![]() “ Extend the enterprise into the cloud with single sign- on to cloud based services.” As such, regardless of how an organization chooses to manage API keys, either using a home grown approach or off-the shelf product, the critical goal is to safeguard the access and usage of these keys.įor further reading on API Keys please reference the following article on the Cloud Security Alliance blog: It is clear the casual use and sharing of API keys is an accident waiting to happen. It also means that regulatory criteria related to privacy and protections of critical communications are met. The secure storage of API keys demands that operations staff can apply a policy to their key usage. In summary, as organizations increasingly access Cloud services,readers need to ask themselves if they have implemented a corporate-wide policy for the protection of API Keys, just as they have passwords and private keys. Yet despite this, API keys are often emailed around an organization without due regard to their sensitivity, or stored on file servers accessed by many people. In effect, easily accessed API keys means potentially anyone could use them to run up bills, this is akin to having access to someone's credit card and making unauthorized purchases. As such, if an organization condones the casual management of API keys they are at risk of:ġ) unauthorized individuals using the keys to access confidential information andĢ) the possibility of huge credit card bills for unapproved access to pay-as-you-use Cloud services. email, sales leads, or shared documents) and pay-as-you-use Cloud services. As noted, the API keys control access to business sensitive information – or the riches of your cloud assets- in the Cloud (e.g. Much lip service is paid to protecting information in the Cloud, but the reality is often a seat-of-the-pants policy approach to Cloud security. ![]() API keys are codes generated to control and manage access to these services and most organizations use some form of API keys to access their cloud services. Effectively these APIs are the interface to the business services and access to APIs is controlled by API keys. In a nutshell, APIs are the rules that determine how applications interface with cloud-side service offerings to enable enterprises to reach far beyond their own web properties to distribute data, content or services that have relevance to their business operations. The key to these advances is the Application Programming Interface (API). In response to the growing use of smartphones and the advent of cloud-hosted services, enterprises are engaging in new and innovative ways with their customers, employees, partners and suppliers to increase brand loyalty, generate new revenues and improve the overall business experience. Written by Hugh Carroll, VP of Marketing, Vordelīusinesses are increasingly leveraging Cloud computing to drive opportunities and efficiencies in their day to day operations.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |