Ensuring Security of Low-Code Platforms among Citizen Developers

Admin on December 05, 2020

With the prevalence of digital tools and tech-savvy non-technical workforce, companies can no longer shy away from citizen development. This puts the CIO and CISO to test and them coming to terms with the prospects of Shadow IT and citizen development.

We are at a stage where the growth of an organization can be greatly determined by its ability to exploit technology to its highest potential. While the corporate citizens may or may not understand the price Shadow IT comes with, it is too late to avoid. Rather than killing it off, the time has come for businesses to embrace what is known today as ‘Managed Shadow IT’.

Shadow IT with Citizen Development and Low Code

The question stands: Are low-code platforms contributing to shadow IT? The answer, however, is quite the opposite. A well-vetted IT sanctioned low-code platform is just the technology to get businesses future-ready.

By giving up some control, as a CIO, you allow your company to gain an edge by leaving your business engineers to get ahead in the digital race. Not only do they have a thorough understanding of the intricate business process and requirements, but they are also most likely to be the ones that come up with the most innovative solutions by creating applications with low-code or no-code approaches.

What statistics tell us – The long-term potential

The market for tools that support citizen development is expected to witness an explosion. A recent Gartner study discovered that somewhere between 30 and 40% of IT spending in large enterprises goes to shadow IT. Three-quarters of large enterprises will use at least four low-code development tools by 2024 and that low-code will make up more than 65% of application development activity.

The investors are also getting in on this. 2020 alone has seen low code vendors raise at least $500 million in funding. The global low-code development platform market size is expected to hit as high as $45.5 billion by 2025 from $13.2 billion this year and it is clear why.

With corporate data still regulated by professionals, critical business processes can benefit from applications like workflow automation, digitized data capture, and insights and analytics.

A Fading Resistance

It would be wrong to assume that business users are as particular about security as seasoned developers. Low code platforms do present challenges that may leave the organizational data exposed. Such platforms should not be implemented without specific security plans laid down at the beginning.

Business developers may not have ideal security expertise, IT sanctioned platforms themselves build security into the final outcome. After a thorough evaluation, a low-code platform that is well-governed and supported by the central IT department can bridge the well-known gap between the business and the IT.

The perks of modern low code development platforms are:

1. Have multiple environments to develop, test, and iterate upon applications
2. High scalability owning to cloud-based deployment to extend apps from a small departmental user base to a global organization-wide use case
3. Standard security certifications to ensure apps built on the platform are pre-configured with the right level of security
4. Plethora of API connectors to seamlessly integrate disconnected enterprise solutions
5. Granular level permission settings, to offer access to right admin users and app users & managers

Companies with limited staff can see a greater benefit in low code platforms as the built-in security ends up raising the security by automatically stemming out the low-level risks that may arise from improper data capture validation and code integrity checks.

With the security built-in into cloud-based low code platforms, the experience is becoming more intuitive and allowing business users to build custom apps without additional coding to ensure compliance with prevailing regulatory requirements.


Originally published at https://www.expresscomputer.in/