By Vikram Srivats, Vice President, WaveMaker
So far, the low-code bastion has been mostly custom applications (built by “citizen” developers) – which are, sort of, spectrally opposite to core software platforms built by professional coders.
The tide is now turning.
Software platforms, specifically in the banking world, are embracing – even infusing – low-code capabilities – either through build or buy (license, OEM) routes.
But first, the backdrop: It is no secret that banks – and all financial intermediaries in general – are rushing to digitally innovate their business and transform their technology. And we know that these interventions target both top and bottom-line impact, while purporting to deliver speed, agility and simplicity in operations. Add in a host of headwinds – pandemic induced credit losses, muted revenues in a low-interest environment, rise in challenger banks that are digital-only, and fintechs that threaten to drive new non-interest business models on a modern tech platform – and you have a real test of banks’ resilience over the next 4-5 years.
To make good on the digital innovation and technology transformation theme, banks must buy or build banking software (core and channel facing systems) based on 4 foundational pillars:
With this backdrop, market-leading digital banking systems – cores and application portfolios – are increasingly turning to low-code capabilities (and third-party low-code platforms) as a significant intervention.
Here are 4 value plays that low-code drives for banking systems providers:
In short, Low-Code + Banking Software = Results (digital innovation and tech transformation).
Temenos, a Swiss banking system provider, bought Kony (a digital banking SaaS company and a low-code platform vendor) for $600m in 2019. EdgeVerve, a wholly owned subsidiary of Infosys, a $14b IT consulting and services provider, has built-in low-code capability in its Finacle Digital Engagement Suite per leading analysts that profile digital banking systems. In mid-2020, new age composable banking platform provider, Mambu, partnered with Argentina-headquartered Veritran, an enterprise low-code platform provider, for the Latin America market.
Per Forrester, EdgeVerve and Temenos feature as Leaders in their Wave reports on digital banking platforms (processing and engagement) across 2019 and 2020. Mambu is a Challenger per Gartner’s Magic Quadrant for Retail Core Banking. Low-code capability infusion seems to be clearly correlated with leadership in the banking software domain. We should expect other leading players – TCS, Oracle, Finastra and FIS – to follow suit.
And future banking platforms with leaner digital cores will only serve to further drive the embedded adoption and proliferation of low-code capabilities – whether homegrown or licensed as OEM from third party low-code platform providers.
Epilogue:
A recent McKinsey report on the banking industry points out that the COVID-19 pandemic will cause $3.7 trillion of revenues – more than half of the total financial intermediation industry revenues – to be foregone and never come back. In that same scenario, return on equity would fall from 8.9% in 2019 to 1.5% in 2021, with North America bottoming out at -1.1%.
It is not all doom and gloom though.
The report points out that there is a hopeful picture – if banks do the hard work on productivity and capital management, their ROE can return to pre-pandemic levels by 2024.
What has all this got to do with low-code development?
(Hint: low-code => high productivity)
2024 awaits the resilient and transformed banking industry.
To futher explore banking solutions by WaveMaker, please visit:
www.wavemaker.com/banking-financial-services/
Or, start a conversation with our expert consultants for solutions to your unique requirements.
Originally published in Finextra
Modern enterprise application needs have become intricate. They demand application development and deployment to be cloud-native, agile, scalable, and secure. The app ecosystem has become intertwined, and enterprise applications have become complex beasts, built on monolithic systems. The transformation continues. Modern application development is becoming more agile and scalable and deployment of applications on the cloud is increasing. Application architecture is transforming from monolithic to microservice-oriented architecture. Developers and IT Ops are collaborating giving rise to the culture of DevOps. With the increasing pressure on high performance, DevOps teams are urged to use more sophisticated technology and techniques.
Besides achieving agility and scalability, DevOps teams are also entrusted with achieving enterprise application security goals. App Security has become a high-priority goal and a shared responsibility. It’s reflected in Gartner’s “Magic Quadrant for Application Security Testing, 2020” report, there’s a 50% increase in the number of end-user and client conversations about AST (Application Security Testing) tools and DevSecOps in 2020.
To embed application security across the development cycle requires various levels of automation testing and setting up of configurations at different stages of the application development and deployment process. What development teams are doing is that they are using container technology and microservices to “pull security” early into the DevOps process. In addition to application security, another trend highlighted in Gartner’s report is the increasing attention (of 65%) on container security.
While many enterprises are already running cloud-native, microservices-based, containerized applications in production, there are several challenges; from technology immaturity, a steep learning curve, to the lack of operational expertise and know-how. What’s taking precedence today in high-performance development teams is the left-shift application security earlier in the stages of development.
“Shift Left” App Security – The Guiding Force Behind High-Performance Development Teams
App Security has become a business imperative. In Forrester’s Report on “The Top Security Technology Trends To Watch, 2020”, integration of application security tools with CI/CD pipeline is a major priority in 2020. Application security has become the primary focus of high-performance DevOps teams and by “left-shift application security” parameters, security is a shared responsibility and is being implemented by developers. Moreover, with the rise of DevSecOps the silos of application and infrastructure security are being bridged.
AppSec – The Primary Focus of DevOps in a Containerized Environment
DevOps teams not only have to mitigate operational issues related to performance, integrity, availability of containers in production environments, they also need to ensure security is embedded early in the DevOps process. With greater urgency to automate application security testing (AST) in the DevOps process, the attention of DevOps teams needs to be directed towards the integration of the CI/CD toolchain with application security tools such as software composition analysis (SCA), static application security testing (SAST), and container security.
When embracing the DevOps culture and migrating applications to the cloud in a containerized environment, security must be embedded across the development lifecycle. To ensure compliance of performance and resiliency, the focus needs to shift to service-level and container-specific monitoring. DevOps teams need to monitor applications within containers and across containers at a service level. “Pulling in” application security earlier into the development lifecycle would form the beginning of what is called DevSecOps.
DevSecOps – Breaking the Silo of Application and Infrastructure Security
The ‘mantra’ of DevSecOps is “shift left”, encouraging developers to move security from the right end of the development and delivery process to the left end (beginning). True to its abbreviation, DevSecOps – development, security, and operations – ensures the integration of security is automated across the lifecycle, from application design, testing, deployment, and delivery.
With the essence of DevSecOps being “software, safer, sooner”, it enables seamless integration of application and infrastructure security with the DevOps process. By allowing developers to address enterprise application security issues earlier before the application goes into production, it makes security issues easier to fix without disrupting the development cycle. Breaking the security silo, DevSecOps makes security a shared responsibility of IT Ops, security, and development teams.
Integrating security and testing across the development lifecycle may seem like a daunting challenge. However, there are emerging technology and tools available to ensure security is pulled in early enough. Low-code platforms give enterprises the leverage to embedded security when developing cloud-native applications, managing containers, and adopting microservices-based architecture. To implement the practice of DevSecOps, low-code gives the opportunity to address and improve application security across the development lifecycle.
The Window of Opportunity – How Low-Code Enables Enterprises to “Shift Left” Application Security
Low-code platforms help enterprises by integrating application-level, security features such as authorization, authentication, auditability, certification, performance monitoring, and security architecture, across the application development lifecycle. By automating application-level security features, low-code platforms ensure robust authorization and authentication systems that have built-in encryption and provide XSS and CSRF configurations to address security threats and vulnerabilities. To help developers configure security features when building applications, low-code platforms provide fine-grained controls, built-in encryption options, comprehensive authentication and authorization processes, OWASP compliance support, and data protection.
While application development and deployment processes are transforming so is application architecture, which is moving from monolithic legacy systems to microservices-based architecture. With microservices, there are many hands-on the deck. Enterprise applications are made into smaller components and many developers are working on different functionalities at various stages of the development cycle. At this time, when application architecture is transforming, security goals remain unchanged. In fact, the demands for enterprise application security are heightened and they need to be imbibed in the development process. Low-code platforms support microservices-based architecture and enable the “left-shift application security” of security parameters by allowing developers to configure security protocols, set privileges, and automate testing before the application goes into production. Moreover, as enterprises leverage next-generation app delivery tools such as container technology, low-code platforms help to embrace containerization at scale without disruption in existing processes and without requiring the reskilling of existing resources.
Low-code’s promise is that of “Zero Complexity” DevOps Automation. It ensures minimal disruption of existing development teams, enables on-premise and cloud deployments seamlessly, automates CI/CD processes, saves on security infrastructure costs, and enables DevOps teams to focus on core application needs.
If you think the “left-shift application security” principle of pulling security earlier into the DevOps process may slow down the speed of development, think again. It shouldn’t be a trade-off to choose between accelerating application development and managing application security threats and fixing failures. Achieving time-to-market delivery and security goals can be simultaneously achieved if you manage the DevOps process using emerging application development and deployment tools. The window of opportunity here is to streamline processes, using a sophisticated technology stack, and utilizing next-gen technology that low-code offers to nurture AppSec innovation across the development cycle.
