Apperian powers liberated enterprises

Apperian powers liberated enterprises

Summary: Apperian's Mobile Application Management solution liberates enterprises by focusing on protection of the user and the employer in BYOD scenarios. There is a way to have the best of both worlds: The Apperian Way.


I spoke with Apperian's SVP of Engineering, Carlos Montero-Luque and Director of Product Marketing, Stephen Skidmore about their take on BYOD. I was surprised to learn that their approach is much different than that of "traditional" BYOD program implementations. BYOD for them is a business trend that creates more of a partnership between the end user and the corporate network. Apperian's Mobile Application Management suite removes the contention and the stress between the two realms.

One of the problems with BYOD programs is that users can feel that their device is being invaded, usurped or ripped from their ownership and controlled by the company. While company IT managers and administrators feel that they're basically enabling rogue devices and allowing users to compromise security and disrupt balance in the network.

Users want to use their devices without obstruction or "Big Brother" looking in on what they do in their non-work time and IT managers and administrators don't want users burning work time on updating their Facebook statuses or Tweeting that "Work is boring."

Fortunately, there is a happy medium that doesn't include compromise for either party.

Apperian takes a new view of BYOD and the Mobile Enterprise: Liberation of the Enterprise through intelligent mobile application management. What this means for the device owner, you, is that your device isn't beaten into a mobile device management template that's supposed to magically manage hundreds or thousands of individual users. Mobile Device Management might place user-owned devices into a corporate "Sea of Tranquility" but often does little to quell the device owner's apprehensions. Apperian beats the corporate sledgehammer into a tool that's useful for both the device owner and the owner's employer.

And, it's not just about a kinder, gentler BYOD conversion, it's about making the experience good for everyone involved: The company, the device owner and the mobile device software administrator. Apperian provides all of the "expected" security features such as remote device lock, remote wipe and remote App delete.

One particular feature set of note is Apperian's ability to gather data and manage Apps for

  • Malware
  • Sources of Data Leakage
  • Adoption
  • Usage
  • Activity
  • Compliance

Apperian is almost like a private iTunes for your company.

Enabling mobile workers is no longer about just managing their devices – it is about empowering the workforce through transformative business apps. The Apperian EASE® platform provides the features you need to securely manage your corporate mobile apps and data.

Here is a list of Apperian's Mobile Application Management features:

  1. Cloud-based
  2. User-controlled access
  3. Customizable App catalog
  4. "App wrapping" security
  5. Over-the-air App updates
  6. Unified admin console
  7. App behavior inspection
  8. User and App reporting
  9. MDM-free App deleting
  10. Crowdsourcing and App ratings

Their list of big business names is convincing too: Estee Lauder Companies, Cisco, NVidia, AT&T and Proctor & Gamble to name a few.

Adding more fuel to the Apperian fire is their recent (July 18, 2012) announcement that  Appthority Platform™ is now integrated into its Enterprise App Services Environment (EASE) service. Addressing the BYOD trend, the addition of Appthority’s automated app inspection platform will help businesses to determine risks in mobile applications before they are deployed.

Integrating Appthority’s app inspection into EASE is another proof point of Apperian’s strategy to provide businesses with a modular solution that incorporates the best products and services to manage their enterprise mobile environments. This approach enables IT managers to apply the exact capabilities they require and to manage it all from a single admin console.

The Appthority Platform™ identifies the risky behaviors behind iOS and Android apps. What may be masquerading as a simple calendar or social networking app may also put sensitive data at risk, track for location or hide mobile malware. Appthority protects companies from risky apps, enabling them to embrace BYOD and use their own mobile devices for work. Appthority is available as a premium feature to Apperian customers.

I came away impressed with Apperian from our discussion and I suggest that, if you're considering a BYOD program for your company--or if your company is considering implementing such a program, suggest that the decision makers take a look at Apperian before trudging down a path that might not work for you or your company.

To be fair, I don't that there is a single correct answer for every company. I think you have to evaluate your administrative, security and user's needs before deciding on a mobile management suite, be it application, device or some other method. The purpose of this post is to make you aware of your options.

One of the key things to consider when down-selecting companies is how you want to manage mobile devices within your corporate boundaries, whether they're physical or virtual. Also consider your users and their needs. Do you want to manage users, Apps, devices, content or a combination of those. Prepare to ask yourself some tough questions such as, "What types of devices are we going to allow?" and "Are there devices or Apps that we will ban when connected to the corporate network?"

The answers might seem easy upon first glance but you have to be careful that you don't alienate your users. As Carlos and Stephen noted in our discussion, users are more tech savvy now than they were a few years ago and that means that they want fewer restrictions not more. They understand the need for security but they won't understand the need for "spying."

It would be productive to have an internal information gathering survey prior to launching a BYOD program so that your users can give their input in a non-threatening and constructive manner.

Remember that the employer-employee relationship is symbiotic. It's like any relationship --it requires some compromise--not on security and functionality but on creating a collective vision that both sides can live with.

From your experiences with BYOD, what are some of the pitfalls that you've seen thus far? What, if anything, has been done to fix them? Talk back and let me know.


