Blog



What to Know about Low-Code/No-Code Platforms & Security

What can be done to make sure your low-code and no-code mobile apps meet enterprise-level standards for security?Low-code and no-code development platforms are great tools for rapid software development, helping non-technical business experts and IT quickly write powerful, useful applications. But are they safe and secure — and what can be done to make sure they meet enterprise-level standards for security?

That’s the question posed by the article in Dark Reading, “In App Development, Does No-Code Mean No Security?” The article poses the conundrum simply: “The question is whether no-code also means no security.” It goes on to quote Vinay Mamidi, senior director of project management at security vendor Virsec: “While trained developers may have varying levels of skill in security, no-code developers are generally oblivious to security best practices or risks.”

The reason for that, the article notes, is that no-code developers haven’t been trained in security, as have more experienced developers. Because of that, it’s vital that businesses choose low-code/no-code platforms that “themselves build security into the final product,” the article says.

Mounir Hahad, head of Juniper Threat Labs at Juniper Networks believes that the right low-code/no-code platform may be even more secure that other development tools. That’s because low-code/no-code platforms assume that whoever is writing applications will not have a background in security, and so take care of a lot of security issues by themselves. He notes that with these platforms, “There's a huge step up [in security] because there is a common denominator as far as security best practices and implementations that framework providers build into their own SDLC [software development lifecycle]."

 That doesn’t mean, though, that IT should assume that every aspect of security will be handled by the platforms. Hahad warns, “In no way does this solve the general problem of securing an application. Patching for vulnerable subsystems and third-party code still needs to be done, for example."

Virsec’s Mamidi adds, “Enterprises must find ways to audit processes and vendors, and maintain reasonable security oversight, even if that makes the [development] process a bit less convenient.”

The same general rules of security apply whether your company uses traditional development tools or a right low-code/no-code platform. The article concludes that it’s vital that organizations have someone focused on security. It quotes Jason Kent, hacker in residence at Cequent, saying “The most successful organizations that I see have an application security architect — somebody with a foot in security and a foot in development. They can more easily identify and define the kinds of controls that you need to make low-code/no-code environments secure and still collaborative."

Choosing the Right Low-Code/No-Code Platform with the Best Security

Alpha TransForm (for non-developers) and Alpha Anywhere (for developers) are no-code/low-code tools that include the highest levels of enterprise security. Alpha Anywhere has the unique ability to rapidly create mobile-optimized forms and field apps that can easily access and integrate with any database or web service and can exploit built-in role-based security or robust offline functionality. Alpha TransForm and Alpha Anywhere can work independently or together as a single platform and are well-suited for both IT, citizen developers and other staff.  Alpha TransForm helps business users craft online or offline mobile apps in minutes that utilize the latest mobile features (camera, GPS, etc.) for fast, accurate data capture. Learn more take a free trial for 30 days.

 


Guide to Low-Code App Develompent: How to Chose the Right Low-Code Tool for Your Organization
Further Reading:

Guide to Low-Code Development: How to Choose the Right Low-Code Tool for Your Organization


Three Big Digital Trends for Manufacturing in 2020
Supercharge Digital Transformation: Connect Apps & Firstline Workers

About Author

Amy Groden-Morrison
Amy Groden-Morrison

Amy Groden-Morrison has served more than 15 years in marketing communications leadership roles at companies such as TIBCO Software, RSA Security and Ziff-Davis. Most recently she was responsible for developing marketing programs that helped achieve 30%+ annual growth rate for analytics products at a $1Bil, NASDAQ-listed business integration Software Company. Her past accomplishments include establishing the first co-branded technology program with CNN, launching an events company on the NYSE, rebranding a NASDAQ-listed company amid a crisis, and positioning and marketing a Boston-area startup for successful acquisition. Amy currently serves as a Healthbox Accelerator Program Mentor, Marketing Committee Lead for the MIT Enterprise Forum of Cambridge Launch Smart Clinics, and on the organizing team for Boston TechJam. She holds an MBA from Northeastern University.

Related Posts
Why Low-Code Is a CIO’s Best Bet for Digital Transformation
Why Low-Code Is a CIO’s Best Bet for Digital Transformation
Gartner: The Future of IT Is with Business Units and Citizen Developers
Gartner: The Future of IT Is with Business Units and Citizen Developers
How to Choose the Best Low-Code Platform for Your Business
How to Choose the Best Low-Code Platform for Your Business

Comment

Subscribe To Blog

Subscribe to Email Updates