24×7 Security and Access Management with CA API Management: Q&A with Broadridge Financial Solutions
I caught up with CA World presenter, Jeffrey Klein, to learn how DevOps and a microservices architecture enabled by CA API Management solutions have eliminated post-deployment outages and fueled integration and scale at Broadridge.
CO: Hi Jeffrey! Thanks for taking the time to speak with me today. To start, can you give us a bit of background about yourself and how you got into your current role at Broadridge?
JK: I came to Broadridge Financial Solutions, Inc. from a medium-sized business where I was responsible for the full stack and managed the migration from legacy to modern ERP. I’ve been in a cross-functional role within the SSO-IdM group [Single Sign On-Identity Management at Broadridge for a little over three years, as both lead business analyst and also contributing in a technical capacity to CA Single Sign-On (SSO) development efforts.
CO: What are some of the challenges Broadridge is currently facing around API management?
JK: As API usage within the enterprise has grown, so too has the need to secure access to those APIs. The IAM [Identity/Access Management] team began to receive more and more requests to leverage CA SSO in some capacity to protect Broadridge’s APIs.
CO: What led you to implement CA API Management in addition to CA Single Sign-On?
JK: We needed a more flexible solution with a broader feature set that was simple to deploy and scale. CA SSO is the security solution on which we’ve standardized internally, so simple integration with CA SSO was a key driver behind the decision to go with CA API Management. We also needed reliable support for a tool that will need to provide 24×7 security to multiple Tier-1 applications around the globe.
CO: What business objectives were you hoping to accomplish through working with CA?
JK: We sought a drop-in solution that we could test and implement quickly. For initial use cases, we needed reliable consultants who could assist with getting the solution up and running, and also transfer knowledge to our internal team which had some (but not a whole lot of) experience with CA API Management.
CO: What are the key features of CA API Management that were important in your selection of the solution?
JK: Integration was key – particularly integration with CA SSO and internal LDAP and SQL standards. The ability to scale for growing API usage within the company was also critical. Docker support was another key feature. And finally, CA’s solution support team was a critical differentiator.
CO: What value have you recognized from working with CA? And how has a microservices architecture changed your business operations?
JK: CA assisted with designing and architecting the initial infrastructure for the expected loads. CA was instrumental in getting our initial use case through development, unit/load testing, and production deployments. CA support has been extremely helpful as we begin to take on more complex integrations internally.
The presence of modular microservices has substantially simplified the near-term roadmap with respect to ongoing hybrid cloud migrations. DevOps enhancements that we implemented with input from CA have drastically improved our deployment success rate– we’ve yet to experience a post-deployment outage/error.
CO: Finally, how do you see your relationship with CA evolving in the future?
JK: Broadridge continues to invest in its relationship with CA and implement additional CA products. We are moving forward with the CA Mobile API Gateway for mobile API management, and we’re implementing CA products elsewhere in the IAM and governance spaces, as well.
CO: Thank you so much for your time, Jeffrey! I look forward to seeing you at CA World this year.
CA World ‘17
Hear Jeffrey Klein and Saravanan Raman talk about Enhancing DevOps and Cloud Adoption With APIs and Microservices at CA World ’17 on Thursday, November 16 at 11:30 AM. Learn more here and register today!