Member-only story
Will Low-Code Development Lead to Security Problems and Data Breaches?
The weakness of low-code development is inexperienced developers not understanding security
Recognise security in software as a problem before it becomes an emergency
Low-code development has the potential to create software faster and cheaper than traditional development. What isn’t being talked about is the software will carry the same security risks as traditional code based software.
Security is built into low-code development tools but it has to be understood and configured. Citizen developers might not realise the security implications or have the experience to configure security.
It’s the punch you don’t see coming that knocks you out and citizen developers will focus on creating software and not applying security best practices.
If low-code development is not done in collaboration with the IT department and best practices, guidelines are not defined by experienced developers. This will create the potential for security holes and data breaches.
This isn’t a citizen developer problem, it’s a general development problem, the difference is experienced developers (not always) check security is in place. Inexperienced junior/citizen developers won’t even realise security is their responsibility and what to do.
Microsoft Power App Portal exposes 38 million records
Microsoft Power Apps, which is Microsoft’s low-code development tool, made the headlines because a mis-configured Power App exposed 38 million records to the internet.
38 million records exposed by misconfigured Microsoft Power Apps. Redmond’s advice? RTFM
RTFM stands for read the flipping manual :-)
Key quote
“Forty-seven government entities and privacy companies, including Microsoft, exposed 38 million sensitive data records online by misconfiguring the Windows giant’s Power Apps, a low-code service that…
