The low-code and no-code market -- encouraging the rise of citizen developers, as well as speeding up software development -- is now a sizeable one, and will double in size over the next five years. Recent research out of ISG puts the market at about $25 billion at this time, and this sector is expected to grow at a compounded growth rate of 28% annually, to $45.5 billion by 2027. Will concerns about technology spinning out of control in an insecure way put a damper on this growth? Can there truly be a class of unfettered "citizen developers," or is this just wishful marketing?
Low-code and no-code proponents point out the advantages low-code and no-code offer more than offset any issues that arise. For starters, the approach can accelerate software development by 10 times, says Anindeep Kar, principal consultant with ISG. In addition, by the end of next year, half of all medium-to-large enterprises will have adopted low-code "as one of their strategic platforms."
The appeal of low-code and no-code is that it is a "force multiplier" that may help resolve the issues that inhibit business and technology alignment, Kar says. A lack of alignment "has historically been one of the most significant contributors to failed digital transformations," he says. "By blurring the line between citizen developers and professional developers, low-code and no-code is doing to application development what site reliability engineering has done to IT infrastructure management. Low-code and no-code helps offset chronic resource shortages, increases developer velocity, and accelerates development of low-complexity intelligent automations or business process workflows."
Low-code and no-code are increasingly seen in digital enterprises that support hybrid and remote workplaces. "No-code supports the 'cloud-forward' approach, fostering faster and more convenient cloud migrations," says Borya Shakhnovich, CEO and co-founder of airSlate.
The increasing presence of low-code means changes to both IT and business job roles as well. These platforms "provide pro developers an opportunity to act like consultants," Kar adds. In addition, companies successfully using the technology "to boost profitability have used a collaborative mix of citizen and professional developers to accelerate time to value without compromising centralized governance," says Kar. In addition, pro developers and IT staff have been accorded "access to faster development tools, and the ability to focus more on architecture and strategy and exercise business-savvy skills."
The main concern about low-code and no-code is its potential to exacerbate the spread of shadow IT. Applications developed by citizen developers "are frequently developed without proper IT oversight, so a security breach or a noncompliant solution can incur significant financial damage," Kar warns. In addition, the expanded shadow IT landscape "may exacerbate existing IT technical debt with orphaned couplings. This occurs when a shadow application uses data from IT applications without IT knowing about the dependency. Changes to a dependent IT system can cause disruption of the shadow application, thereby disrupting business operations."
Shakhnovich agrees that shadow IT is a risk, especially since there's a possibility of "one or very few users knowing how the system works, and a proliferation of governance issues." This opens up a new role for IT professionals as well -- "establishing appropriate oversight, so citizen developers can have the freedom to improve their work," he says. "While low-code and no-code solutions tend to be both efficient and cost-effective, there are instances where security concerns or need for complex functionality might limit their effectiveness."
Another downside with low-code and no-code is an inability to customize solutions. "There is a rigidity of low code and no-code platforms," cautions Nag Vaidyanathan, chief technology officer at Duck Creek Technologies. "Many are not flexible enough to meet the nuances or uniqueness of a particular business functionality." In addition, low-code and no-code may require "a level of maintenance as changing business needs warrant. This includes deviations from the norm due to special circumstances like integrations, needing to modify the inherent out-of-the-box code, overrides, debugging, creation of shadow IT groups, as well as redundancy or duplication of functionality across multiple areas of a company."
This is where IT needs to step in and take charge. IT will need to "create and manage APIs for self-service data," says Kar. "That's not a trivial problem. It involves prying data out of departmental silos, establishing rules -- and writing APIs that enforce rules -- that allow people to access only the data that they're allowed to see, and ensuring that the data is used appropriately. Data governance will become a much bigger part of IT's job."
Professional developers and IT staff "won't have to attend to commodity programming of common reusable code," says Vaidyanathan. "Instead, they can focus on value additions and creating software maturity with build or buy decisions, proprietary development of services-based architecture. This opens doors for technologists to get closer to supporting the customer and fulfilling customer needs."
The bottom line is that "when traditional programming stops being a barrier, people can create software to answer questions as they come up, and discard that software when it's served its purpose," says Kar. "If you're a product manager, can you track sales of a product on a channel-by-channel basis? Can you see sales trends in countries, states, or cities? That's possible with some BI tools, but all too often you'd need database access, knowledge of SQL, and the ability to program in a language like Python. Supporting people who need these answers has long been the province of IT -- and a significant drain. I don't think IT will be able to disengage completely, but when data becomes self-service and when people have the tools they need to analyze it, IT intervention will be the exception, not the rule."