4 security concerns for low-code and no-code development

Low code does not mean low risk. By allowing more people in an enterprise to develop applications, low-code development creates new vulnerabilities and can hide problems from security.

Low-code and no-code development promises to speed up the deployment of new applications and to allow non-technical users to create apps. The idea has been around for a long time. Now, new cloud-based platforms for creating mobile and web apps, as well as tools built into platforms like Microsoft's Office 365, Google's G Suite and Salesforce, are bringing app development capabilities to a growing user base.

According to research by Markets and Markets, the low-code development platform market is expected to grow from $4.3 billion in 2017 to more than $27 billion by 2022. In fact, 84% of enterprises have adopted a low-code development platform or tool, according to a Forrester survey of global IT and business decision makers released this March, and, of those, 100% have seen a positive return on their investment.

In many respects, these development platforms are more secure than the technologies they're replacing, since the cloud vendors can implement global access controls and permission while giving enterprises a single view into what all their employees are doing with the data. However, 59% of respondents to the Forrester survey cite security as the top challenge when it comes to adoption of low-code platforms.

Here are four security concerns around low-code apps that experts believe enterprises need to consider.

1. Lack of visibility

To continue reading this article register now

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!