By Dinesh Varadharajan, Chief Product Officer (CPO) at Kissflow
The low-code technologies have crossed the chasm from disruptive trend to proven paradigm. The global market for low-code application development platforms (LCAPs) is estimated to be worth almost US$28 billion this year and predicted to surpass US$182 billion by the end of the decade. The Arab Gulf region looks set to take a sizable slice of this pie as countries like Saudi Arabia and the UAE continue to host low-code summits and their governments look for ways to accelerate digital transformation against a backdrop of IT skills shortages.
Done right, low-code’s value proposition is simply too good to be passed up on. Line of business gets to innovate without having to wait for an available IT staffer to conduct formal requirements gathering and use-case analysis. Meanwhile, beleaguered IT departments can concentrate on the big-picture projects without having to wedge departmental quick wins into the schedule.
However, for “citizen developers” to achieve their full potential, they must be trusted to run with the ball. This means creating an environment where their efforts to develop applications are fully encouraged, without IT teams giving up the reins of control. After all, CIOs and IT departments answer to boards, to regulators, and to a range of other stakeholders and must therefore strike that delicate balance between empowering citizen developers, while still ensuring their resultant actions are in line with security best practices and regulatory frameworks.
This is an entirely natural conflict. Business executives are expected to think outside the box in a modern commercial landscape rife with competition and customer expectation. IT is expected to rein in risky behaviour and ensure that digital assets are performing the tasks for which they were built or procured. When the world of innovation and competitiveness meets the world of checks and balances, how does the clash resolve itself? We see the rise of shadow IT – a nebulous mist of unknowns and lost visibility. A swamp of risk.
Here we have just described both the world before low-code development emerged and the world that is trying to adopt it. Low code can solve the problem of shadow IT but only with the support of the IT function. And yet, we see IT departments across the region showing reluctance in opening the LCAP toolbox for their non-IT colleagues.
If the analysis of workforce dynamics has taught us anything, it is that ‘employees will find a way’. And while their workarounds might indeed enhance productivity, each has the potential to introduce its own risk – from a simple lack of control right up to and including a dangerous security vulnerability.
Curing blissful ignorance
Low-code is nothing less than the democratisation of app development. It is the alternative that has appealed strongly to the business executive who does not want to wait for the slow development process to begin. They will opt for functionality every time, blissfully unaware of the dozens of best practices IT staff would integrate. They may never even consider the sensitivity of the databases they access, or whether they are authorised to use a particular system. This presents a clear risk and strengthens the case for IT to be solely responsible for application development.
But a forward-looking company will see this as the stifling of innovation. And also see that it is unnecessary. All that is required is a governance framework that empowers employees to innovate freely while allowing IT to keep one hand on the wheel. This can be accomplished through carefully crafted policies, effective training of employees and leveraging the right tech. Any citizen developer should (as professional developers do) be looking beyond mere functionality to understand potential risks.
It is also worth highlighting that governance does not always mean control. This holds especially true at the present moment when governance can mean offering encouragement to end users to be successful and to deliver business value. IT professionals should subscribe to this mindset and focus on facilitating the enablement of citizen developers. This means empowering them to deliver business outcomes, not just how to use low-code tools to develop applications.
In other words, IT must stand behind citizen developers while understanding that they need to be trained in matters of risk. Some LCAP vendors such as Kissflow already include powerful governance capabilities in their offerings, enabling IT teams to monitor developed applications and their interdependencies, to know what data is being accessed, and by whom. Interfaces like these allow controls to be toggled for all applications through a single click, meaning organisations can scale up their pool of developers (technical and citizen) without having to worry about added complexity in governance.
Real guide rails
Low-code development’s potential to add value up and down the value chain, across departments, and all at every rung of the enterprise is clear. All that is required for IT and every business unit to reap some of that value is the right guide rails. After that, innovation can proceed safely… and unhindered.