digital transactions? How can they do anything
supply chain. For instance, Netflix uses with it if access to corporate data is not
APIs to get its services quickly on all easy? How long will it take? When an IT
Use of APIs started with an iPad was in place, they realized they could PwC: Many companies fear
project, and now all the publication’s expose it to the next development, opening up capabilities. How
mobile efforts are being driven by APIs and then it spread from there. should they handle the risk?
because the organization has seen DB: I too hear many times from clients,
how it can develop quickly with APIs. PwC: What are some best “There’s no way I’ll let my brand be
Also, APIs do not need to be public practices in using APIs exposed in that way.” My view is that
at first. For USA Today, it started as a that you are learning? all companies are already open to some
small project for an internal use case, DB: The best designed APIs are extent; some of their data is already out
and now the organization has since designed for a public audience, even there. Someone can scrape their website
released a number of public APIs. though the most value in terms of for publicly available data, and there is
consumption will be with strategic a lot there. On a website, a lot of people
PwC: Are customers changing partners. You want to design with are getting data through means that are
their development practices? the broadest audience in mind not doing a service to your company.
DB: A key change is that those who so you can still get value among However, if you expose it as you would
are actually building the end-user the long tail of developers. with an API program, with terms of
experience will first ask, where’s the service and controls on ways of use,
API? Developers are increasingly Another best practice is to look at you can start to build much healthier
expecting APIs in more and more places. APIs as products and at your own relationships. There is mitigation
developers, your strategic partners, of some risk in being proactive and
Also, we see that the API culture spreads and long tail developers as customers. exposing information assets with
gradually and virally. Someone doesn’t So companies don’t just release an appropriate terms and controls.
need to start with aligning a lot of API; they release a product line of
people to the API way of doing things. In APIs with different methods, access
many cases, two or three people decided controls, service level agreements, terms
to expose a private API on a few methods of use, and so on that addresses the
to one development partner. Once this varying needs of this customer base.
If CIOs are going to be successful in the ecosystems, CIOs are tapping into
new world of social, mobile, analytics, these value drivers, seeding a digital
and cloud (SMAC) trends, they need to operating model and creating new
think differently. Legacy ways do not strategic options for their organizations.
scale well to the possibilities of digital
ecosystems. To increase the speed of RESTful APIs are the catalytic enablers
development and co-create their futures for the open digital ecosystem. They are
with internal and external third parties, the self-describing interfaces and data
CIOs need to adopt a new mantra: go packages organized in business-relevant
open. This co-creation mandates a and logical hierarchies, accessible via
new open platform enabled through HTTP.1 They define the idea of open,
application programming interfaces accessible, self-service interfaces, which
(APIs), especially representational are also important for engaging with the
state transfer (RESTful) APIs. More consumerization of IT trends. By making
than a technology purchase, “go open” an organization more permeable,
is an architectural transformation RESTful APIs establish a universal
necessary to create and participate shared architecture and collaboration
in digital ecosystems and to enable model for linking software and systems
permeable enterprises. (See the as networks, bringing the benefits of
article, “Exploiting the growing value Metcalfe’s Law2 to software components.
from information,” on page 06.)
1 HyperText Transport Protocol
As business ecosystems become more
2 Although initially defined in relation to tele-
digital, the value drivers increasingly communications networks, Metcalfe’s Law
come from the information (bits) today applies to all networks and states
that the value of a network is proportional
augmenting the physical product to the square of the number of nodes in
or service (atoms) it represents. the network. See more details at
http://en.wikipedia.org/wiki/Metcalfe's_law.
By engaging with emerging digital
Who creates
new services
Traditional IT SOA efforts
Only IT
creates
Edge security services The security focus expands from an Edge security services
intrusion prevention orientation to rights
management (certificate for a specific user
for a specific element of data for a specific Edge APIs
period of time). (RESTful, SOAP, and other flavors)
Middleware
(enterprise service bus) A new edge represented by APIs reaches Middleware
deeper into the IT stack and enterprise (brokering, orchestration,
capabilities. Brokering, orchestration, and API gateway)
API gateway take on new importance.
Functional applications and Functional applications and databases likely Functional applications and
databases (finance, pricing, already have been rewritten to expose data databases (finance, pricing,
inventory, web retail store, to the web and provide real-time processing inventory, web retail store,
sales, etc.) of transactions. Prepare for a higher sales, etc.)
frequency of processing from API adoption.
