Low-Code and No-Code Are the Future of Work — For IT and Beyond
As technical skills become democratized to support training for all employees, IT personnel are still needed to ensure that low-code and no-code tools are created safely and securely.
Join the DZone community and get the full member experience.Join For Free
In the aftermath of the pandemic, there have been immense changes in the ways employees interact with IT tools and teams. Not coincidentally, there's also been a rise in the use of low/no-code development tools.
Given the prevalence of hybrid work, the increasingly younger workforce, and a shortage of software-engineering talent, it's no wonder many are excited about the future of low/no-code development tools. Gartner analysts predict that 65% of all app development will be low-code-driven by 2024. Even more astounding, they believe that 80% of technology services will be created by non-technology professionals by 2024.
It is vital that IT personnel are involved in this process. Thankfully, this appears to be the case, as a recent study shows that organizations are experiencing more collaboration between non-IT employees and IT personnel, and this collaboration can be directly attributed to IT decentralization and democratization.
There's Been a Rise in IT Democratization and Decentralization
As a quick clarification, decentralization refers to IT staff working in different organizational departments and outside an IT organizational entity, while democratization refers to non-IT personnel making software choices, managing technology operations, and even developing specific tools and apps. Both of these phenomena are on the rise.
More employees are deciding how technologies will be chosen, deployed, and used; moreover, there's been an increase in the use of low and no-code solutions: tools with drag-and-drop interfaces and pre-build modules and widgets that can be used to create fully functional applications. Nearly all IT decision-makers say that at least one department in their company is creating its own applications, using low or no-code platforms.
Aside from democratization and decentralization, there is another explanation for the rise in low/no-code solutions — the ongoing developer shortage.
IT Personnel Must Remain in the Process, Even as the Developer Shortage Fuels the Use of Low/No-Code Tools
The demand for software-engineering workers continues to outpace the number of available developers. According to Forrester's 2022 Developer Survey, one-fifth of companies say they now recruit candidates without degrees, and roughly one-fourth said they recruit graduates with non-IT degrees. It's wonderful to see non-IT personnel creating their own tools; however, it is important that IT teams remain involved in the process. Even as technical skills become democratized, IT personnel are necessary to ensure that low/no-code tools are created safely and securely.
The Involvement of IT Personnel Is Vital to Ensure Compliance in the New Hybrid Work Environment
Low/no-code tools are great for building custom applications, automating workflows, managing databases, and gaining insights from data; however, it is vital that the tools are safe and secure. Corporations want to empower non-IT personnel and allow them to create their own tools, but they also need to vigilantly protect user data and ensure privacy compliance with standards like GDPR, CPRA, and our policies.
Through the use of low/no-code user management tools, IT personnel can define and manage user access, identities, and permissions. To keep customer data integrity intact and to ensure compliance with security protocols, IT personnel must periodically audit these low/no-code applications. Circumventing this is a huge corporate risk.
Citizen developers are more likely to introduce such risks into these tools. IT personnel need to make sure there are proper authentication measures and that credentials are properly saved. IT personnel should monitor tools for data leakage and for potential security misconfigurations. This is not to say that low/no-code application building isn't worth the risk. It simply needs to be explicitly managed to limit corporate risk.
A Caveat: Enterprises Shouldn't Over-Decentralize Their IT Departments, Nor Should They Rely Too Heavily on Citizen Developers
The solution lies in a hybrid IT model that fulfills specific business needs. Enterprises need to maintain centralized IT departments to handle certain requirements, such as systems deployment, cybersecurity, compliance, and threat detection. However, IT personnel should also be working throughout the company, addressing business-driven needs that require the use of no/low-code application development environments to respond rapidly to market opportunities. Employed correctly, these no/low-code tools offer the agility and speed necessary to deliver business services quickly.
If IT personnel are not involved in the low/no-code app development process, security risks abound. According to the OWASP Top 10 low-code/no-code security risks list, risks include the creation of applications that leak data, allow script injection, mishandle personally identifiable information (PII), move sensitive data into uncontrolled locations, and expose admin credentials. Hence, it is imperative that IT personnel are involved in this low/no-code app development process.
In Short, Effective IT Personnel Are Not to Be Taken for Granted
As the workforce gets younger, more non-IT employees will feel comfortable using no/low-code development tools to create applications. This makes sense, seeing as many of these workers have used such tools to create their own websites and analyze data, either in school or as a hobby. Nevertheless, the torch cannot be fully passed to non-IT personnel.
IT employees need to be involved to help with testing, integration, security, data protection, and compliance issues. Given the security risks posed by over-decentralizing and over-democratizing application development, C-level folks should place their IT personnel on a pedestal, as IT personnel provide vital guardrails.
We are seeing a seismic shift within IT departments. In recent years, IT has shifted from a bureaucratic entity to a governing partner—one that shares its expertise and establishes guidelines to ensure the compliance and security of business service applications.
With low/no-code app development tools, citizen developers who understand niche business problems can build applications themselves, leaving IT teams to focus on more business-critical projects; however, IT teams absolutely need to assist with governance issues, such as auditing, security, data protection, and regulatory compliance.
As IT personnel help facilitate how these platforms are developed and used, technology adoption will be further decentralized and democratized within the organization; this in turn should increase the synergy between business and IT teams. It all sounds great, as long as IT teams remain actively involved. The key is keeping IT personnel in the loop.
Opinions expressed by DZone contributors are their own.