If you’ve worked in a large enterprise you are very familiar with the physical security that exists, and that there are primary entrances you can take into a building. There may be a handful of emergencies or other exits you can take out of a building, but entering a building is done via a single entrance with security. This is how you manage your valuable Human Resources and tackle physical security, but once you begin to apply this same logic to digital resources you begin to see a very different picture. If you turn on Charles Proxy and begin to use any web, desktop, or mobile application for an enterprise, or you begin scanning the public GitHub repositories you will find many different entrances for accessing enterprise digital resources, with only a handful possessing a proper front door for API resources.
Enterprises have plenty of security and firewalls in place to address a lot of these issues, but it is very telling about where they are in this journey when there is no official front door to walk in or out of when it comes to 3rd-parties being able to access digital resources. This is where you begin to see the weirdness of how the enterprise treats their digital resources. Having a front door, or a series of well staffed front doors for your enterprise makes a lot of sense. Most groups are trying to create a platform group to staff and manage a single front door, but others are still working to maintain multiple doors for each of their lines of business, where others are just installing doors wherever they are needed. This is one analogy we will keep workshopping because we need all the ways possible we can to help people see the importance of formal API doorways for the enterprise.
