Low code, high maintenance risk?
There is no doubt that ‘low code’ approaches, such as Microsoft’s Power Platform and Power Automate, optimise processes, or a part of a process, with workflow solutions enabling operations to fast track the release of tactical accelerators. That’s the good part.
Looking beyond this revolution begs the question as to how organisations will support the myriad low code applications that have been created, ensuring maintainability, scalability, security, and performance?
This article looks forward to how NashTech believes central IT functions will need to act to maintain low code applications without introducing new risks.
The promise of low code
Low code development will ease the burden on central Information Systems (IS) functions because business teams and end-users can create solutions themselves. Many mundane data related activities will be solved in days, rather than months.
Low code development can be likened to IKEA furniture. You save money by doing the assembly yourself, without the need of a skilled craftsman and can seek help from online communities there to support. However, this is where the similarities end. Furniture generally requires minimal maintenance; a piece of furniture doesn’t communicate with other pieces of furniture and isn’t required to secure any data!
Depending upon the low code approach adopted, if ‘citizen’ developers in business teams are used to create low code applications, how will they be able to support them? In this case, support and maintenance risks have been taken away from the central IS team without clear someone to take accountability of failures and disruptions. Thus, a new set of risks is created!
Low code maintenance challenges and risks
Like the initial entry of PCs to the well-managed Mainframe world of the 1980’s or the chaos of uncontrolled development of thousands of SharePoint applications in the 2000’s – this time organisations need to get their low code strategy right first. What should be considered when creating a roadmap to put a seamless solution in place?
Standards and Documentation: Creating applications is the smaller proportion of the total cost, the bigger part is that you must maintain it for years. The more complex software is, the harder it is to maintain and longer it takes to fix and update. Professional software developers aim to minimise complexity, making it easier to maintain, citizen developers may not appreciate such practice nor the documentation necessary for someone else to understand, debug or enhance an application later.
Testing and Deployment: Microsoft has two major upgrades per year, which could break those low code applications. If they are critical to the business, they will need to be tested before the major upgrades and moved through environments to Production.
Low code applications on their own are not complex but when you have potentially hundreds, such simple components combined create a complex solution. Activities around automated testing and deployments need to be considered as part of an engineering mindset when industrialising.
Performance Monitoring: Good IS teams proactively monitor applications and are alerted to applications not working correctly. IS teams will need to learn how to monitor low code applications and manage their performance.
Security: The ease with which you can create low code applications and connect them to data sources comes with the potential of a security leak. Microsoft gives you the ability to lock down connectors but only if someone sets up the security!
What does a low code strategy look like?
Embracing a low code approach will mean low code development tools become part of your core software portfolio. That comes with training for professional developers and possibly citizen developers. Governance of application deployment and integration will need to be established and managed.
Whilst low code software development platforms like Microsoft Power Apps or OutSystems will see many business problems solved in days rather than months, maintaining hundreds and hundreds of small applications created by ‘citizen’ rather than professional developers is going to be a challenge if there is no strategy or governance in place first.
Software Engineering approaches like automated deployments, automated regression tests, security reviews and standards will be needed as well as large scale low code applications portfolio management. This will require knowledge of how to leverage the relevant low code platform toolsets in the right way.
Organisations should establish a low code strategy with a centre of excellence for low code applications that drives innovation and improvement, shares best practices and knowledge across whilst at the same time providing consistency and governance through standards and trained staff.
Ultimately, this will ensure your organisation stays in control whilst accelerating its application development and delivery of value.