Core security services API adoption will invoke a higher frequency Core security services
of transactions. Optimize for higher
Core applications and databases transaction loads. The highest level of Core applications and databases
(ERP, CRM, transactional engines) protection is mandated for this layer. (ERP, CRM, transactional engines)
APIs, service-oriented architecture also highlights other key changes in each president of engineering, platforms,
(SOA) efforts, or other mechanisms. of the layers when transitioning from a and applications at Streetline, a global
But central IT maintains full control and traditional stack to an open IT stack. provider of smart parking solutions.
responsibility for the full stack from the
core to the edge. In contrast, in open RESTful APIs enhance the commercial Reorganizing and energizing the IT
IT, the information flows between the value of enterprise data and information function for open IT is a key to the digital
core systems and the RESTful APIs and assets in a digital ecosystem. These future. To realize the full potential of a
open APIs. These APIs, which represent interfaces even make it easier to digital operating model, there are four
a new edge or boundary, expose the organize IT in a manner synergistic leadership opportunities for the CIO:
capabilities across the IT stack of the with business, a challenge IT has faced
enterprise and the related information all along. Streetline, for example, • Embrace a new architecture.
assets as services, becoming the building defines business requirements and API
block for new services. Central IT does logic together as the company builds • Address a new audience: internal
not have responsibility for the end- out its digital ecosystem for parking and external developers.
user application at the edge, but has operations. “There are APIs for each
the responsibility to support the level of use case: a parking status API, a meter • Overcome new challenges
traffic and the service level agreement payment API, a payment status API, from openness.
that API usage might entail. Figure 2 and so on,” says Peter Leiser, vice
• Upgrade organizational skills.
Third-party products
treated as critical feature
sets, not optional add-ons
allows a faster pace of application An API-friendly architecture shift “[CIOs] need to get the channel leader,
evolution at the edge. AT&T organized also has implications for IT security marketing leaders, and technology
its API program to match this pace. “It at two general levels. Security for the leaders in one room and say, ‘We
is an architectural choice one makes core is intrusion prevention oriented, have a new channel,’” Ramji adds.
for speed,” says Donovan, explaining and it may also be optimized around
why AT&T created an API program. batch movement of data. Security To expedite the adoption of open
in support of an API strategy is both platforms, some IT organizations
In addition to publishing services for intrusion prevention oriented and establish a developers’ resource center
others to consume, most enterprises rights managed—a certificate issued or an API program by productizing
will also consume external services to a specific user for a specific data the chosen capabilities and features as
to enable their business. Also, all element for a specific period of time. modular services with stable interfaces.
major enterprises do operate a large Although AT&T has had a developer
pool of vendor-bought solutions. New channel, new audience program for years, the company has
The CIO organization therefore will Open IT positions enterprise IT assets accelerated its use of RESTful interfaces
become an orchestrator of services— to engage with the digital ecosystem and related open architecture during the
across vendor capabilities, published internally and externally. For many IT past two years. This transition allows
services, and consumed services—a groups, this engagement will require AT&T and the developers to surface
role that the new architecture will a new competency—to work with a new opportunities to monetize AT&T’s
need to acknowledge and enable. developer community outside the IT network assets. The intent is to make all
organization. With published APIs, of the network capabilities addressable
The growing number of devices used third parties are encouraged to, and by enterprise or commercial developers.
by employees and customers to access will, develop capabilities that will “Where do you put APIs? You literally
enterprise IT is also a consideration in benefit the enterprise and the third put them everywhere. That’s how you do
the new architecture. “We also have parties. “The real opportunity for CIOs internal development; that’s how the IT
a continuously connected strategy is to develop the strategy for how the shop works; that’s how your outsourcer
where we create a thin layer of services, enterprise participates in the digital does development for you; that’s how
which are independent of end-user indirect channel,” says Ramji. For you build services,” suggests Donovan.
