The use of open APIs has been a growing trend in website development because it allows for greater compatibility and functionality between two networks.

Open APIs are commonly associated with social networking sites because they allow programmers to create applications that will work on multiple websites, reducing their production costs and allowing for a greater availability of products. Although Open APIs can be helpful in creating a user friendly interface between a network of websites and in expanding a company's market outreach, companies that do not exercise safe network management may face potential security risks linked with open platforms.

The API conversation is that of need vs. security.

Some IT professionals have encouraged companies to demand open APIs in order to expand their networks and encourage interoperability. For businesses such as Amazon and eBay, which serve as an online marketplace, open APIs are useful and necessary for growth and sustainability, ZDNet reports. With Flickr, YouTube and Facebook all using APIs to further their businesses many other companies want to join the trend but have not considered all the costs and benefits.

Companies that authorize programmers access to certain entities on their network - using an open API - are making themselves susceptible to security breaches if the application developer uses poorly written code. The more hands that have access to your inner network the more room for error, according to Cloud Security Alliance, relayed by Architect Zone, which listed "Insecure Interfaces and APIs" as one of five major threats facing cloud security companies.

The Alliance said that open APIs can be especially dangerous when old codes are reused to build applications faster, which "damages their quality and security," Architect Zone reports.

MySpace and Yahoo are examples of companies that have dealt with security breaches because of their use of open APIs. In 2008, a hacker was able to use a MySpace API to ascertain private data without having to input the proper authorization, Dev Central relays. Myspace in turn deprecated the APIs, meaning they began a long-scale process to phase them out.

Dev Central's report states that poor API management such as deprecation techniques can "increase the potential security holes through which bad guys might be able to access private data - or worse."

There are at least 2000 APIs and 4,850 Mashups - a page or application that takes data from multiple external sources to build a new application - on the internet, according to Programmable Web.
ADNFCR-2553-ID-19820149-ADNFCR