[DZone Research] Hurdles Affecting Web and Mobile Development

DZone 's Guide to

[DZone Research] Hurdles Affecting Web and Mobile Development

When we talked to executives across IT, complexity, lack of talent, security, and proving business value were the most frequently mentioned challenges.

· Web Dev Zone ·
Free Resource

To gather insights on the current and future state of web and mobile development we talked to 19 IT executives and we asked, "What are the most common hurdles you see affecting the development of web and mobile applications?" Here's what they told us:


  • Quirks between different devices – tablets, phones, screen sizes. You have to design for the phone. It’s a different stream on the web. Must use native. Progressive apps are coming up just loading the pieces. People are not installing the apps on mobile. 
  • The multitude of platforms and screen sizes. The time it takes to test and deploy with confidence and do continuous deployment. Without automated visual deployment, they need to do this testing manually. We help them automate running all tests on all platforms, browsers, and screens sizes and release in 30 minutes. UI version control tied to GitHub to see separate code in separate branches. Automating the last mile of the application and the deployment cycle. 
  • Because the market is so fragmented, the biggest challenge is knowing where to start. There are teams for web, iOS, and Android. That conventional wisdom is being called into question, but people are confused that there is a solution that will give you the performance you want. You need to think about a strategy for your entire application portfolio.


  • There is a high rate of change in the core technologies, making it difficult for organizations to find and keep experts capable of utilizing the full features available. It also leads to organizations needing to maintain a continuous cycle of keeping up with the supported versions of a technology or risk having built a technology stack on out-of-date software. 
  • Mobile is off on its own with an entirely different skill set than web. It’s the kind of thing that's often outsourced to consulting firms that specialize in mobile. The challenge with that is exemplified in the Marriott 2017 mobile app that had a giant meltdown because the backend rollout didn’t happen. Marriott spent several days in panic mode. When rolling out new functionality and need to coordinate front-end, backend, and database can be painful.


  • Security people are not used to Agile and automation. They are used to a lot of human power versus automation. If a P1 bug is discovered in an app, DevOps treats it as a bug and the developer fixes it. This happens 12 times a day. When showing a P1 bug to security they want to have everything downloaded in a PDF report and analyze it. We want to make security the VP of “yes” not the directors of “no.” High-quality security with high-quality automation is a cultural mindset. 
  • The most common hurdle we see facing web and mobile applications with respect to security is the incorrect use of security controls. Many modern frameworks and libraries come with built-in security capabilities. For example, every modern HTML templating technology includes automated contextual output encoding to prevent Cross-Site Scripting. Such security controls are often available, but their use is applied inconsistently. It is because of this inconsistency that we continue to see many classes of security vulnerabilities. 
  • As the functionality of web and mobile apps keeps getting more sophisticated, there is increased use of external libraries and software components, as well as the integration of third-party services. The resulting hurdles developers are now encountering routinely include (1) security risks, which necessitate safety audits of imported code, (2) performance implications to user experience, due to increased size of external code embedded within web pages, (3) brittle app builds, due to a plethora of code dependencies, library versions and inter-team collaboration and (4) time spent by developers in staying up-to-date on the ever-evolving software tooling, frameworks and infrastructure they’re using to build apps.

Business Value

  • There is a continuous hurdle of supply and demand. Demand from business and a limited supply of skilled professionals for digital transformation. Embed things designed to help organizations measure the business outcomes of their application. Ask business questions to show the contribution to business value. 
  • Often it's not technical. Stick with the key use case, metrics for success, the business problem to solve to determine the right tool for the problem. Discovery requires in-person product planning workshops. A tangible action plan of what you build a series of consecutive releases to build, test, release, iterate, and continue.


  • Lack of visibility into what’s causing problems with apps. Inability to understand what’s causing poor app performance. Difficult to recreate the environment. When it comes to understanding performance you can only do that by pushing the app into the wild and crossing your fingers. This is an issue for large and small app developers.
  • Scalability. Someone writes a plug-in that queries post metadata might run in two seconds. The plugin gets moved to a site in production, taking 3.5 seconds. A site like Wirecutter gets eight million visits per month and it crashes the site with 12,000 concurrent sessions. Add an index to tables and caches to tables papered over the code and things scale and work. Shave requests time to handle traffic. Help to have more optimized code to run on the hardware provided.
  • Understand how to get organized to make mobile happen. Digital transformation includes Active Directory, ERP, legacy systems. A mobile app is not necessarily external. Changing workforce expectations of the tools offered are higher. How to provide employees with a great employee experience.
  • Velocity. To stay competitive, organizations must go fast without compromising quality. This presents a huge testing challenge. You can no longer run a two-week regression cycle at the end of the release. Full regression needs to happen every day; thus it must be fully automated and reliable.
  • Native development versus one for all. If doing iOS have a single codebase. If Android, you have to switch. Two different teams. Very expensive to write and maintain. Apps may not work the same if developed by different teams.
  • Under-designing the user experience, a lack of thorough behavior-based testing, and a surprising lack of basic responsiveness and performance testing in a variety of environments still plague the industry.

Here’s who we spoke to:

mobile application development, web application development, web application security, web dev

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}