![]() The low-code platform itself can make a difference. It’s also important to implement fine-grained controls for viewing, editing and sharing data. The solution : One solution is requiring citizen developers to build what they want in a sandbox, accessing only resources available in that sandbox. The problem : With so many cooks in the kitchen, it can be difficult to keep tabs on what’s being built, what resources are being used and whether acceptable processes are being followed. Here are some reasons why, and how to overcome them. There has to be a really good reason for going outside the lines, Beckley said.īut even with the right low-code platform and comprehensive policies and procedures, true security can be elusive. Probably the most important way to use policies is to ensure that everyone working on an application-IT staff or citizen developer-goes through the low-code platform. That’s especially important today, with the proliferation of APIs and data everywhere,” said Mayur Shah, senior director of product management at WaveMaker. “Role-based access should be as fine-grained as possible. That includes training and certifying citizen developers, conducting routine application testing and reviews, and using permission policies to specify what actions specific users can perform and what data they can access. To ensure security for all types of users, make sure to put the right processes and protocols in place. This requires having the right security guardrails built into the platform-guardrails that prompt IT staff to adjust security permissions on all objects appropriately.Īnother helpful feature is a built-in health check system, which can be set up to automatically check the overall health of the platform and identify any misconfigured or orphaned objects before deployment. This applies to everything along the way, from data management to connecting with other business processes. ![]() The key, he said, is to allow as much freedom as possible unless it bumps up against a boundary that can cause risk. “It’s a fine line because they might view governance as taking away their freedom, but in mature democracies, you know where to apply the governance.” “When there is a lot of freedom, there should also be lots of control, and that means good governance,” said Andie Dovgan, chief growth officer at Creatio. This can have the effect of actually weakening the overall security of the application. Developers outside of the IT department are much more likely to “go rogue,” building part of their applications outside of the native tooling of the low-code platform. While empowering citizen developers is great for productivity, it can make security and governance much more challenging. That’s because while IT professionals make good use of low-code platforms, the biggest growth is taking place among “citizen developers”-employees outside the IT department who create applications for others or themselves. According to Gartner, more than 40% of companies have active citizen development initiatives underway, and many more are either evaluating or planning to start them. While that’s an important step toward security, there are plenty of caveats to actually achieving high levels of security and governance. “Any decent low-code platform will give you centralized control over who can access the apps, the automations and the data underneath.” The Rising Risk of the ‘Citizen Developer’ “It’s the lowest risk to the enterprise because it’s the most transparent, most governed and most controlled way to develop apps,” said Michael Beckley, acting CTO at Appian. ![]() According to Gartner, more than 65% of application development activity will be accomplished using low-code environments by 2024.ĭone right, low-code platforms can actually be more secure than traditional application development because the platform itself helps the entire development process “shift left.” This works especially well when the IT department maintains control of the low-code platform, putting the right policies in place and ensuring that they are enforced. These platforms, fronted by a graphical user interface and intended to be easier to use than traditional development methods, are growing fast. More companies than ever are turning to low-code platforms to speed application development and reduce the burden on IT staffs.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |