For years enterprises treated what was inside the enterprise very differently from what was outside. Internal data and application functionality was rarely exposed beyond the Firewall. External communication was limited to B2B style EDI document exchange, web, email but nothing that required real-time application level access to data and applications.

But the enterprise is finally being forced to open up. They now need to programmatically open up systems directly to mobile apps, cloud services, partners and developer communities. APIs provide the mechanism but broader implications to how enterprises handle security and integration management has not been fully explored.

Going mobile

Mobile computing has plainly been garnering a disproportionate amount of tech media attention in recent years. One only needs to follow the money to understand why. Apple’s growth into the most valuable public company on Earth is a narrative built on mobility. New smart phones, smart tablets, smart things of all sorts – cars, utility meters, thermostats – have changed the way we go about our daily lives.

The way we shop, socialise, travel, learn and even get entertained has all changed in just a few years with the advent of powerful “smart” mobile devices and the apps they spawned. Is it any surprise that this same transformation in our everyday lives is now poised to upend the way we work and conduct business?

The race is on. Enterprises are mobilising around mobile so to speak. They are embracing Mobile Device Management (MDM) and Mobile Application Management (MAM) and getting their developers trained on Mobile Enterprise Application Platforms (MEAPs) of one sort or another. They are picking mobile platforms except when of course they are choosing not to pick (read BYOD). They are funding new mobile consumer strategies, new mobile partner strategies and new mobile employee strategies.

They are attending countless mobile trade shows looking for mobile tips, tricks and lessons. And all the while they are building and deploying apps that improve customer reach, create new revenue opportunities and help them retain visibility with customer and employees alike when they leave their computers at home or the office. Mobile promises business ubiquity; anywhere, anytime commerce. The only snag; enterprises now have to open up and share their applications & data everywhere, all the time.

Opening up

Openness has always come more easily to teenagers than enterprises. Organisations take considerable precautions to protect their valuable information assets. From the seemingly ubiquitous disclaimers added to the footer of email to the constant race to bullet proof the IT perimeter, organisations care about protecting their internal assets from the outside. That’s what makes mobile especially vexing.

To be valuable, mobile apps need valuable information to put into them. To make a mobile app compelling to an enterprise employee, customer or partner the app needs to be about them or for them. The information it presents needs to be personal which will also mean privileged and just as often confidential.

For enterprises, effective mobile is about getting the information locked up in CRMs, customer databases, SAP, and repositories of all sorts from SharePoint to private wikis into the apps that like to live on the mobile devices. In this lies the dilemma for enterprises. Mobilisation means building meaningful apps that consume internal company information, information that enterprises don’t like to open up to the outside. What’s an enterprise to do?


The mobile “app economy” is built on APIs. APIs are machine readable windows into data stores and application services. They provide programs, a programmatic way to get information from anywhere on the Internet. Phone apps get the data they need to do their magic either from information stored on a phone or from the outside Internet. Either way it’s via APIs.

The new “Cloud” filled Internet is dense with Web service providers that expose APIs to make life easy for mobile app developers. Facebook does it. So does Google. Twitter even does it (though less and less often). That’s the way it is. Enterprises that want into the game can do the same or sit it out. Enterprise mobilisation means making enterprise data and applications available as APIs to devs and apps alike. Mobilisation requires APIfication. The only question is how to do it in a consistent and secure way.

For mobility to take root and grow with business there needs to be a consistent way for enterprises to open internal information assets to mobile developer and apps without compromising security. This is only achievable through a new class of Mobile Middleware that combines integration, security, optimisation and cloud orchestration in one package. To fully mobilise, enterprises need to make it easy to expose their assets as APIs so that they can be consumed by native, hybrid and HTML5 apps alike.

They need a way to protect and secure the naked APIs for reasons already outlined. They need a way to optimise how information is delivered through the APIs. And they need a way to combine inside information with outside cloud services to create new combinations of mashed up services. The sum of all these needs goes beyond traditional middleware. It takes integration and add assurance, governance, optimisation and orchestration. This represents a new class of middleware for mobilising the enterprise