Avionté Blog

Open APIs: Big Benefit or Security Risk for Staffing?

Shopping for a new staffing ATS, CRM, or system of record? Then you’ve probably heard the term “open API” thrown around in a few demos. Usually after you ask “does this integrate with [insert list of necessary solutions here]?”

Over the last 20 years, APIs have become essential tools that allow staffing firms to streamline tech stacks and improve operational efficiency. But, in light of recent concerns around data integrity and security, it’s become clear that we need to have a better understanding of the benefits and risks associated with this common buzzword.

 

What’s an API?

If you want to get technical, an API, or an application programming interface, is a set of specifications and protocols that allow developers to create applications that access or share the data or features of a system.

At the most basic level though, an API is the bridge that lets two systems connect and share data.

For example, let’s say you have a staffing CRM and background check provider. If you connect the two systems using an API, then the CRM could share contact information with the background check provider, and the background check provider could share screening results seamlessly with the CRM.

CRM and Background Check Connection via API

This data exchange allows you to manage your background checks efficiently and maintain detailed contact records without duplicate data entry or manual tasks.

Sound cool? It is! API technology has allowed us to create tighter, more effective integrations with best-of-breed technologies, so we can improve efficiencies across the board.

But, not all APIs are created equal. Before creating the code for an API, the developer needs to determine whether it will be an open API, or a closed API.

  • Open – These APIs are intended to be shared with the world. They’re published online and are easy to access and consume.
  • Closed – APIs that are closed can only be accessed and consumed by approved parties.

 

Benefits of an open API for staffing

While most technologies prefer to use closed APIs, open APIs have been trending with HR technologies because they offer a number of advantages for the provider and the developers.

From a consumer standpoint though, there are 3 big benefits.

  • Innovation led by a highly collaborative environment – developers from all walks of life can create, share, test, and document new features and use cases. 
  • Increased variety in ecosystems and marketplaces – because anyone can access the API, the ATS, CRM, or system of record provider can expand their partner ecosystem or marketplace quickly without having to invest in development resources.
  • Potential for savings – technology providers using open APIs can turn a profit thanks to licensing opportunities and reduced development costs. This revenue stream may lead to lower pricing for end users.

 

Open API risks

While the three benefits outlined above are wonderful, they’re offset by a number of major concerns around the safety and stability of open APIs.

Major risks include, but are not limited to…

  • Security concerns – open APIs provide a single (and well-documented) point of entry for hackers to access sensitive personally identifiable information (PII) such as employee social security numbers, direct deposit, and tax information. 
    • They’re also susceptible to malware and ransomware, and the code can share data with 3rd parties you didn’t intend to share the data with.
  • Slower systems with an increased risk of downtime – if the API isn’t properly managed, then one system may overwhelm the other with data or information requests. This could slow or stop your workflows completely at any given time.
  • Shallow “integrations” that don’t function the way you need them to – open APIs depend on the other system’s developers to create the connection, and the connections aren’t always uniform.
    • For example: a developer from Company A could build a deep connection that emphasizes the user experience, and a developer from Company B could create a basic data bridge with no additional functionality. Both integrations would be considered “valid” depending on the marketplace or ecosystem.
  • Overwhelming ecosystem options that may not meet your needs – because anyone can connect to the API, there’s no guarantee that the technology being connected to the system of record is useful to staffing, recruiting, or talent.
    • It’s a little like Googling “good chinese food near me” and getting 10,000 results for frozen supermarket pad thai. The frozen pad thai may be good enough in some cases, but it’s not quite what you’re craving and it requires a lot more effort to prepare.

 

Should you work with a CRM, ATS, or system of record provider that uses open APIs?

The answer really depends on you and your business. If you’re okay trading deep connections, decreased down time, and lower security risk for an expanded partner ecosystem and potential cost savings, then moving forward with a system that uses open APIs could be the right decision for your staffing firm.

However, if your focus is on integration quality and security, then closed APIs are your best route.

 

Does Avionté+ use open or closed APIs?

At Avionté, we don’t believe the benefits of an open API are worth risking your data security, but we also understand that closed APIs reduce the speed of innovation that a firm needs. In order to provide the best of both, we designed our partner program, Avionté+, around a subset of closed APIs called “private APIs.” Private APIs are closed APIs that can be consumed like an open API for approved technologies.

To put it simply, we provide approved and certified technology partners with the documentation, flexibility, and support necessary to easily access and consume the API. This means that they can:

 

How are partners approved and certified?

As a staffing firm, we know that you have needs that extend beyond your core platform. You need partners that will elevate your workflows, drive a competitive edge, focus on security, and answer the phone when you call for help. So, when we first look at the solution that’s interested in connecting to our systems, we evaluate their…

  • Customer service
  • Technical support model
  • Data model
  • Data security

If they excel in each category, then we sign an integration certification agreement that clearly outlines expectations from both parties.

Tip to clients: remember to ask a third party technology if they have an integration certification agreement before signing up for their service.  

Once the agreement is signed, we connect their developers with our integrations team and work together to build the strongest, most effective, connection via private API.

The private API keeps our client data secure and allows us to offer the best possible end-product to the staffing and recruiting industry.

 

How does Avionté+ benefit you?

Our network of pre-integrated, best of breed technologies and services using the private API help your teams:​

  • Quickly gain extra efficiency ​
  • Maintain a single system of record/ single source of truth
  • Improve data integrity​
  • Mitigate compliance risk
  • Make informed business decisions

To date, 60+ technologies have cleared the pre-vetting and pre-integration process with more being added each month.

Have questions about APIs, integrations, or Avionté? Reach out to our team today!

 

 
Avonté Updates Brought straight to your inbox

Upcoming Events

  1. Avionté CONNECT: Virtual Experience

    August 3 - August 5
  2. Colorado Staffing Association Annual Conference

    August 19 - August 20
  3. TempNet Fall Conference

    September 8 - September 12
  4. Minnesota Staffing and Recruiting Association Symposium

    September 16
  5. National Association of Personnel Services Annual Conference

    September 26 - September 28