Cyber Security

How are "Citizen Developers" affecting Cyber Security in large firms?

DI Asked by Diana Prince · 05-06-2025
0 upvotes 9,543 views 0 comments
The question

With so many non-technical employees using Low-Code tools like Power Apps to automate their workflows, I’m worried about "Shadow IT." Is 2026 seeing a rise in data leaks because "Citizen Developers" don't understand API security or data encryption? How are enterprise SRE teams managing this without killing the productivity benefits?

3 answers

0
KI
Answered on 15-09-2025

This is the #1 challenge for "Governance" this year. In our firm, we’ve moved to a "Sandboxed Low-Code" environment. We provide the Citizen Developers with "Certified Data Connectors." They can build whatever they want, but they can only pull data from approved, pre-secured sources. We’ve also implemented "Automated Security Linting" for Low-Code. If an app tries to make a public API call without an encrypted header, the system automatically flags it for an SRE review. It’s about creating "Guardrails" rather than "Gatekeepers." You want to empower the business side without giving them the keys to the entire server room.

0
LU
Answered on 10-10-2025

Do these "Guardrails" end up making the Low-Code tools so restricted that employees just go back to using unapproved spreadsheets anyway?

RY 22-10-2025

Lucas, that's the "Shadow IT" trap. We solve that by making the "Secure Path" the "Easy Path." If our internal app store has a 1-click template for what they need, they won't go looking for a risky third-party workaround. It’s a UX challenge for the IT department as much as a security one.

0
SE
Answered on 01-11-2025

Security education is the only real fix. You can't patch human error with just software. We run "Low-Code Security" workshops every quarter now.

KI 10-11-2025

Well said, Sean. Diana, it’s a cultural shift. We have to treat Citizen Developers like junior members of the engineering team, not just "users."

Share your thoughts

Your email address will not be published. Required fields are marked (*)

Professional Counselling Session

Still have questions?
Schedule a free counselling session

Our experts are ready to help you with any questions about courses, admissions, or career paths. Get personalized guidance from industry professionals.

Request a Call Back

Search Online

We Accept

We Accept

Follow Us

"PMI®", "PMBOK®", "PMP®", "CAPM®" and "PMI-ACP®" are registered marks of the Project Management Institute, Inc. | "CSM", "CST" are Registered Trade Marks of The Scrum Alliance, USA. | COBIT® is a trademark of ISACA® registered in the United States and other countries.

Book Free Session