Low code security

Image thanks to revistadigitalsecurity

The concepts of low code and no code have been around for some time. We were talking about them a lot when I was at Durham, which is now five years ago. That’s a long time in IT. In my regular catch ups with my friend Adam, it is a subject we always get around to. 

I see low code and no code as part of a continued drive to make IT easier to use, making it much easier to develop and tailor applications to your own requirements using existing blocks of code. Lego is a good and overused analogy here.

In case you are not aware though (according to ZDNet from March 21): Low-code solutions typically target users with some development experience, or developers needing to quickly build apps, employing visual development environments and automated linkages to back-end systems, databases, web services, or APIs. No-code solutions take this abstraction a step further, introducing visual drag-and-drop interfaces that involve no coding at all.

It goes on to say that ‘Within the next two years, Gartner predicts, more than half of medium to large enterprises will have adopted low-code application platforms.’

Of course low code and no code atre misnomers in that they require a lot of coding. What goes on inside the block still needs to be written and, perhaps ironically, the move to these solutions will lead to an increase in demand for coders.

This is where my additional interest comes in (I am interested anyway) from a cyber security angle. The use of these solutions in effect passes responsibility for security to the coders writing each block. As the solutions are developed from multiple blocks there will be increased data flows through the interfaces between them. Each of these flows will be an opportunity for possible malicious interference.

I have been thinking for some time now that the most interesting area for cyber risk will come from the merger of IT and OT. I suspect that much of the change taking place in this arena will be in low code and no code. They are two sides of the same coin and strong security will remain a key consideration.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s