IT should ensure that the composable elements used to create low code applications meet company security and data privacy standards.
Low code development offers a great way for companies to build applications quickly. The big selling point is that low code development offloads tasks from IT and the developer staff, allowing business units and citizen developers to take matters into their own hands. As a result, the business units and individuals get to develop exactly what they need and do not have to wait for corporate development resources to be available.
Does this mean IT has no role? Of course not. IT still needs to provide oversight for several reasons. Examining common low code use cases and practices helps explain why.
Common low code use cases
Companies are finding that low code is ideal for a couple of generic classes of applications.
One category is to build applications that impart small-scale automation capabilities. Prime candidates are the automation of smaller workflows that involve tapping into a database, email, or transactional system and then performing a task as would a human. An example would be an application that checks the IoT data about the state of a system and automatically sends an email alert if some threshold value is exceeded.
Companies also use low code to develop programs for the analysis of IoT data. An application developed using low code techniques might ingest IoT data and perform trend analysis or anomaly detection. A program might use composable elements that perform predictive analytics or run the data through an existing machine learning model. These sophisticated analysis routines could be made available to low code developers as a composable element.
Where IT oversight comes in
One area where IT needs to be involved is with respect to managing potential security risks. Low code enables citizen developers to develop applications without waiting for IT. It doesn’t replace IT completely – enterprises still need IT for higher-order tasks such as governance, data ingestion, and cybersecurity.
One way to manage or contain these problems is to have IT oversee operations. Not in a day-to-day way and not in a way that requires a large investment in time. That would defeat the purpose of using low code. Rather, IT should ensure that the composable elements used to create low code applications meet company security and data privacy standards. IT also can impose restrictions on which datasets can be used in a low code application. Such oversight is particularly important when an application touches mission-critical or enterprise-wide systems.
Scalability also must be considered when such systems are incorporated into an application developed using low code techniques. Here again, IT must get involved. Citizen developers tend to create applications that don’t scale well, according to Harvard Business Review. The authors of that article suggest:
“The best situation may often be a hybrid citizen/professional development model, in which the user develops 80% of the model and hands it off to the developer for polishing. Or the user may develop the initial application using a graphic interface tool and then give it to a developer to program it in Python or some other more scalable language. In either case, the developer can record that the system exists, ensure that it works correctly, and connect it to any needed data or transactional system.”
That approach is not needed for all organizations. However, some form of that model might be worth considering if citizen developer applications are adopted throughout an organization and not simply used within the business unit.
IT’s role in retaining institutional knowledge
One of the big benefits of low code is that it gives the people with intimate knowledge of how things work a tool to do things better. A shop floor manager can quickly put together a performance monitoring app based on his or her expertise. Similarly, a service staff member might build a maintenance scheduling app that factors in the analysis of IoT data about real-time equipment status and performance. Such apps essentially capture the knowledge of the experts within the company and let others benefit from their expertise.
Such apps are fine, but what happens with the person who developed the app leaves, or someone wants to make changes or use the app for another purpose. Such situations lead to knowledge leakage, which is common across all industries (and is certainly common in cases that do not involve low code).
Increasingly, companies are realizing they need to implement knowledge capture and retention policies and best practices. IT can play a role by helping develop best practices for low code programming. It might be something as simple as requiring a citizen developer to fill out a form that details what the app is supposed to do, the data sources it uses, and the components the app uses and why.