Does Your Enterprise Need Its Own App Store?

By 2015, more than 65 percent of North American business users will have a smartphone, and more than 26 percent of enterprises have currently deployed tablets or are at least considering them. That adoption has many enterprises developing smartphone and tablet apps for internal use. These business-to-employee apps are part of a category that will have more than 830 million users by 2016, ABI Research predicts.

These trends have enterprises such as IBM and Medtronic creating internal app stores, which ensure that employees, contractors and other authorized users get the apps that match their device models and job responsibilities. It’s a strategy built around security, productivity and convenience. Private app stores:

  • Enhance employee productivity. When the enterprise’s app store ensures that employees get the right app version for their model of smartphone or tablet, they’re more productive because they’re not tying up the help desk trying to make the wrong version work.
  • Ensure that employees securely get the right app/data based on their responsibilities when the app store is properly configured with this functionality. For example, the EMEA sales team would get sales-related apps for their region instead of the APAC versions. Just as important, employees who don’t work in sales – as well as non-employees – can’t download those apps, thus preventing unauthorized access to the information that the sales apps provide. “For an enterprise store, you’re doing app distribution based on entitlements and roles, which means that you have to have tight integration and secure access with your identity infrastructure,” says Chris Perret, CEO of Nukona, a vendor that specializes in enterprise app stores.
  • Provide enterprises with deeper insights into who’s using their apps and how. For example, Apple’s App Store ensures end user privacy by giving developers only high-level statistics such as the volume of downloads on a weekly basis. But at Medtronic’s internal store, which launched in January 2011, everyone has to log in as an employee or contractor, which gives the company’s developers more insight. “They often want to be able to identify who’s installing their app, how long they’ve had it and if they’ve installed a new version,” says Jim Freeland, head of Medtronic’s enterprise mobility group.
  • Offer access to user data that enables developers to determine whether their target audience is actually using their app. They also conveniently can send alerts to users when a new version is available. “You have a better way to stay in touch with users than what the App Store can provide,” says Freeland. Like the App Store and Android Market, private app stores sometimes give users the opportunity to rate and review apps, providing developers with additional insights.

Couldn’t enterprises make their private app stores accessible to customers and resellers too? Not necessarily. Medtronic says its store will always be open only to employees and contractors. “We are unable to distribute apps to customers, patients or third parties other than going through the iTunes App Store,” says Freeland. “That’s an agreement that Apple has with all companies that buy their enterprise developer license.”

Another difference between public and private is the approval process for new apps and updates. For example, instead of waiting seven business days or longer for Apple to review an app and release it to the App Store, Medtronic handles that task for internally developed apps, and it guarantees its business units that the approval will take no more than five days.

IBM and Medtronic both built their app stores from scratch. But that’s not a viable option for smaller companies that don’t have the internal resources to build their own. That’s why vendors such as Nukona are offering stores on a white-label basis, where enterprises simply add their branding.

Either way, one consideration is protecting confidential data — not just what the app stores on the device, but also the data in the corporate network. After all, an app essentially is a door into the enterprise. Some mobile OS’s make it easy to share apps between devices, so one way to mitigate that security threat is to use a form of multifactor authentication.

“During the time of distribution, we inject a specific ID into that distributed app so we know that it’s this app with this user on this device,” says Perret.

Bring Your Own Device (BYOD)
Private app stores also give enterprises a way to deal with the OS fragmentation that occurs when employees are allowed to bring their own tablet or smartphone instead of receiving a company-issued device. Nearly half of all employee smartphones worldwide are already brought by employees, says the research firm Strategy Analytics.

As a result, some enterprises have a single app store for multiple OS’s. For example, IBM’s WhirlWind store is a one-stop shop for Android, BlackBerry, iOS and Windows apps. “We recognized early on that there needs to be some commonalities, a single go-to place for folks to find and get mobile applications,” says Bill Bodin, IBM’s CTO for mobility.

With very few exceptions — such as some government agencies — private app stores don’t prevent users from accessing the public stores. That’s partly because the enterprises don’t want to undermine the value of smartphones and tablets that employees pay for, even when their employer reimburses them. But enterprises do sometimes segregate the two. “So when people are trying to get to their personal data and the features they pay for, they’re not encumbered by the enterprise challenges for increased authentication, etc.,” says Bodin.


by Tim Kridel