In this newest post for our blog series on what’s driving business resilience, I’m going to cover the fallout of a few trends that are compounding to unintentionally put business data at risk. Now that every company is a software company (in some shape or form), the global shortage of developers is growing. This talent gap creates a bottleneck that technology teams must bridge, whether by using faster development methods or by empowering less technical resources with more accessible tools.
However, the increasing democratization of development also increases the likelihood of difficult challenges for resource-strapped IT teams. This is because it introduces a greater potential for human error into your application configurations or integrations, which has the potential to slow down business.
The growing prevalence of low-code and no-code tools in various cloud platforms (also known as “declarative development”) makes it possible for less experienced developers or even non-technical folks to create or customize apps using simple point-and-click, drag-and-drop configuration rather than dealing with complex code. In fact, Gartner projects that low-code will account for more than 65% of application development activity by 2024.
Especially with the digital transformation pressure all companies are facing during COVID-19, it’s a major advantage if IT analysts or admins (who might not be super technical) can use WYSIWYG tools to rapidly build new applications or cross-platform workflows, even without knowing how to code.
Salesforce clearly agrees, as evidenced by last week’s announcement of their latest low-code development tool, called Flow Orchestrator, as well as pre-built automations in the Einstein Automation collection page on the Salesforce AppExchange. These types of graphical development tools, reusable building blocks, and loosely coupled pre-built components are great for teams that need to develop on top of Salesforce, but struggle to find in-demand Salesforce developers.
Just keep in mind that new technologies like this tend to attract less skilled folks. And putting mission-critical business apps in their hands could negatively impact your business if you don’t have the right guardrails in place. This risk can be even more pronounced with the next level of “pro-code” development tools that offer greater flexibility, but also more complexity (e.g., Salesforce’s Apex, Salesforce DX, and Lightning Web Components).
The declarative development methods available in Salesforce CRM today include workflow rules, process builder, and flows, along with Apex for pro-code users. Of course, it’s important to be aware of the positives and negatives of each of these solutions:
System admins and developers alike know how hard it is to keep up with the business’ rapid-fire demands and still remain 100% error-free. No matter your skillset or which approach you choose, the reality is that any complex development will open you up to things like inadvertent data loss or corruption, integration errors, and bad code. And the more you allow inexperienced ‘citizen developers’ to tinker in your mission-critical SaaS systems, the more problematic this becomes.
A related challenge is that all SaaS solutions rely on a shared responsibility model. Yet, many IT teams still don’t recognize the extent of their own responsibility to protect the business data they store in those cloud-based platforms. A SaaS provider’s role is to make sure the data stored in their apps is highly available, performant, and secure at the system level. Meanwhile, as a client, you are responsible for the data you put into it, and who you allow to access it (including all of those low-code integration tasks).
Think about your CRM system as a multi-tenant apartment building. As a renter, you shouldn’t have to worry about the building’s structural integrity, power going out, or the maintenance of shared spaces and amenities. But what happens on the inside of your unit (i.e., your instance of Salesforce) is your responsibility. If you leave the bath running and flood the apartment, you’re accountable.
When you combine the risks that come with cloud complexity and low-code development, and then layer on a lack of awareness surrounding your company’s responsibility to protect its own data, the results can be disastrous—even if that information resides in a third-party platform as reliable and secure as Salesforce. Often, teams are caught off guard by a small logic error that wreaks so much havoc, their inventory, sales, or customer service processes grind to a halt.
Even at OwnBackup, we’ve had our share of data corruption issues just like anyone else. In fact, recently our CRM team was working to implement Okta and wanted to use one of their scripts to connect all of the users in our Salesforce instance to the new Okta directory. Unfortunately, while intending to test the script for a single user, it ran against all of the users in our system—changing each user name and locking the whole team out of Salesforce three days before the end of the quarter. Needless to say, this was a stressful moment. Without a backup solution we would’ve spent hours manually fixing every user name. Thankfully, we eat our own dogfood, and the OwnBackup platform had us back up and running in just minutes.
Although these types of glitches are impossible to avoid in any complex business, their impact can certainly be reduced. Don’t overlook putting a plan in place to recover from this kind of data corruption, because you might spend weeks piecing together data relationships and metadata to get back to where you were before things broke. The key is to build resilience into your business data, so that you can be alerted and recover quickly should something go wrong.