APIs to Zip Drives

"Mobile is not a device, it is a digital strategy and supporting enterprise architecture." This has been a favorite statement of mine for a while now when discussing mobile initiatives. As mobile application consumers, generally what you see is the end user application only, and not the underlying components that enable the delivery of the functionality and data to your mobile device. Similar capabilities to desktop app or desktop web experience often seem to lead to the misconception that what you see is the same solution, simply ported to a mobile device, when the truth is that a successful mobile experience encompasses far more. Too often we see tough lessons learned as traditional desktop development teams without mobile development experience are tasked to 'make a mobile app and support omnichannel' and IT teams are told to support these requirements with no new investment in architecture to support mobile channels. Unfortunately, when digitizing services and c

To long a read? Feel free to jump to the bottom for the exciting conclusion! Often in US Federal we see different requirements and use cases arise than our commercial counterparts. Quite often I might get asked to provide insight into security, identity, and compliance queries in the same way I might ask for insight on team development or CICD requirements from my commercial focused brethren. It just so happens that this week I have provided some insights on three of four discussions around the role of our API Gateway in enterprise security. The role of an API Gateway in enterprise architecture in general always seems to bring up interesting discussion points (can it replace my load balancer?), but none more so than enterprise security. I have often heard of API Gateways jokingly referred to as a 'Swiss army knife' because you can really do so much with them. Often I find myself saying to both customers and colleagues that 'It's not what you can do with it, it is what