Low-code platforms employ visual, drag-and-drop techniques instead of traditional lines of programming. Low code is no longer just for innovators and early adopters and it won’t make coding obsolete. In fact, adopting low-code development platforms internally could lead to an increase in unsupported applications built by shadow IT. According to Forrester Research, the total spending on low code is forecasted to hit USD21.2 billion by 2022. However, concerns related to low-code development platform security and compliance are increasing.
While we achieve speed to market, empower business users and citizen developers, how do we ensure these align with enterprise security norms?
Low code is no magic solution to software challenges. A careful strategy is required for consistent successes. Low-code development platforms include authorizations and access controls by default. However, it is not practical to expect business users and citizen developers to be security experts. Identity and access management, monitoring app performance, and analyzing data are some of the areas that must be continuously managed by security experts.
Low-code apps require the same level of security testing and governance as traditionally developed software.
How do you identify which projects are good candidates for the low-code approach?
While no one rule fits all enterprises, there are typical enterprise applications that have higher business involvement and can take center stage when it comes to low-code development:
- New business apps (systems of engagement) – web or mobile
- Development of new Create, Read, Update, and Delete (CRUD) reporting applications with simple workflows and integration workflows
- Multi-channel applications
- Replacement of legacy applications with simplified and standardized features.
As with most COTS (commercial off-the-shelf) products that are excessively customized for business needs, maintainability becomes an issue in the long run. It becomes important to strike a balance between customization and maintainability. Low-code platforms are not meant for a high level of customization. The ease of creating the app and deploying it opens up a lot of possibilities for citizen developers. This can lead to complexities in enforcing uniform standards, security adherence, cost control, etc. An appropriate governance mechanism needs to be in place to regulate low-code deployments and make sure that they align with organizational strategy.
Capgemini collaborates with enterprises to identify the right applications and projects for low code as part of the overall application portfolio rationalization/ modernization strategy. We have partnered with leaders in low-code development platform providers and can create a roadmap for the low-code transformation journey. We have enabled many enterprises to leverage the speed and continuous development advantages that low-code platforms offer while governance and security concerns are addressed.
This blog is authored by Yathish Kumar, Digital Transformation Director for Application Services