The guidelines Britton advises include:
- Define how the citizen developers will connect to these applications. HTTPS or HTTP? Make sure to protect the data in transit.
- Provide guidance on how to encrypt data at rest.
- Provide mobile SDKs that they can use to ensure that the enterprise can manage the applications properly. Selling the need for a software life-cycle management - how do we deploy, how do we revoke access when someone leaves the group, how do we wipe data from the application if the device is lost or stolen?
- Create an advisory board to help mentor the citizen developers to build better applications.
It’s important that IT leadership and security teams realize that, just like earlier shifts in computing such as BYOD and the consumerization of cloud brought on by cloud computing, that they’re not going to put the brakes on the rise of the citizen developer. They’re going to need to seek out their internal citizen developers and work with the various business units to support and guide this new wave of developers in ways that are secure but also enable businesses to develop the apps everyone needs.
According to Gartner research, this will be the strategy for most enterprises. By 2020, the research firm predicts that 70 percent or more of large enterprises have citizen development policies in place.
Sign up for CIO Asia eNewsletters.