- Listen to our monthly AppSec Stats Flash podcast
- LEARN MORE
A "citizen developer" wave is currently taking enterprises by storm. Largely driven by the ready availability of low-code tools, the need for agility, and the ever-present shortage of IT resources, citizen developers are helping enterprises develop apps more quickly, and with a better understanding of the business. But this often comes at a price – namely the risk to security, data governance, and integration – unless it can be managed as an integral part of the enterprise’s IT ecosystem.
What is a citizen developer?
Citizen development is a low-code approach to software development. It allows “citizen developers” to create software programs without needing to know anything about programming languages or how to write code by using low-code, icon-based, Lego-like development tools.
Previously referred to as "shadow IT," citizen development was often viewed negatively; now it is increasingly associated with how business gets done.
According to recent Appian research:
Rapid “citizen app development” creates an IT security nightmare.
On the flip side, citizen developers have an intimate knowledge of the business, its daily processes, and what is required in order to improve efficiencies within individual parts of the organization. Typically, this results in custom apps that are a better fit for the business than off-the-shelf apps, which take a one-size-fits-all approach.
Can we achieve the best of both worlds?
According to Gartner research, at least half of all new IT business applications will be created on low-code platforms by 2020.
“Many IT leaders believe citizen-developed apps cause integration and security issues, and they want a tech platform to allow the governance of citizen development.”
Based on this looming reality, IT decision makers are coalescing around a few key truths:
The bottom line
Clearly the critical importance of app security, coupled with the proliferation of low-code development tools and citizen developers, presents a formidable challenge for today’s enterprise.
Gartner predicts 70 per cent of businesses will have citizen development policies in place by 2020. However, for companies to adapt to this development, they must be open-minded to the opportunities presented by low coding and incorporate them into their wider business strategy.
The goal is an approach that:
“A citizen developer support program that includes sanctioned platforms, just-enough governance, access to enterprise services, and IT guidance and monitoring can create a safe environment for end-user application development.”
WhiteHat Security announced a five-part developer training webinar series and certification program that introduces developers to application security, secure coding techniques and best practices in identifying and fixing security vulnerabilities.