Is 2012 the year app stores will break out in the enterprise?
The environment is certainly ripe for it. Over the past two years, there has been a proliferation of employees using smartphones and tablets to do work and more enterprises are implementing BYOD (bring our own device) programs that allow employees to use personal iPads, iPhones and Android smartphones to access business apps.
The company app store, which follows a consumer trend started by Apple's iTunes App Store and Google's Android Market (now called Google Play), is a logical extension of the BYOD movement.
But whether businesses are providing company-issued devices or letting users bring their own, mobile app stores still offer the same value: to efficiently and securely distribute mobile apps to employees and take the burden off IT to migrate apps to individual devices or upload each app onto a public app store.
Enterprise app stores are not widely in use (an estimated 10 percent of enterprises have their own stores). But enterprises such as CDW and General Electric have implemented private app stores, and smaller niche companies, particularly in the healthcare field, are also looking at private app stores with help from big vendors like Cisco and smaller players such as AppCentral and Virtusa.
The OS preference for enterprise app stores is mostly Android and iOS, although Rohit Sharma, Global Head of Mobility at Virtusa, recommends keeping an app store compatible with all mobile platforms to serve the various devices making their way into enterprises.
"It costs the same to maintain a cross-platform store so you might as well keep it as open as possible," says Sharma.
With that in mind, here are 10 important features that should be part of any enterprise app store, according to Virtusa.
Support for Multiple Mobile Platforms
Apple iOS, Android (multiple versions including Honeycomb and ICS) and BlackBerry OS (versions 6.x, 7.x and future support for BlackBerry OS and BlackBerry PlayBook OS, QNX) should be supported, according to Rauf A. Adil, Chief Enterprise Architect at Virtusa. Some enterprises may also require support for other mobile platforms including Windows Phone or Bada OS (Samsung's Linux-based OS).
Browser and Native App Support
An enterprise app store should allow the apps to be downloaded on the device from the browser via a URL or through an enterprise market app -- similar to the Google Play Store or iTunes App store.
Integrate the app store with the enterprise single sign-on or identity management system and MDM (Mobile Device Management) solution if available. App downloads should be on a secure SSL (HTTPS) or secure VPN tunnel. Your app store should NOT allow downloads via an unsecured network connection.
Only users that are authorized should be able to download and install an app. Authorization can work off of a server side ACL (access control list) that is driven by user, role and designation and group authorizations. For example, an employee working in buildings and facility management should not be allowed to download a mobile app that is intended for sales operations.
Administrators should be able to send notifications using the push capability of the supported mobile platforms. The notifications alert the user about available updates for apps installed on the device.
Over the Air Updates
Both Android and iOS (5.x) now support OTA (over the air updates) for updating existing apps, installing patches and other maintenance related fixes. An enterprise app store should include a feature to push the updates to the device and notify users through the notification system on the device.
Device Registration and Management
An enterprise app store should include the database of users, devices and apps. This can also be done by using MDM software and integrating it with the app store. In an enterprise, a user may have multiple mobile devices. Similarly, devices may be shared with different users, each having a different account and profile on the device.
Administrative Console, Centralized Management and Control
An easy-to-use, Web-based administrative console is an essential feature that allows administrators to approve new apps or updates to existing ones. It also allows them to retire, archive and remove apps when necessary.
Identifying Malicious Code
Malicious software including Trojan apps are a big problem in public app stores, and an enterprise app store could also be susceptible to such attacks from an internal party like a disgruntled employee, or from the packaging of third-party software and services bundled with in-house enterprise apps. The app store should provide ways to identify, prevent and take down apps that do not adhere to the organization's code of conduct.
There should be a clear and simple process for submission, approval and withdrawal of apps that are intended for the app store. A well-defined set of guidelines should be published as to what are the acceptable policies for approval of apps. This is also an area where the company's best practices, polices and design guidelines can be validated and enforced.
Shane O'Neill covers Microsoft, Windows, Operating Systems, Productivity Apps and Online Services for CIO.com. Follow Shane on Twitter @smoneill. Follow everything from CIO.com on Twitter @CIOonline and on Facebook. Email Shane at firstname.lastname@example.org