devices and use cases,” describes Ramji, the digital indirect channel is
Zanca. FedEx created this thin layer what APIs make possible by giving Such an undertaking is akin to shifting
of customer experience services on access to a large and growing pool the role of the CIO to be more like the
top of its enterprise services to expose of internal and external developers. CEO of a software product company,
them as RESTful web services. one that provides the APIs and software
as part of a proprietary package for Successful developer programs include most enterprise IT organizations have
customers and developers. “When I numerous elements that complement little experience with them. Moreover,
talk about the priorities in my digital each other to achieve market objectives. APIs span a wide range of past and
access group, one of them is to think (See Figure 4.) As they develop their present technologies, as detailed
and act the way a best-in-class software programs, organizations will analyze in the article, “Consumerization of
company would,” says Thomas Wicinski, and consider many features, such as APIs,” on page 34. Going forward,
vice president of digital access marketing program fees, API access fees, and enterprises need to evolve approaches
for FedEx Services. In addition to developer or app certification in their for consuming and offering RESTful
procuring and implementing vendor go-to-market strategies. They will gauge APIs that address several challenges.
solutions, CIOs also need to design and success by analyzing measures such
architect a platform and interfaces that as the number of engaged developers Challenges in consuming APIs:
remain reliable over generations of use. (internal or external), the quality and • Diverse API technologies—
quantity of third-party applications, Although an enterprise may prefer
As an IT organization works to empower the volume of API calls, end-customer RESTful APIs, API architectures,
external developers, it may follow a engagement, and monetization of protocols, and interfaces may
maturity path as illustrated in Figure the service. Measures also extend to vary across publishers of APIs.
3. The journey starts with exposing internal activities. “Another measure This diversity complicates the
some basic capabilities and associated [for the API program] that we’re using development of enterprise and mobile
documentation. As a company matures, is how many new APIs we are releasing applications that serve or utilize
it will attract more developers and as a cadence around our progress in services from multiple providers.
make more comprehensive capabilities opening up more of the network,”
available, creating a partnership- shares Jacob Feinstein, executive • Reliance on provider
oriented business model. “We’re director of new technology at AT&T. capabilities—The quality of
getting faster, and one result is that interfaces may be inconsistent, and
the architecture is shifting to allow Addressing API adoption they may have poor definitions
more partnerships,” says AT&T’s challenges regarding contracts and service
Donovan. AT&T today exposes APIs While the RESTful API programming schemas. Variations in quality
for location, messaging, speech, device model and integration architecture are of service and independent API
capabilities, and billing, and many fairly well established and scalable to versioning schedules across
other APIs are in the future road map. accommodate large enterprise services, APIs can cause disruptions.
Diverse API technologies: • Loosely couple or hide the underlying API technologies of providers through
Reduce the complexity of using an enterprise service interface or gateway to create a consistent service
multiple services developed with architecture, transport mechanism, and data encapsulation method as is
varying technologies from providers. the case with RESTful APIs.
Reliance on provider capabilities: • Expose the service to enterprise applications through generic internal contracts.
Mitigate the impact of provider changes
to service functionality and availability • Divide API functionality into multiple granular services to reduce reliance on
to applications. a single service.
Asset vulnerability: • Encrypt messages sent to RESTful APIs and data that will be stored outside
Reduce the risk of exposing internal enterprise boundaries.
assets while still taking advantage of
third-party RESTful APIs. • Centralize API keys and control access to allow API use by only authorized devices.
• Encrypt traffic between client applications and the enterprise to secure the
transmission of data.
Performance delivery: • Cache responses to reduce the time required for clients to complete round-trip
Accommodate the additional hops vendor API requests.
for RESTful API use while maintaining
performance. • Use enterprise resources for heavy processing and API mashups.
Creating a platform
about your organization
and the efforts that you are
leading at Alcatel-Lucent?
Laura Merling and John Musser of LM: Sure. I lead the application
enablement organization. The
Alcatel-Lucent share how enterprises function of this organization is to
can use APIs to create platforms from drive the adoption of the network
as a platform. If you could turn the
existing assets to unlock new value. network into a Facebook-like platform,
how would you do that? This goal
Interview conducted by Vinod Baya, Bo Parker, and Christopher Isaac has a couple of dimensions: the API
[application programming interface]
dimension and the cloud dimension.
spurring innovation and new value they are available and accessible same time, the goals of modularity,
creation. All carriers have extremely over the public Internet. One of the reuse, ease of integration, and
valuable assets that are effectively previous methods, SOA [service- flexibility apply to both approaches.
locked up in their own networks. Such oriented architecture], generally was
assets include network capabilities, behind-the-firewall web services PwC: Is this largely a change
data about QoS [quality of service], within a corporation—or sometimes about how you deliver the service
subscriber profile information, and call across partners, but classic SOA is or does it influence the business
control. These assets can be used to interdepartmental and within a single models in the industry?
make existing services better or build enterprise. The phenomena growing LM: I see this as a disruptive change.
completely new offerings, to drive for the last few years is really about You can view APIs as a toolkit to
incremental revenues, and to enhance APIs being open and accessible to all co-create value, so they have an
a third party or an enterprise brand. over the public Internet as the Twitter, impact on how value is distributed in
Facebook, or Google Maps APIs are. an industry ecosystem. All providers
Leading telecom service providers need new ways of thinking about
are aggressively using these assets Another differentiator is that an API is their businesses. Now it is possible
to build deep, broad value chains not an SDK [software development kit], to see network capabilities digitized
across previously unconnected market which typically is at either an operating and modularized, and therefore
segments. For instance, Facebook system level or a platform level, such as open to access and manipulation by
recently announced a relationship an ERP [enterprise resource planning] programming code. The network
with AT&T, Softbank, Mobile Corp., system or database. SDKs used a becomes a platform for development.
Telefonica, and others to provide in- very traditional behind-the-firewall It becomes capable of serving
application purchases using carrier programmer interface into a layer of exponentially more use cases. In
payment services. We already have the software. The difference now is emerging markets where greenfield LTE
customers around the globe who that the layer of software is a website. [Long Term Evolution] infrastructure
have demanded that in the next two Typically over HTTP, you access a web is being installed, we see providers
years, all of our products should service endpoint that belongs to another wanting their entire network to
have web-based services or RESTful company. This is a lot easier to do. be API enabled out the door for a
[representational state transfer] APIs nationwide broadband network and
in and out of them. That request is RESTful interfaces create a level of differentiated value to the ecosystem.
not just for our software solutions but simplicity that didn’t exist previously,
for the hardware solutions as well. and simplicity always speeds things PwC: Are these messages
up, making integrations cost-effective. relevant to industries other
PwC: John, you have tracked One of the challenges with SOA was than telecom providers?
the growth of APIs for years. that it was over-engineered for the LM: Absolutely. Broadly speaking, all
APIs have been a part of complex case, which was only about major enterprises have underutilized
computing as long as people 20 percent of the use cases. Owing to assets; that is, the existing business
have been connecting one the complexity, it cannot adapt easily models are not tapping into the full
piece of software with another. to 80 percent of the simpler cases. APIs inherent value. For telecom service
Why the new interest now? today, using RESTful interfaces, make providers, networks are such assets
JM: There are a couple of primary it possible to easily serve 80 percent that can create a lot more value if the
differentiators with APIs now. First, of the most common use cases. At the providers open them up with APIs.
Similarly, to fully capitalize on existing the auction marketplace. Not so. The developers expect to use their time
assets, other businesses must shift to company’s first API was to add listings efficiently. The easier it is for them to
platform-oriented business models that to the marketplace, because that was tap into your assets, the more they focus
allow others to extend their capabilities what was strategic. The winner in the on creating value-added capability
in innovative ways by enabling new auction universe would be the provider and bringing it to market quickly.
applications. This cannot be possible with the biggest marketplace, so to
if tapping into the capabilities is eBay, success meant the ability to grow PwC: Are there any guidelines
expensive, time-consuming, or complex. that catalog as quickly as possible. for where CIOs can focus first?
JM: One easy way is to look at your
PwC: What should enterprises PwC: What should organizations existing portfolio: what’s on the plate
know about using APIs? know to start on this journey? now, and how can any of those high-
LM: One common misconception I see LM: Organizations need to establish a priority projects that are either in
in how enterprises define ecosystems vision of the ecosystem that they will development or about to get under
is targeting the long tail developers create or be a part of and what role they way benefit from an API? In today’s
only. However, platforms that have would play. This vision is dependent marketplace, anything to do with mobile
used APIs successfully, such as Twitter on the existing business model and is a natural candidate. Who doesn’t have
or Facebook, have a small number of the assets that organizations can tap a mobile strategy right now? Nobody.
