Imagine the following scenario.

A sales expert in a large organisation struggles to keep track and follow-up with all the customer touch-points in her sales funnel.

She works with a CRM system which currently does not make it possible to centralise all data from prospects, sales leads and customers, so she spends a lot of time assembling fragmented information from different systems and dashboards.

She approaches the CMO and CIO about a possible solution. Although they are receptive, her colleagues are reserved about the time it would take to build this integration considering the scale of data migration and complex technical changes when switching from a legacy system.

At this point, she could accept the limitations and keep working with the legacy software, or bypass that and use an external application for (some of) her tasks.

This is a common scenario how business experts can resort to what is known as shadow IT: using services other than an organisations’s central IT systems, in order to simplify their work.

Shadow IT has exponentially grown in the past decade. A recent study by Everest Group discovered that about 50% of an organisation's IT spending goes to external software.

The growth of this phenomenon can be traced back to the following reasons:

  • ageing, inflexible legacy systems
  • overworked, unresponsive IT departments
  • a shortage in qualified IT personnel
  • a boom in cloud services
  • an increasingly tech-savvy workforce that is keen to improvise solutions
  • a preference towards tools that resemble the ease of use and UI friendliness of consumer applications
  • a demand for technology that responds quickly to market changes and demands

Is shadow IT a problem? It can be if it exposes an organisation to serious security and compliance risks, if it leaks money or decentralises data and communications.

But what may look as a complex issue can actually be an opportunity: a force that pushes companies to innovate.

Instead of viewing shadow IT as a threat and enforce strict levels of governance, an IT department can take an empowering role towards business experts.

Building applications without writing code

Advances in low-code and no-code technology now make it possible for non-technical people to prototype and deploy the custom apps they need.

Like a blank canvas in a secure digital sandbox, users can create mission-critical apps or automation without having to wait on development or appeal to external solutions.

Following the example of our sales expert above, a no-code platform enables her to directly build her workflows in-house. She can design business logic to test, validate, and run processes through a drag-and-drop visual builder.

Besides reducing the programming burden on IT, this approach is more effective because the person that needs the solution has the best knowledge of the features and integrations necessary.

Next to security, a reliable no-code/ low-code platform also ensures scalability and maintenance. If adjustments are necessary in the future, a non-technical person can deploy them quickly without reverting to IT.  

In its turn, IT can set up granular access and user management, so that apps can be adjusted in time without having to re-architect them from scratch.

Avoiding common security concerns

Some experts will argue that company-wide standards are difficult to guarantee and security remains an issue.

Indeed, IT should apply the same level of security testing to low-code and no-code apps that they do for their traditionally-developed software.

To guarantee data oversight, IT can set up a sandbox with different permission levels, where certain users can build apps but don’t have access to mission-critical data.

When non-admin users need access to sensitive information, they can file a request. IT can respond for example with permission to view, edit or share information.

To avoid risks of exposing apps built by non-technical persons to external systems or data sources with weak security or permissions, IT can also set up a simple policy to check against when connecting to external systems.


No-code/ low-code PaaS like PROCESIO can help enterprises keep up with fast-changing market demands by enabling collaboration between non-technical experts and IT, in a secure and scalable environment.

Would you like to learn more about how you can empower business experts to build custom software and workflows without code? Send us a quick mail with your case and we will be glad to get in touch with you.