8 min read

No-code, Low-code Development: An Enterprise Priority With Data Risks

George V. Hulme

December 16, 2020

No-code, Low-code Development: An Enterprise Priority With Data Risks
  • Demand for digital transformation is driving low code development platforms.
  • While line-of-business workers creating software alleviates development team burdens, it can increase risk.
  • Enterprises must ensure that they are managing all apps in their portfolio.

It’s been more than eight years since Marc Andreessen wrote that software was eating the world, and he was right. And, today, software is the world. There is no more obvious place to see this than the amount of money and effort enterprises invest in their digital transformation efforts.

Those enterprises that make the most of their digital transformation efforts by enhancing their digital customer experiences and successfully streamlining their back offices will win in the years ahead. They will not only build more resilient and agile infrastructures that are more readily defended and recover from attacks but also better respond to changing business demands.

Of course, digital transformations are powered by software – and that means coding. Or does it? Increasingly enterprise digital transformation efforts have been powered by digital capabilities developed without programming skills by everyday users relying upon low code and even no-code software development platforms.

Recently, Internal released research that indicates that during the next nine months, no-code/low-code development will be a nearly universal priority among mid-sized enterprises. With 96% of IT and engineering decision-makers responding to the survey, the lack of software engineers and COVID-19 are placing pressures on their organizations. According to propeller Insights, about 81% of IT leaders said engineering hiring has changed since COVID-19, and 78% expect hiring and headcount-related challenges next year. Employee access to customer data was a concern among 95% of those surveyed.

Since the beginnings of the novel coronavirus pandemic, 75% of those surveyed said their organizations had implemented a "dual-track strategy" toward app development that includes traditional development methods coupled with no-code/low-code. The pace of app development has increased to 60% of organizations once they began working from home.

Organizations want to take steps to speed development. For instance, virtually all survey participants (99%) said improving their engineering team's efficiency is a priority. And 27% cited it as an essential priority, and 39% a high priority. Additionally, the survey found that no-code/low-code was a priority for 50% of those surveyed, with 22% rating it an essential priority and 28% a high priority. The rest of the organizations broke down as no-code/low-code being a moderate priority (22%), somewhat of a priority (7%), and not a priority for 4% of organizations.

All of the top challenges IT leaders cited in the survey were associated with staff, including increased competition for talent (31%), poor reaction to new work-from-home policies (23%), a developer drought (22%), and immigration issues with current staff (16%).

Expect a rush for talent heading into 2021. Following the pandemic's start, about 37% of respondents said they had hired more engineers, while 35% froze their hiring, and 19% didn't change their hiring practices. Only 10% conducted layoffs. Going forward, 78% are expecting accelerated hiring and challenges next year related to staffing, such as 45% anticipating more competition for talent.

The majority of participants see no-code/low-code tools as helpful in alleviating the demand for apps. And 70% said that they already have non-developers, or citizen developers, in their organizations that are building software for internal use, such as apps and scripts. Seventy-nine percent expect this to continue. This trend is having a positive impact on engineering teams, according to 69% of respondents.

However, 95% of respondents citing concerns with their employees having access to customer data, and 58% said they suffered an internal security incident resulting from privileged user access to sensitive information. Concerns include legal costs (60%), loss of customer trust (54%), loss of customer trust (54%), and bad news headlines and negative impact to reputation at 53%.

The research was conducted by Propeller Insights and is based on a survey of about 500 IT and engineering professionals at medium-sized organizations.

What steps can enterprises take to mitigate the risks while increasing the benefits of no-code/low-code platforms? The first step is to understand what such platforms are in place and what data they are accessing. Is it customer data? Is the data intellectual property? Is the data regulated? When citizen developed apps are identified accessing such data, regardless of what cloud server, storage, platform, they must be brought under the management of IT and made aware to security teams. With adequate oversight, IT teams should ensure that these apps and associated data are managed and secured. The objective certainly should not be to shut these systems down but to enable non-developers "developers," or citizen developers, to be reasonably productive while being reasonably secured.

When citizen developers are managed in such a way, the organization is more productive because IT and security teams support business needs sustainably.

"COVID-19 has accelerated the adoption of no-code/low-code solutions as IT and engineering leaders seek out new ways to improve engineering efficiency and empower non-coders to do more," Arisa Amano, co-founder and CEO at Internal said in a statement. "Security is likely to become an important factor for adoption, especially when it comes to the development of internal apps that touch customer data," Amano said.

That was, make that is, true with shadow IT, and it is just as accurate when it comes to no-code/low-code development.

tags


Author


George V. Hulme

George V. Hulme is an internationally recognized information security and business technology writer. For more than 20 years Hulme has written about business, technology, and IT security topics. From March 2000 through March 2005, as senior editor at InformationWeek magazine, he covered the IT security and homeland security beats. His work has appeared in CSOOnline, ComputerWorld, Network Computing, Government Computer News, Network World, San Francisco Examiner, TechWeb, VARBusiness, and dozens of other technology publications.

View all posts

You might also like

Bookmarks


loader