ABSTRACT
Application programming interfaces (APIs) are a huge can of worms in that they provide IT professionals with access to their data, but in what is hopefully a well-supported method by their provider. The point is that a new API probably also includes a learning curve for IT professionals' development staff, and it’s important that their provider has methods to help their staff learn the finer points of using and securing those APIs. If the API is used for data access to the corporate database from a web portal, connections certainly shouldn’t be allowed from the rest of the public Internet. The days of human configuration of and intervention in cloud security processes—at least, as a routine way of making security happen—is rapidly coming to an end. The early cloud dreams of highly elastic and dynamic environments able to change and keep pace with the speed of modern business have come true.