API users in the ecosystem that drive to create new value. They also should CIOs should take anything to do with
the bulk of their traffic. Twitter actually look for opportunities where they can mobile and make sure it is integrated
acquired the four top companies that digitize existing processes, because with a platform strategy, because
were driving all its traffic. Businesses those processes create the opportunities they’re such a perfect and natural fit.
need to also look for B2B2C [business- to expose APIs. Also, any organization
to-business-to-consumer] opportunities that succeeds with an API has a vibrant Also, CIOs should understand that using
that are real and can scale quickly. developer ecosystem. There are many APIs is an architectural choice and not
best practices on how to attract and a technology choice. Organizations
JM: Indeed, the long tail of developers foster a developer ecosystem, and can build a platform using whatever
is an option but not a requirement. organizations need to learn and their core technologies are. If they are
The requirement is that your audience adopt some of the best practices. It a Java or Microsoft shop or something
for APIs could be anything from your is important to understand that a else, there’s no need to change the core.
own department by transforming your developer isn’t always the guy in the The concepts are neutral regarding
prior SOA efforts to something more garage building the next Angry Birds. language and implementation
systematic, cost-effective, and flexible. platform. Organizations can use
You don’t need to bend over backward We have done studies and learned whatever stack the enterprise prefers
just to have an API; you need to think a great deal about what makes a and may have a mix of them as well.
about that strategically. One of my developer ecosystem—one that spans
favorite examples is eBay. Back in 1999 casual hobbyists to professionals in PwC: Are there any risks
or 2000, eBay opened what really was other large firms—tick. APIs have been to be aware of?
the first API in this class of APIs. Of all with us for a long time, but in the past JM: For CIOs right now, it’s more
the things eBay could have an API for, they always took a lot of time to use and important to be API literate than to be
what do you think it did first? Most make work. Now, thanks to emerging API ignorant. In the future, you’re not
people think eBay had an API to search practices with RESTful interfaces, just going to produce APIs, you’re going
Users as partners
blogger, and you also lead
mobility engineering at Sanofi. A
key impact of cloud, mobility, and
Brian Katz of Sanofi discusses how social technologies on IT is what
is being called consumerization
consumerization of IT means enterprise of IT [CoIT]. What is the trend
IT should treat users as partners. and why is it important?
BK: Indeed, there is a lot of talk about
Interview conducted by Vinod Baya and Galen Gruman consumerization of IT these days. It
is often equated to bringing your own
device [BYOD], in that no longer are
devices (phone or tablet or personal
computer) only what is sanctioned by
the IT function. Rather, employees can
Brian Katz
bring the device of their choice and
Brian Katz is a director and head of the access enterprise services on that device.
mobility industrialization and engineering When I look at the statistics, such as 87
group at Sanofi. He manages mobile percent of companies are doing BYOD,
initiatives and enables the organization to
probably 60 percent to 70 percent of
make advance-ments in mobile services, such
as mobilizing the salesforce, handling BYOD
those companies are enabling e-mail on
initiatives, and enabling new devices and the device. I don’t think enabling e-mail
form factors for business success. He has on any device is enough to qualify to be
more than 20 years’ experience in managing doing BYOD. That device needs to access
and implementing IT processes at global the company’s IT ecosystem and the
multinational corporations. services it represents. Until a company
does that, it’s not truly doing BYOD.
PwC: How does that Does it make sense to design an app APIs to interact with the information
impact IT operations? with 270 features, where the use case repositories, and to read, input, or
BK: The popular opinion of the last 8 occurs less than 20 percent of the time? manipulate the data, they enable new
to 10 years is that the goal of IT is to Maybe you build another app for when services that can get someone’s job done.
enable the business. Yet, there’s not you have that use case or maybe you
a place you can turn where people accommodate that need a different way. In reality, they’re building a workflow
aren’t talking about “IT means no,” based upon modular chunks of what
in that when they take a request The change necessary is to treat the the user is doing. Most of the time,
to IT, the answer is often “no.” users as partners. Successful enterprises users want to do work in small, focused
today are starting to embrace the fact chunks. When companies do work in
CoIT means it is much harder to say that they have users who can assist in such a modular way, it’s much easier to
“no” now, because people are going handling many of their own IT issues, be more productive in everything else.
to work their way around it. If IT is because they have already waded
nonresponsive, employees today can through them in the home environment. PwC: With APIs, in some sense
use their know-how to find better and This is the vital transformation that IT opens up its capabilities and
easier-to-use tools to perform certain IT organizations must go through to allows employees to partner with
aspects of their jobs. If that happens, IT continue to help their enterprises be IT to co-create new functionality.
