Digital, data, and security: fundamental principles of government

November 8 2019

0 comments

In my last blog, I discussed a few ways governments can create citizen journeys with API-led connectivity to address the inertia caused by legacy IT systems. We return to the second reason digital government services are held back: providing secure services. In this blog post, I’ll review the fundamentals of dealing with digital government services and how governments can create a better citizen experience through these fundamentals.

5 ways to ensure data and API security

In 2018, there were 6,500 data breaches reported, exposing billions of records for potential misuse. In today’s digitally connected world, security is almost always top-of-mind for businesses to keep their records are safe and secure. It’s critical for organizations to implement API security best practices to keep their integrations and the data that travels between systems under tight lock and key.   

Facebook, privacy, and the delicate data dance

security-data-privacy-concept

As a consequence of the recent FTC investigation, Facebook cut off friend data access for Microsoft and Sony and announced an overhaul of its API. Facebook’s privacy changes will impact dozens of partners that have been using the Facebook API to build experiences on third-party apps and devices. Here are three essential considerations for API providers, consumers, and end-users to avoid a scandal like Facebook’s and protect the privacy of user data. 

Zero trust: The key to securing the API economy

December 21 2018

0 comments
Securing API Economy

There’s no doubt that today’s businesses are under increasing pressure to innovate faster. Looking to deliver innovative offerings at an accelerated pace to meet ever-evolving customer expectations, many are turning to modern development models underpinned by the cloud, microservices architectures, and containerization technologies.

MuleSoft and GDPR compliance

gdpr mulesoft

At MuleSoft, we are committed to maintaining privacy and security on the data you share with us. Like many of our customers and partners, MuleSoft has been preparing for the GDPR regulations that are changing the global data privacy landscape. Our privacy and security teams have been working with customers and internal teams to prepare for the GDPR, which goes into effect on May 25, 2018.

The Mule vs the hound: Kerberos support in MuleSoft

January 10 2018

2 comments
kerberos mulesoft support

One of the more challenging aspects of integration work is dealing with various security protocols. This holds true both as a consumer of a secured service and as a producer of a service that must enforce the security protocol.

How Cybercriminals Take Advantage of Chat APIs and What To Do About It

cyber crime

David Berlind is editor-in-chief of ProgrammableWeb

Cybersecurity solution provider Trend Micro has issued a report that highlights how chat platform APIs can and are being used by cybercriminals to achieve their nefarious objectives. 

Because of the degree to which Webhook APIs are involved (an API attack vector not previously discussed on ProgrammableWeb), the warnings and incidents should serve as a wake-up call to API providers and developers when it comes to the sorts of best practices and ongoing vigilance it takes to fully secure their customers and systems.Provided that the incentives are worth it,

7 IT Resolutions for 2017

business man looking out

2016 has finally come to an end, and that means an opportunity for your IT teams to start fresh and do great things for the business in 2017. But where’s the best place to start? Here are our top 7 r resolutions for your teams to consider in the upcoming year.

  1. Don’t take security for granted.

    High profile security breaches this year highlighted just how important security practices are when doing business.

Boosting Business Agility with Security by Design

December 27 2016

0 comments
security by design

A convergence of digital forces – notably mobile, SaaS, cloud, big data, IoT and social – is creating massive disruption in the market and pushing businesses to move at much faster speeds. However, with a fixed set of resources and a constrained capacity to deliver on new projects, IT is often accused of holding the business back rather than enabling it.

The resulting IT delivery gap is exacerbated even further when IT resorts to shortcuts that get projects done on time and on budget.

API security: Platform capabilities and API-led Connectivity example

November 10 2016

0 comments
api-security-mulesoft-api-led-connectivity

This is part 3 of my API security blog series. I will be showing an example scenario of how Anypoint platform can be a vital component of a secure API-led architecture and the capabilities to securing the API.

If you missed part 1 and part 2 here they are:

  1. API security: Ways to authenticate and authorize
  2. API security: Keeping data private but accessible

3.