IT专业人士和DevOps对低代码说不

用户痴迷低代码首先归因于其拖放式界面,这种界面可以节省大量时间。在低代码中,每个流程都借助图形化界面直观地显示,因此一切更容易理解。

作者:Akashdeep Arul  编译:沈建苗

企业转向数字现代化(包括改善用户体验、实现流程自动化和升级关键系统)后,低代码迅速得到了采用。由于低成本,低代码被证明对数字现代化而言很理想,但它对企业来说真的安全吗?

Forrester最近的报告指出,2021年低代码平台占应用程序开发的75%,远高于2020年的44%。IT专业人士和DevOps社区对于低代码的采用表示了担忧,因为他们认为低代码带来了一系列问题。那么为什么企业痴迷低代码呢?

用户痴迷低代码首先归因于其拖放式界面,这种界面可以节省大量时间。在低代码中,每个流程都借助图形化界面直观地显示,因此一切更容易理解。低代码使开发人员可以更轻松地创建应用程序。

然而,当IT部门发现个人或部门使用了未经批准的低代码时,问题随之而来。这导致资源被浪费,并带来了安全风险。为了及早了解问题以免造成混乱,公司会寻找警告信号,比如帮助台接到陌生软件方面的请求。

困扰低代码的关键问题

供应商锁定是低代码开发平台方面最大的担忧之一。供应商锁定通常称为专有锁定或客户锁定,指客户的所有产品和服务都依赖一家供应商。这使客户被一家供应商牢牢束缚,如果不支付昂贵的切换成本,就无法另换新的供应商。

虽然大多数知名供应商声称自己的产品没有供应商锁定,但事实并非总是如此。这意味着如果不支付许可费,你的软件将无法运行。如今,大多数供应商生成复杂的代码,因而在其平台之外不可能维护应用程序。同时,一旦你停止使用其应用程序,其他供应商不允许你进行更改。

在创建自定义软件时,开发人员面临的最常见的限制因素是硬件和原生语言功能。低代码开发平台通常比其他的编程方式更受制约。企业可能无法获得自己想要的合适功能。同样,在其他低代码解决方案中,用户界面受限制。但是定制选项因平台而异。

TSAARO首席执行官兼联合创始人Akarsh Singh说:“开发人员在创建自定义软件时才受到硬件和原生语言功能的限制。你在低代码开发工具中所能实现的功能数量是有限的。低代码是一种创建应用程序的快捷方法,但如果你想尝试新东西,就没有太多的选择。”

Gartner的魔力象限提到,低代码供应商应提供脚本或第四代语言(4GL)编程环境,因为许多高生产力应用PaaS(hpaPaaS)解决方案大力倡导使用JavaScript或3GL语言的代码型扩展。

如果使用低代码开发应用程序以满足特定标准,不会有持续开发或改进。因此,定制范围、灵活性和集成选项极为有限。

为什么IT专业人士和DevOps讨厌低代码?

使用低代码开发的企业无法访问供应商系统,无法检查应用程序代码。如果企业遇到软件方面的任何问题,就无法确定根本原因。相比其他的开发形式,低代码平台不具有透明度。IT专业人士和DevOps解决这个问题的办法是,借助黑盒方法测试、第三方安全审计、法律认证及协议以及购买网络安全保险,进行安全检查。

你对任何技术有多大的控制度取决于使用它的程度,而将大部分工作交给工具将使工具得以控制你的流程。久而久之,整合低代码变成了一种锁定现象。有几个措施可以尽量缓解使用低代码工具所造成的锁定。可以将代码编写得更易于移植,隔离业务逻辑,然后用将其与本地低代码API连接起来的粘合代码来修复。

虽然低代码解决方案包括安全协议,但它们无法与独立开发方法提供的保护级别相匹敌。你无法完全控制数据安全或访问源代码。因此,你无法列出所有潜在的漏洞。Akarsh表示,尽管低代码工具名叫低代码,仍需要扎实的技术知识。

扩展IT系统以容纳更多的应用程序,因此总体上需要更多的资源,这导致了所谓的应用程序散乱(application sprawl)。应用程序散乱这个术语用来描述因糟糕架构而导致效率低下的系统。如果一个项目不太庞大或不太复杂,仅使用低代码平台为某些客户将软件交付到生产环境是可行的。另一方面,从长远来看,应权衡这种策略的危险和费用。然而,以这种方式实施的解决方案极可能更快地出现在生产环境中,可扩展性和安全性方面有更多的缺点。

低代码会将你逼入困境

企业使用低代码迅速交付成果时,开发人员并不完全控制进入到平台的代码,因为这些代码结合了进入到同一个平台的各种工具和工作流。公司使用低代码系统时记住这点:由于企业技术的要求经常变化,加上通过低代码交付成果所花的时间和资源较少,应用程序可能需要持续开发。

与许多企业一样,低代码平台提供低价以吸引潜在客户,然后等客户有需求时提高价格。这是主要问题(锁定)的一方面;一旦使用供应商的平台来构建系统,供应商就操纵价格。除非签署了长期合同,否则不可能知道五年后你要花费多少。如果企业的生产环境需要后端,肯定要付一大笔费用。

企业不能轻视数据管理。有几个环节需要核查,比如数据可访问性、数据的使用方式以及所需的控制级别。然而,控制级别在低代码中很有限。低代码平台分析消费者行为和偏好,而在访问控制方面有内置的杂项(quirks),以帮助企业构建与目标受众相一致的应用程序。如今,应用程序开发因所含的代码较少而变得技术性不那么强了。

IT专业人士和DevOps认为,使用低代码开发方法的公司应意识到安全风险,并采用开发安全运维(DevSecOps)作为预防措施。添加安全检查点对于应用程序的生命周期必不可少,而DevSecOps一开始就确保了框架的安全性。

参考链接:https://analyticsindiamag.com/it-professionals-and-devops-say-no-to-low-code/

 

K8S中文社区微信公众号

评论 8

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址
  1. #8

    看了你的文章,觉得非常不错

    想与贵站互相友情链接

    建站教程网-http://nizhidaole.cn

    如果同意的话,回复一下后互相上链接!