By Vikram Srivats, Vice President, WaveMaker
Ensuring a successful climb out to a digital paradigm without running the gauntlet of costly delays.
The Covid-19 crisis is shifting profit pools – according to McKinsey1, the gap in economic profit between the top corporate performers and everyone else has widened dramatically. And the numbers are staggering – the top quintile of companies grew its market-implied annual economic profit by $335 billion, while the bottom quintile companies lost $303 billion, over a period from December 2018 to May 2020. Clearly, this is becoming somewhat of a winner-take-all scenario.
With the acceleration of trends (e-commerce, remote work, digital) driven by the pandemic, specifically for companies with middling performance, this is a call to action to build the resilient, future-ready business and operating models. And many of them are doing exactly that. During a recent quarterly earnings call, Microsoft CEO Satya Nadella said, “We’ve seen two years’ worth of digital transformation in two months.”
By now, almost every corporation gets all this.
But how do they ensure a successful climb out to a digital paradigm without running the gauntlet of costly delays and embarrassing failures that plagued many earlier corporate digital plans in fairer weather?
Beyond an array of best practices (reducing silos, no-BS decision-making, talent redeployment, shifting operations, and multiplying productivity), low-code based software development has the broad capability to mitigate potential risks associated with wholesale digital transformations in these uncertain times.
First, a quick primer on low-code/no-code. Simply put, it is a visual development approach to automating software development that involves little to no hand-coding, significantly speeding up applications coming to life. With the growing demand for new applications, modernizing existing/legacy applications, and new platform development – and not as many software developers to go around, low-code development has gained steam over the last few years. Gartner predicts that low-code application development platforms will be responsible for more than 65 percent of all app dev activity by 2024, while Forrester expects the low-code market to represent $21B in spending by 2022. Major technology players including Salesforce, Microsoft, Google, Oracle, Amazon, Pega, and ServiceNow have joined the low-code/no-code bandwagon, with deployed platforms and tools as part of their larger product portfolios
But what specific risks does low-code development help navigate and mitigate?
Here are 6 clear examples:
Complexity risk – With a visual, low-code paradigm, enterprises and software providers can take quick, bite-sized chunks out of the business complexity due to Covid-19. Low-code simplifies and democratizes collaborative application development to support new workflows, increased tracking, additional procedures, shifting ways of doing business, and increased overall administration – to tackle the needs of remote workforces, supply chains, and customers.
Schedule risk – The stakes for hitting a scheduled target have never been so high. Burdening your IT with demands for critical applications, and gathering a full-stack team to hand-code applications that may take weeks to deploy no longer remains a sustainable approach. Companies can instead use low-code acceleration to minimize impact from the invariable bumps (scope creep as an example) in any project, besides pandemic induced inefficiencies (lumpy productivity of 100 percent remote teams).
Budget risk – The mantra of doing more with less – specifically, more applications with less budget – is what low-code development delivers at its core. According to Gartner2, worldwide IT spending will decline by 7.3 percent this year, compared with a rise of 1 percent it calculated for 2019. Against this backdrop, low-code is exactly what the doctor ordered for companies that are making do with fractional budgets and increased oversight on spending during these times when budget overruns may be considered heresy.
Technical risk – Enterprise architecture teams no longer have the luxury of doing a double-take with technology choices if their initial choices do not scale are not secure, or simply don’t offer a solid runway from the current to the proposed future. When it comes to building enterprise applications, creating extensible frameworks goes a long way in coping with changing business needs, adding new capabilities, and re-using frameworks for future initiatives. Best-in-class low-code platforms are built around modern web architectural choices and enterprise best practices, are based on open standards, generate real code that can be exported and extended, offer enterprise-class security options, and seamlessly blend in with testing and deployment practices. Corporations using such low-code platforms have the peace of mind that they will get it right – the first time.
Talent risk – While the pandemic has disrupted the livelihoods of millions of working professionals and increased talent pools, hiring the right tech and software development talent at the right time, at an affordable price, and ensuring they are productive – remains a monumental challenge. Bridging skill gaps of existing talent to scale to modern web and mobile development is not trivial either. Low-code platforms do the heavy-lifting of software development, mitigating the need for learning coding skills in a language and eliminating the need for multiple specialist roles (UI, database, backend, deployment). Low-code-powered teams are inherently lean, modern-skilled, agile, full-stack development teams.
