Public cloud API security: How safe is our data?

 

…APIs let applications (and devices) seamlessly connect and communicate. An API can create a seamless flow of data between apps and devices in real time.

ProgrammableWeb, a site that tracks more than 15,500 APIs, lists Google Maps, Twitter, YouTube, Flickr and Amazon Product Advertising as some of the most popular ones. APIs allow you to order pizza, book a hotel room, check the weather forecast, rate a book, or download a song. APIs make the interactivity that we expect on the internet happen – and at a lightning quick speed.

The reason APIs have become the centre point of innovation for the cloud is that they represent a consistent, standards-based means of communicating, and thus allow companies to more easily adopt APIs regardless of the disparate technologies in their architecture.

Since APIs allows simplified connection to applications and services, essentially acting as a door that anyone with the right key can enter, they also present a heightened cybersecurity risk. Most cloud services use API gateways to identify and verify users, and to act as the single-entry point into the service so, of course, this is the main focus of attack for most hackers. As APIs are connectors to the cloud, they are a veritable ‘all-you-can-eat buffet’ for hackers who seek to compromise APIs to gain access to sensitive data for fraud, theft or even blackmail…

Read full article in IT Pro Portal