    名称:建站经验网 本站网址: http://nizhidaole.cn/

    本站描述: | 新老站长都喜欢的技术性优秀网站!.

    赵丽颖8个月前 (06-19)回复
  2. #7

    Joe Engressia Thank you for Helping me in changing my grade and credit score in good shape, Now am a graduate finally, reach out to him of you need his service related to hacking service, His a very good one. reach him here
    DIGITALDAWGPOUNDHACKERGROUP@GMAIL.COM
    whatsapp no. : +1 732 639 1527

    Ivan Jefferey4个月前 (10-14)回复
  3. #6

    Joe Engressia Thank you for Helping me in changing my grade and credit score in good shape, Now am a graduate finally, reach out to him of you need his service related to hacking service, His a very good one. reach him here
    DIGITALDAWGPOUNDHACKERGROUP@GMAIL.COM
    whatsapp no. : +1 732 639 1527.

    Ivan Jefferey4个月前 (10-17)回复
  4. #5

    People find it hard to stay committed again. It’s becoming a difficult thing. Getting information & data you need is quite not a big deal. Sometimes the truth needs to be unveiled by whatsoever means necessary. The latter of the case should always be reckoned with, of which it would be known eventually what would be the data at hand afterwards. definitely contact Thomas would do justice on this intercepting with wares and you will have me to thank later.
    I finally caught him red handed…
    They also have a refund policy if you wish not to go further with your job.
    Contact him via
    Email; tomcyberghost@gmail.com Text/Call +17207941811, WhatsApp +1 3047457645

    Tested and trusted.

    florence jenny3个月前 (10-25)回复
  5. #4

    I was able to catch my cheating husband red handed with a lady he has been having a love affair with and this was made possible by Fred hacker that I met through a comment posted by Kimberly Jane on Reddit about his good and professional services. I started getting suspicious of my husband since he became too possessive of his phone which wasn’t the way he did prior before now. He used to be very carefree when it comes to his phone. but now he’s become obsessed and overtly possessive. I knew something was wrong somewhere which was why i did my search for a professional hacker online and contacted the hacker for help so he could penetrate his phone remotely and grant me access to his phones operating system, he got the job done perfectly without my husband knowing about it although it came quite expensive more than i thought of.i was marveled at the atrocities my husband has been committing. Apparently he is a chronic cheat and never really ended things with his ex.. contact him here. Fredvalcyberghost@gmail.com and you can text, call him on +14236411452 and you can WhatsApp him on +15177981808.

    Monica Regina3个月前 (10-28)回复
  6. #3

    My husband has been frequently deleting all messages for the last couple of days from his phone and he didn’t know i was peeping at him, then i asked him why he was deleting all messages from his phone but he claimed that his phone memory was full and needed more space. Immediately I went in search of a hacker who can get me deleted information and contents from my husband’s phone and luckily for me i came across this reputable ethical hacker Me Fred, this hacker got the job done for me and provided me with results and i saw that my husband has been lying to me. He was simply deleting all pictures, call logs, chats and text messages between him and his secret lover so i wont get to see what he has been doing at my back. Thank God for reputable hackers who are ready to help. I must say am really impressed with the services i got from The hacker Detective and am here to say a very big thank you: contact him on fredvalcyberghost@gmail.com and you can text, call him on +;;1- (;;4;;23)641 1452 and whatsapp him on +15177981808

    Stephanie Duran3个月前 (10-28)回复
  7. #2

    Imagine losing your life savings of almost half a million dollars to a group of African scammers thinking you are going to earn more from cryptocurrency investment, that would have been disaster but Cyber Genie made that not to happen thereby rescuing me from life of torture and regrets that could have led to suicide. Don’t ever give up on trying to recover your lost investment to those African crooks, write them on [Cybergenie AT cyberservices .com] Whatspp [+1-252-512-0391]

    Fernando2个月前 (11-27)回复
  8. #1

    It took 11 months but I was able to get my money back. Earlier this year I got entangled with a military doctor serving in Syria via a hookup site, we chit-chatted for weeks and she introduced me to cryptocurrency that she has earned massively. I was tempted to try it as I was going through some financial challenges after my chaotic divorce. I did invest $393,000.00 AUD dollars which I got from my divorce settlement. That’s when I realized I have been swindled. Months later, I came across a testimonial, I never thought that after all these months I will be able to recover my lost Bitcoin from those scammers but ( Cybergenie@cyberservices.com )WhatsApp (+1) 252-512-0391). made that possible, here I am with a grateful heart to CYBER GENIE INTERCONTINENTAL…

    Russell B4周前 (01-09)回复