DEVOPSdigest

Riding on a substantial value proposition of speed, cost efficiency, productivity, and collaboration, low-code/no-code development is growing at a rapid clip. A leading market intelligence and consulting firm estimates that by 2025, organizations will build 70% of their new applications using low-code or no-code technologies, almost three times the level in 2020. This is causing justifiable concerns of how a large and growing shadow IT could impact an organization by replacing professional developers, increasing cybersecurity risk, inflating technical debt, bypassing governance, or even disrupting the business if coupled incorrectly with (main) IT applications without the knowledge of the IT organization.

Since there's no stopping low-code/no-code momentum, how can enterprises maximize the gains from citizen development while curtailing its risks?

One way is to extend the reach of formal IT into shadow IT, not to take it over, but rather, to lend a guiding hand.

This can happen in several ways — ensuring business developers use approved low-code/no-code platforms with robust inbuilt security and compliance that are integrated with enterprise IT and security systems. Other ways include getting pro-code developers to support shadow IT users in complex assignments and teaching business developers best practices in application design and development. Co-developing applications is another way, where business developers provide the requirements, while professional developers work on design, architecture, and complex programming activities.

Beyond this, organizations can apply the principles that have transformed pro-code development to low-code/no-code development and thereby compound its value. We are talking of DevOps, agile and lean techniques.

Low-Code and DevOps, Really?

Fears of low-code/no-code taking over pro-code are quite misplaced. Yes, it can empower citizen developers to build simple applications. But it is no substitute for professional software development. On the contrary, low-code combines neatly with mainstream software development principles, namely DevOps and agile, in a mutually beneficial relationship.

Low-code is fast, but DevOps makes it faster. By bringing automation to low-code development, DevOps shortens the time needed to take applications to market. Automated DevOps pipelines, continuous testing and quick, iterative feedback loops minimize errors, and improve the quality and reliability of applications. The use of standard procedures and guardrails (including security related controls), baked into DevOps pipelines, also reduces risk, improves compliance, and ensures that applications built by business or citizen developers integrate harmoniously with enterprise IT systems. Collaboration between IT teams (development, testing, operations) is an essential element of DevOps culture that breaks down silos, promotes knowledge sharing, teamwork and trust, and enables the teams to solve problems jointly. All these benefits can accrue to low-code development as well. For example, with the support of pro-code developers in a DevOps environment, low-code developers can tackle more complex problems than what they can handle on their own.

Agile methodologies take collaboration and iterative development to a higher level by allowing the teams (including low-code/no-code developers) to take up smaller pieces of work (at a time), refine them continuously, and make changes as required. Apart from continuous improvement, there is regular exchange of learning among the team members as they work towards a common goal.

The extension of lean principles to low-code helps to concentrate efforts on building only those features that add value, so that developers do not waste their time and energy on wasteful activities. Also, lean software development mandates the inclusion of dedicated subject experts with full knowledge of customer requirements to guide developers. This means developers don't need to go back to the customer every time they have a question.

Studies show that organizations nurturing citizen developers using low-code/no-code platforms are more innovative. The potential cost savings can range from 30 to 70% of mainstream software development costs. However, organizations run the risk of creating a shadow IT which, not being subject to the same governance and controls as their main IT, could expose them to various risks. The answer is to extend the participants, principles, and practices of regular software development, especially DevOps, agile and lean, to its shadow counterpart, and get the best of both worlds.