Market risk – The ultimate test of organizations wanting to climb steeply during Covid-19 is how they weather unanticipated market risks at different altitudes. With the order of magnitude productivity gains, low-code powered business and software development teams quickly and nimbly dodge external risks, prototyping and producing critical-to-business applications at a pace that is near-impossible with traditional development. What it brings to the table is a quick, flexible, scalable, and cost-effective approach, to accelerate the development of business-critical applications and to modernize existing applications and legacy systems.
In a way, enterprise-grade low-code platforms were built for this moment – helping professional developers effortlessly switch to a low-code way of churning out applications in high-rate-of-climb digital projects. And helping them succeed without compromising logical granularity, pixel-perfect UI or enterprise-scale, and security standards.
Covid-19 may well be a temporary phase in our collective history books a few decades down the line, but this may go down as the era in which low-code development became mainstream – and a basic checkbox for corporations in a high digital attitude climb out to navigate a plethora of risks and join the winner's circle.
Originally published in ITProPortal
Within a matter of weeks, the way we work, live and do business has drastically changed. In the rush to contain the situation, we’ve turned to technology as our saving grace. In doing so, we’ve effectively hit a “fast-forward” button on many tech trends that were already in place. From remote work and virtual events to virus-monitoring big data, technologies that were perhaps only familiar to a fringe tech community are now entering center stage, these changes are likely here to stay.
While communication, collaboration, project management and innovation have become buzzwords, the challenges of remote working continue to impact businesses. Let’ take a look at the implications of the current rapid change in work environments and how technology can help alleviate challenges:
1. Communication
Communication is the number one issue in most work environments — not just among remote teams. However, varying time zones and flexible schedules can wreak havoc on workflow and team collaboration. Thus, employers need to step in and provide enough structure and leadership to set the tone for communication among their staff.
Tips for Improving Communication Among Remote Teams
Tools and processes are only as good as the people who use them. Ask for team member input and honor their preferences to the best of your ability. Find or build communication applications that connect team members. Using a low-code platform can help to create modern applications that will ensure better communication between team members at a speed that your business demands.
2. Project Management
Project management is hard enough, and it can seem a challenge when team members are dispersed worldwide. However, depending on your industry and types of projects, several online tools exist to align team members, assign tasks, track progress, and make changes. If you already use software applications to manage projects for in-office teams, you would have no problem managing remote employees with the same tools.
Tips for Managing Projects with Remote Teams
Cloud-based project management tools work best for virtual teams. There are dozens of options to choose from, so try the demo versions of platforms until you find one that makes sense for your project and team. Also, consider using the agile project management method and hold daily scrum calls to keep everyone on task and to maintain leaner and meaner teams. Agile is especially helpful for projects with fast-approaching deadlines and numerous milestones.
3. Innovation
There’s something to be said for whiteboard sessions and sharing creative energy with colleagues. Since the remote workspace changes the nature of collaboration, it can also create barriers for creativity and innovation. Team members may not catch the same vibes over the phone as they would live in a meeting room.
Tips for Harnessing Innovation within Remote Teams
Give your teams the space and processes they need to communicate freely, share ideas, and hold brainstorming sessions. Leverage video conferencing and online apps like Zoom, Slack, Lucidchart, Webex, and Teams to document the development process. To provide bandwidth for innovation, empower your teams with emerging tech such as low-code. This not only helps them to deliver more with less, it gives them access to a modern software stack and an environment to collaborate, upskill, and focus on tasks that deliver business value.
4. Security
How do you keep information safe among dispersed team members and devices? You want to ensure that your company’s sensitive and confidential information is secure no matter where your employees work or what devices or applications they use.
Tips to Ensure Security within Remote Teams
Education and training are essential when it comes to information security. Help your employees understand the risks and how to mitigate them in their daily tasks. Create security policies that set requirements for anti-virus software, uploading and downloading information and applications, creating passwords, and clicking on email links. When creating your own applications using low-code platforms, security is typically inbuilt and is an integral part in the entire application development lifecycle. With granular authorization, comprehensive authentication, and OWASP compliance support, applications can be developed using fine-grained controls with out-of-the-box security. In this way your remote teams can build and use secure and scalable enterprise-grade applications.
In a future riddled with uncertainties, a forced metamorphosis or transformation is necessary. How business is conducted, the way teams work, and the work culture is changing and you need to be prepared and agile to tide over. In such times, technology has proven to be a robust backbone on which business continuity is ensured. Making the most of this situation, now is the time for you to adopt technology to transform the way your remote teams work and future-proof your business.
Originally published in Techstory