Once enterprises move beyond mobility as a channel for email, contacts and calendaring, and start building applications to mobilize their workforces, CIOs will want to consider launching an enterprise app store. In this SearchCIO.com Expert Take, J Schwan, founder and president of Solstice Consulting, a Chicago enterprise mobility consulting firm, sorts out the features of an enterprise app store and explains why it goes hand-in-hand with a solid mobile application management strategy.
SearchCIO.com: Let's start with the basics. What is an enterprise app store?
J Schwan: Enterprise app stores are really not unlike the public app stores that folks are familiar with, but they live behind the firewall. They're maintained and owned by corporate IT, in most cases. They are a way for corporate IT to filter what apps in the public app store are available to corporate-owned or employee-owned devices that are provisioned for corporate use. An enterprise app store also allows IT departments to distribute apps to their employee base that they may not want competitors seeing in the public app store -- for example, a sales enablement app.
In addition to access control, is it easier to deploy apps by stocking them in a corporate app store?
Schwan: Yes, because there is a lot more control around things like what version of an app you want different individuals to have. An example would be a beta or pilot test of users that are going to get the next version of an app before everyone else. The enterprise app store also provides a one-stop shop for the workforce to see which apps really matter for getting their job done and removing the clutter of the other 499,999 apps that are sitting around out in the public space.
I've heard less than 10% of companies have an enterprise app store. Why?
Schwan: It is a relatively new concept, but it definitely isn't going to be that new a year from now. Enterprise app stores are part of what is often referred to as a mobile application management strategy, or MAM. MAM is a pivotal part of mobilizing a workforce with apps. Once companies have graduated beyond just email and contacts and calendaring and start building apps themselves, an internal mobile app store, or a "mobile catalog" as it is sometimes referred to, will definitely come into play.
What criteria should CIOs use to decide whether an enterprise app store would be useful for their company?
Schwan: It really comes down to the number of applications that IT wants to distribute or support, the number of users or devices that IT is dealing with, and the number of groups or segments of users they are supporting. A lot of companies will just start by dipping their toes into the water and building a single app -- maybe mobilize their CRM [customer relationship management] -- for a handful of users in the organization. You probably don't need a full-blown MAM enterprise app store for that. But if you are deploying multiple internal applications (and at some point every enterprise will get there) or looking to support devices in the hundreds or thousands, then a mobile application management strategy is definitely important to have in place.
What are the important features of an MAM enterprise app strategy?
Schwan: It must be able to manage and deploy apps based on user roles or segments or groups of users. It must be able to set a policy for personally owned devices versus corporate-owned devices.
Certain apps a company produces may be made available on both corporate-owned and personally owned devices, but there are others that may contain more sensitive data or have access to more sensitive services in the data center and are only allowed on corporate-owned devices. A MAM strategy should facilitate that.
Seven features of a mobile application management system
- Manages and deploy apps based on user roles or groups, or on a device's function (personal or corporate-owned).
- Enforces (or rejects) the installation of specific apps from public app stores.
- Automatically installs required apps when a device is enrolled.
- Integrates with the existing enterprise access management system.
- Restricts access to pre-installed apps (iTunes or an app from a public app store, for example).
- Integrates with Apple's Volume Purchase Program.
- Automatically removes apps once a device is un-enrolled from the MAM or mobile device management system
Mobile application management should automatically install required apps when a device is enrolled. A MAM strategy should enforce the installation of specific apps from the public app stores. If you say, "This device is for corporate use and these 10 apps need to be on the device," a MAM strategy can ensure that.
MAM should integrate with the company's existing enterprise access management system, meaning it's a single sign-on. Users shouldn't have to remember a separate login for this MAM.
Mobile application management needs to restrict access to pre-installed apps. So, for example, on a corporate-owned device, most likely one doesn't want employees to get to the iTunes store or to another public app store app. The whole purpose of the MAM is to provide the channel for that. Let's say I want a particular office productivity app available to my entire workforce; Apple has volume purchasing programs and a MAM should integrate with that, because that is definitely a different distribution channel.
And finally, once a device is un-enrolled from corporate use, the MAM should facilitate the removal of the inappropriate apps.
What mistakes do you find enterprise CIOs make when getting an app store and MAM strategy off the ground?
Schwan: The first thing is not thinking about it. The reality is [that] CIOs should not try to make life more complicated, so a MAM solution should ideally be coupled with your mobile device management, or MDM, solution. Most CIOs have started to, or already have MDMs in place. MDMs just allow for the provisioning of the devices that you are going to allow to be on the corporate network.
MAM capabilities are often part of the MDM solution, but at times CIOs are looking at MDMs without considering that MAM component. And at the end of the day, it's MAM that is really driving the enablement of the devices for the business. We've walked into clients that have purchased an MDM solution with an inadequate MAM solution, and once the business starts building apps and wanting to put different apps on their devices, they have to reevaluate their entire strategy and potentially pull out the MDM they have because the MDM supports IT security's needs but it is not supporting the business's needs.
So, for companies that have an MDM solution in place but deployed it without a corporate app store and didn't really negotiate that as part of the contract, what do they need to tell their MDM vendors?
Schwan: A lot of these providers are leapfrogging each other. If you have an MDM solution, and particularly if it is from one of the market-leading vendors, if they are not there yet with their MAM solution, chances are they will be in a quarter or two. So, you just need to understand what the roadmap is, what if any additional costs are going to come with enabling that functionality when you're ready to turn it on. Just make sure that the MAM strategy is in alignment with your business mobility strategy, and as long as you see those intersecting in the near future, then you can probably stick with what you've got.
What is the biggest technical problem in setting up an enterprise app store?
Schwan: Technically, these solutions aren't very challenging to implement; it is really more of a configuration exercise with hefty integration. Really the biggest problem for CIOs is that the MDM and the MAM landscape is really fragmented right now and evolving quickly. There are a lot of decisions to make in figuring out what the best solution is for your business.
Once the appropriate solution is selected, the biggest challenge is often around setting policy. When you get down to it, companies need to decide, out of the 500,000 apps in the app stores, which apps are they going to allow on corporate-owned devices? Everyone is going to come to the table with their favorites, and it's sometimes interesting to facilitate those conversations and really get to that core list of 10 or 15 apps that you are going to standardize on.
Let us know what you think of this story; email Linda Tucci, News Director.