organizations can have a big problem successful. If they keep treating their Should IT encourage this?
on their hands, because they will have employees as users, they will end up BK: That is what should happen in
little to no control over these tools and stuck in their legacy thinking that values the long term. However, today it’s a
limited visibility into the data used process over partnership with their big leap of faith and not everybody
and stored. So IT’s challenge becomes own internal customers. I would say is ready to do that yet. For example, I
how not to say no, and to have a role in such thinking has led to the exodus of recently visited a very large company
enabling new capabilities and services IT talent from many large enterprises that has been transforming IT to make
in partnership with the employees. that don’t see the morale-boosting, users into partners. A member of the
efficiency-granting value in CoIT. IT team said, “Somebody requested
PwC: What changes should to put an app in our internal app
IT make? PwC: Companies increasingly store the other day. They looked at
BK: Most IT organizations spend way are becoming digital, and our APIs; they want to try designing
too much time building applications there is the trend to use APIs something that they could use. They
and not focusing on the user. The reason [application programming built this great app that a group of
this happens and takes up a lot of IT’s interfaces] to share and co-create other people also thought was a great
time is scope creep on any project. It in a digital ecosystem. How is app, and they’re using it based upon
happens incrementally with people that impacting IT operations? capabilities made accessible by APIs.”
saying IT really should be able to do this BK: If you think about it, information
one other piece, and then before you’re wants to be free, at least within Non-IT employees created a new
done, you have an application that the company. This is new for most app using the APIs. Now IT’s role is
has 300 features. The reality is that 80 companies; most companies lock up different. Perhaps IT just puts it in the
percent of the users only use 30 features; their information and don’t like to share internal app store and nothing else.
what do you do with the other 270? it. However, when enterprises build Or IT adds security to it, or maybe IT
looks at it and says, “You know, we On the other hand, they should avoid
could help you make it even better building a platform that becomes
so it scales to all employees.” IT may so unwieldy that they cannot make
also get new ideas for opening up changes to it without much expense or
other APIs that would prompt more disruption. I’ve lived through that. If
co-creation. This is a good partnership. you talk to anybody who did any IT from
1995 to 2005, they will recall platforms
PwC: To use APIs across the that people just kept adding to. They
enterprise, do you think IT added to the point where, when they
organizations need to reorganize need to update a piece, they have 27
their assets as platforms with other pieces that depend on it, so they
addressable interfaces? can’t update because it’s locked. The
BK: It depends on how they design and platform is complex and unwieldy.
architect the platform. If a platform is
building APIs to access data and make IT organizations should build the
it available, whether on the premises or platforms so capabilities are modular
in a private or a public cloud, then yes, I and interchangeable, and so modules
agree that a platform is what they need. can be upgraded without disturbing
the system. It depends on how they
architect a platform. They need to
have principles that define how they’re
going to build their platform to avoid
becoming complex and unwieldy.
Robert Scott
Global Principal & Technology Leader
+1 (416) 815 5221
robert.w.scott@uk.pwc.com
Comments or requests?
Please visit www.pwc.com/techforecast or send
e-mail to techforecasteditors@us.pwc.com
This publication is printed on McCoy Silk. It is a Forest Stewardship Council™ (FSC®) certified stock
containing 10% postconsumer waste (PCW) fiber and manufactured with 100% certified renewable energy.
Photography
Cary Norton: Cover, page 24
Corbis: pages 06, 34, 54
PwC (www.pwc.com) provides industry-focused assurance, tax and advisory services to build public trust and
enhance value for its clients and their stakeholders. More than 155,000 people in 153 countries across our
network share their thinking, experience and solutions to develop fresh perspectives and practical advice.
© 2012 PricewaterhouseCoopers LLP, a Delaware limited liability partnership. All rights reserved. PwC refers
to the US member firm, and may sometimes refer to the PwC network. Each member firm is a separate legal
entity. Please see www.pwc.com/structure for further details. This content is for general information purposes
only, and should not be used as a substitute for consultation with professional advisors. NY-12-0799
www.pwc.com/techforecast
Subtext
Consumerization The combination of trends where software manipulable
of APIs (application interfaces (APIs) are becoming open and ubiquitous,
programming as well as the democratization of the ability to create,
interfaces) expose, and consume these interfaces (beyond software
and digital native enterprises).