App, app and away: building an enterprise app store

As consumer technologies continue to amplify employee expectations in the workplace, it has never been more vital for businesses to enable those experiences.

However, keeping pace can often mean neglecting security policies and making the enterprise vulnerable to cyber threats. This is a particular concern in the realm of mobility.

The use of smartphones and tablets continues to proliferate in the enterprise as employees find new and productive ways of utilising mobile apps in their day-to-day work.

With mobile malware always on the rise, this is a headache that CIOs and CSOs can do without. And they do, sometimes simply by banning apps from being downloaded in the workplace.

In many enterprises, before employees can even install an app they must first check whether the app is supported. They must then log a ticket with IT and wait for access – on top of that, they’ve got to remember multiple passwords to do so.

‘Companies recognise that they need a single place to instantly distribute any app to employees, across any device, providing them with access to the apps needed to supercharge productivity,’ says Adam Spearing, AVP platform EMEA at

Employees today expect to be able to deploy apps for work as easily as they do in their personal lives, putting the pressure on CIOs to balance that with business requirements regarding access and control.

EASs have emerged as the natural solution. Replicating the experience of consumer app stores, companies can build a secure, customised catalogue to manage and distribute both internal and external apps.

‘IT managers can restrict access to apps on a department, device or user level,’ Spearing says. ‘This not only helps employees to find the apps they really need, but also prevents them from using uncertified apps at work and breaching governance.’

Research suggests that the average global smartphone user has 25 to 40 apps installed on their device. Considering the large volume of unverified and malicious apps that flood Apple and Android’s own stores, it’s no surprise that Gartner has predicted a quarter of organisations to have an EAS by 2017.

‘This is why the EAS concept has become so popular,’ says Ke Ge, CEO of Kingsoft Office. ‘Rather than trying to fight with employees on what they can and can’t use, the employer is consumerising the process of app distribution by making it simpler to access, download and use those apps that are necessary for its business.’

The good news is that deploying an enterprise app store is not a huge job. It can be, however, if the organisation doesn’t have a sufficient mobility platform in place. 

Without an existing mobile initiative, CIOs will immediately face the challenge of integration at the back-end systems, and be resigned to a lengthy do-it-yourself approach. 

Furthermore, making an app and putting it into the store is one thing, but making sure that it is up to date and relevant is something IT should prepare to spend time and resources on to achieve. 

‘An enterprise app store cannot be developed or run in isolation,’ says Russell Keziere, senior director at Pegasystems. ‘A common platform for managing, publishing and updating apps helps to reduce the risk.’

>See also: Next big thing: Preparing for the Internet of Things in the enterprise

Ed Shepley, solutions architect at Camwood, adds, ‘Implementing an app store is not a Friday afternoon job, but equally it is not beyond the whit of man.’ 

The critical stage, Shepley believes, is ensuring that the business is ready for an app store. To facilitate the functionality expected from an app store, applications need to be configured to install and uninstall quickly, and without user intervention.

If the business is already leveraging a fully ‘managed estate’ then the implementation of an app store product is relatively simple. However, if the estate is currently unmanaged, and not leveraging some form of automated deployment mechanism, then there is an initial investment to be made. 

‘It is also worth noting that the implementation of an app store product doesn’t necessarily deliver the solution the business requires,’ Shepley adds. ‘It is essential that all the supporting authorisation processes are in place before anything is rolled out to the user base.’

Broadened scope

As well as empowering employees to use mobile apps in a safe and trusted environment, enterprise app stores also offer further benefits.

By encouraging BYOD adoption, the internal app store is likely to further streamline work processes as enterprise applications help facilitate productivity, efficiency and collaboration.

The end ambition of this technology is for the business to go from enabling employees to use applications, to spawning a new generation of customised applications that the business completely relies on to operate.

‘Cleary the basic functions of editing and annotating documents are the starting point for most of our customers,’ says Phil Barnett, VP of global accounts at Good Technology. ‘This quickly develops to include a number of the standard off-the-shelf apps that they want to secure and mobilise, but by far the biggest volume is formed by the in-house apps that are made available once they are secured.’

The enterprise has the ability to enable a wide selection of applications for their end-users, ranging from basic intranet applications to productivity applications such as expenses management. 

‘Among executives, sales and business intelligence dashboards are popular as they keep them abreast of important information at all times,’ says Gregg Ostrowski, senior director of enterprise developer partnerships at BlackBerry. ‘We also see field service applications to provide work orders and tickets to field staff growing in popularity.’

>See also: 5 ways enterprise app stores will evolve

Approaching deployment

Mobile devices and applications have seduced the general public into a state where it is hard to remember life before smartphones.

The best way to approach such a project, therefore, is to consider the employees as consumers of apps, in the same way that Apple and Android do.

Consumption patterns will be similar to those platforms, which means that CIOs, despite implementing a new technology, have the opportunity to develop understanding through studying such consumption.

‘To make these app stores work, enterprises must treat their employees as they treat their external customers,’ says Matthijs Koorn, head of Western Europe at Avangate. ‘There should be mechanisms in place for employees to provide feedback or ratings quickly on what works and what doesn’t about the variety and quality of applications.’

The enterprise app store provides a means of controlling the app distribution process. Therefore, a security audit, consisting of static and dynamic behavioural analysis, should be performed on an app prior to adding it to the enterprise app store. 

‘The enterprise can establish custom policies for particular business units,’ says Theodora Titonis, VP of mobile security at Veracode. ‘If the app meets the criteria of the policy, it is approved and made available for employees to download.’

Similarities and differences 

However, CIOs should be careful not to assume that everything about an enterprise app store is the same as its consumer counterpart. For a start, there are more challenges in the enterprise.

Enterprise apps can cost hundreds or thousands of pounds per user – compared with most consumer apps, which are either free or cost as little as a pound. 

Most companies run in complex environments such as Windows, virtualised servers, private and public clouds, and software-as-a-service (SaaS). In contrast, consumer apps are mostly designed to operate on specific operating systems. 

Businesses need to buy licences in bulk for groups of users, which come with complicated terms and conditions setting out how they can be used.

‘Enterprise apps require packaging, patches and updates, necessitating an application readiness strategy to keep systems up to date,’ says Vincent Smyth, senior VP EMEA at Flexera Software

For an enterprise app store deployment to be successful, it requires careful consideration and planning in relation to three fundamentals: visibility, approval and licensing requirements, Smyth adds.

Furthermore, it will require an organisation to be totally clear about the rationale behind such a project in order to see the biggest benefits.

Planning a strategy for app catalogue and app design, build, testing and management is the first and most important step in any enterprise’s adoption of applications, according to Nisha Sharma, managing director of Accenture Mobility.

Setting up an app store is a relatively simple thing to do. There are plenty of third-party solutions that provide such capabilities – some integrated with MDM solutions, others stand-alone app catalogues.

‘The catalogue can be integrated with enterprise systems, such as Active Directory or other identity and access management systems, to authorise end-users,’ Sharma says. ‘Challenges may arise, but they are typically experienced later as more and more apps are added to the catalogue.

‘Categorisation of apps, end-user support, maintenance, and sunsetting of apps can become challenges if they are not properly addressed through governance and strategy.’

Penalty miss

A recent report suggested that enterprises introducing app stores could be leaving their business open to software audit penalties. 

Enterprise app stores can become an auditing blind spot because they move purchasing control for software licensing away from the IT department and IT procurement. 

Within enterprise app store environments, employees take direct control over downloading, installing and uninstalling applications. As such, it can become very difficult for IT to maintain visibility into what software is deployed – and where, and importantly whether, all that software is properly licensed. 

This makes ensuring compliance and avoiding unbudgeted spend extremely difficult, says Martin Callinan, country manager at Express Metrix.

‘Without maintaining a constant inventory of all software currently installed across the enterprise, IT departments are essentially trying to hit a moving target while blindfolded, making them easy prey for a vendor audit.’

The solution, he adds, is twofold. Firstly, IT teams need to deploy tools that can provide them with a real-time inventory of the software that is deployed across the business and give them insights into how it is being used. 

‘Secondly, it is imperative that these tools are supported by rigorous processes to ensure that employees are adhering to clearly defined policies, and that enterprise app stores aren’t left open to abuse.’

Companies often assume that by making it easy for employees to request and download software, there will be an increase in software licensing and the associated costs.

Users will be keen to access new apps, but then typically hoard them, unused, in fear that giving them up means that they can’t get them back when they need them. 

‘Deployed in the right way, an enterprise app store will ensure an efficient software management process that guarantees transparency on software licensing and reduces costs,’ says David Harding, senior product manager at 1E. ‘It will make it easier for users to obtain the software they want, but equally make it simple for the IT team to remove apps and permissions when they are not being used.’

The motions are in place for the adoption of enterprise app stores to take off in the coming years.

While currently perceived as an innovation, or even a luxury, such a solution will become a pure necessity as companies become not only more mobile-enabled, but mobile-reliant.

Still an emerging market, it is likely that enterprise adoption won’t be in full swing until at least next year, as many companies use 2014 to test and pilot.

‘The most likely first steps that these companies will take into this area is to move fringe applications, such as expenses management, timesheet tracking and leave booking, into the store environment,’ says Mike Sewart, CTO for Fujitsu UK and Ireland’s business and application services division.

‘This way, users will become familiar with the concept without businesses risking their critical back-office applications. Increasingly, we will also start to see users becoming familiar with the adoption process, which will then provide the catalyst for the next wave of applications to join the store.’

>See also: FEATURE: Mobile collaboration in the enterprise

What the experts say

“There are already a number of integrated MDM software packages on the market that are able to control all layers, including BYOD, mobile app management (MAM) and enterprise app stores. This means devices and apps can be managed under a single hub while the internal app store allows approved apps to be quickly deployed, configured and automatically updated with newer versions,” says David Howell, European Director, ManageEngine.

“App stores are clearly directly related to mobility in the workplace, and this is something that doesn’t appear to be going away any time soon. In fact, if anything it appears to be gaining momentum. With more mobile devices being used by employees, organisations will look to increase productivity and security and so it is likely that the use of enterprise apps and app stores will increase,” says Tim Rochte, ‎director of product management at HP Web Services.

 “The enterprise app store could allow for different licensing options that procurement may want to pursue, such as ‘enterprise-wide licensing vs. per-user licensing’ which can be controlled much better from an enterprise app store than from a public app store,” says Hans Zandbelt, senior technical architect, CTO office, Ping Identity.

“It will allow an enterprise to control and track the applications that are in use, and deliver the right app to the right employee. It will reduce the risk by providing the correct app for employees to do the right job seamlessly. It also means that the organisation license compliance policy is complied with and ensures that the overall governance policy is achieved. Subsequently this will ensure that enterprises will only pay for the applications that are in actual use by the organisation,” says Mark Keepax, VP, UK and Ireland, ASG Software Solutions.

“With the necessary steps in place, the software procurement process could be automated, saving significant cost in resourcing. This can be particularly beneficial when applied to a company’s staff induction. Done badly, software procurement can easily become a company’s worst nightmare. If everyone is helping themselves to software they want but don’t need, costs can quickly spiral out of control, and it can become impossible to ensure everything being used is appropriated licensed,” says Grant Tiller, senior product manager at RES Software.

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...