Cost of Data Breaches Raises Questions About ‘Fragmented Integration’

    Slide Show

    The Value of Information Governance: Finding the ROI

    Here’s a good reason to change the way you’re handling integration, governance and security: $3 million.

    That’s the average overall cost of a data breach, according to a recent global study by Axway and Ovum. It’s important to note that while Ovum wrote the report, Axway is a vendor that sells managed file transfer (MFT) and API solutions for API, B2B and cloud integration. So, in some ways, this report is about convincing readers to move from older tools, including file transfer protocol tools, toward newer options such as MFT.

    That doesn’t mean the study is not onto something, though, especially in connecting two well-known factors in data breaches, governance and security, to questions about IT’s integration strategy. Integration might seem like the odd ball here, but when you consider how much data is now handled in the cloud, it makes sense.

    For example, consider this: Out of the 450 respondents surveyed across North America, Asia Pacific and EMEA, 56 percent said their organization’s integration infrastructure is fragmented, which means they use different integration approaches for application integration, B2B integration and cloud integration.

    If you’re familiar with the different integration varieties, that’s not surprising. After all, B2B, enterprise application and even some cloud integration tools, in general, evolved out of different technology heritages.

    That hasn’t been such a big deal in the past, but it’s now a pain point for organizations trying to manage data assets across the entire organization, as a Herald Online summary of the survey points out. The survey results show that 71 percent of organizations “have little synergy between integration strategy and data security, privacy and governance frameworks and policies.”

    At the same time, enterprises are trying to leverage their data in new ways. A majority, 78 percent, either have an API program in place or plan to implement one within 2 to 3 years. Those APIs will enable new partners, customers, developers and others to access enterprise data.

    That sounds smart, but it is? The survey found major concerns about file transfer:

    • Reliability (84 percent)
    • Compliance (77 percent)
    • Visibility and monitoring (75 percent)
    • Integration (74 percent)

    All of which seems to make a darn good case for rethinking how we approach data security, governance and integration. But how do you do that?

    Data Security

    Ovum recommends that data security and governance must be integral to any enterprise integration strategy. Along those lines, it proposes API management as “central to the integration infrastructure required for supporting complex and multi-faceted integration and governance needs.”

    Actually, this is not a new argument and throws us back to the old SOA (service-oriented architecture) versus WOA (web-oriented architecture) debate. WOA, you may recall, was REST-based. Since APIs are built on REST, well, you see where they’re going with this.

    Indeed, the survey found that “46% of respondent enterprises agreed that existing ESB/SOA infrastructure offers less flexibility and is difficult to maintain.”

    It’s not quite that simple, though, since many companies offering ESB integration or SOA management now also sell API management tools. Information Week’s recent article on the Forrester Wave: API Management Solutions, Q3 2014 report does a nice job of explaining this. It’s also worth noting that this report highlights offerings from IBM, WSO2, SOA Software, MuleSoft and … wait for it …  Axway.

    Loraine Lawson is a veteran technology reporter and blogger. She currently writes the Integration blog for IT Business Edge, which covers all aspects of integration technology, including data governance and best practices. She has also covered IT/Business Alignment and IT Security for IT Business Edge. Before becoming a freelance writer, Lawson worked at TechRepublic as a site editor and writer, covering mobile, IT management, IT security and other technology trends. Previously, she was a webmaster at the Kentucky Transportation Cabinet and a newspaper journalist. Follow Lawson at Google+ and on Twitter.

    Loraine Lawson
    Loraine Lawson
    Loraine Lawson is a freelance writer specializing in technology and business issues, including integration, health care IT, cloud and Big Data.

    Latest Articles