Topics: Mobility, Data Management


Kenneth 'Ken' Hess is a full-time Windows and Linux system administrator with 20 years of experience with Mac, Linux, UNIX, and Windows systems in large multi-data center environments.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • MAM / MDM and onward

    MAM solutions are coming along, the main problem in the industry is it's just immature compared to solutions like RIM's BES. What hasn't changed are the regulatory requirements many corporations are requires to adhere to so while the employee feels they wish to use their devices without obstruction or "Big Brother" that sadly exactly what is needed. FINRA has specific language around the supervision and retention of electronic communication. This includes email, SMS, social networking. Other regualtions (HIPAA, SEC, State Encryption) are clear requirements around data protection and how it can be stored and used.

    Users don't care about these, but companies certainly do as fines can run into millions of dollars.

    MAM is still "big brother" as if certain Apps are black listed the user won't be able to use them regardless of business or personal use. That is the issue with BYOD that not going to be fixed. Once you compromise the user device / usage in any way the appeal drops like a rock. Users complain about a simple password enforcement. Thus the world of living with two devices. One for work, one for personal usage. It's still the cleanest (though not convient) method to serve both worlds. Privacy is something every employee should take into consideration, do you want a MAM to report every single App you install?

    We did a RFP on MAM solutions and many are in a semi alpha-beta state. They bulk really only support iOS as the API control isn't there for Android, Windows Phone and don't even bother asking about Blackberry as they'll look at you with bug eyes. Unsure there is an ROI for a MAM at this point. The CAL is expensive and if your BYOD program has limited adoption your footing a hefty bill.

    The other BYOD road block is around subsidy. There are no clear state or federal direction on this and for many employees and additional cost on their part if a deal breaker. They want to use whatever device they wish, Apps that are not vetted for conducting business and have little or no security on their device. The polar opposite of the governance world their corporate laptop/Blackberry lived in.

    Perhaps as employees understand the controls required for their company they will decide if BYOD makes sense for them or not. They will need to weigh the value of using their own devices. Presently its a vocal minority (read executives). The rest of employees see little value and are happy to have a job and a company provided device.
    • RE: MAM / MDM and onward

      The underlying assumption in your response derives from the world of the BES (Blackberry Enterprise Server), when a device could be fully managed, controlled, and owned by the enterprise.

      The problem is, this is no longer possible or even desirable today. It may be that in specific industries, e.g., financial, the requirements have been interpreted to require a "lock down" at the device level (not just protecting apps and data), and I still see people with 2 devices - a Blackberry for work and an iPhone for personal.

      However, individuals and companies are rnow ealizing that phones and tablets are really shared between personal and business use. BYOD is here, whether we like it or not.

      And the risks are different: now, the risk of violating a user's privacy and personal information (or accidentally wiping their device) can be as large as the risk of data loss.

      With respect to Mobile Application Management solutions being in an "alpha-beta" state, not sure how to respond, other than to say my company (Apperian) has a solution that is in use at many F100 companies with tens of thousands of users per company, is scalable, solid, and has held up on the security side. So, not sure when that RFP was, but feel free to contact me directly if you have questions.

      Cimarron Buser, Apperian
    • Re: MAM / MDM and onward

      I don't agree that the MAM solutions are "immature." Instead of such a broad statement, I would focus on the very dynamic aspect of the impact of mobility on organizations (enterprises, governments, non-profits, etc.) This market is evolving very rapidly along a couple of axes: the functionality and capabilities of mobile environments in terms of devices, networks, features, software; and the users taking advantage of these environments and the ways they are using these new capabilities.

      IT is not the enemy of the users of enterprise mobility and these two constituencies are in desperate need to work together. The core duties of the IT administrator haven't changed, in fact regulations are tighter than ever before (you mentioned a number of them in the comment). But it's a red herring to suggest that because data needs to be protected, stored, and user securely, this demands not just absolute control by the IT team of absolutely everything bus also requires "management by disabling capabilities." Companies are not going to be thriving by being less competitive than others in their space. There is no more insecure company than one in which IT is "in the way" of employees doing their work. When a building is so secure that getting back into the building becomes too onerous for users going to get their lunch, what happens is that "secure" doors end up being propped open by users.

      MAM is not about preventing IT from doing its job, it is precisely about the opposite. It exists because traditional methods are so crude that all the "big brother" functionality does is provide a mechanism to CYA to organizations that ought to know better. Traditional systems are easily defeatable, and the equivalent of using a bad interface, a "separate" environment, or putting everything under someone's control regardless of the implication, need, or impact in the organization (and, perniciously, putting the company itself at legal risk in several ways for content that is not theirs in devices that are not theirs).

      Are there "big brother" aspects to MAM? For anything that's relevant to the corporation, absolutely, and with full knowledge, intent, and purpose. Apps and content need to be inspected, they need to be secured, they need to deployed to the right people, usage needs to be tracked, registered, stored, access to corporate environments needs to be controlled. IT owns these responsibilities and their job is tougher than ever. And they need to manage these environments within their much bigger corporate responsibility that extends way beyond mobility.

      MAM can (and in our case absolutely does) limit itself to the corporate-relevant assets. Blacklisting apps in a crude way, as you claim to be what MAM does, is neither accurate in terms of capabilities nor actually useful to IT or the user.

      Calling MAM solutions as being "in a semi alpha-beta state" is tendentious and outright unsustainable as a statement. Hundreds of thousands of users on large organizations worldwide would disagree with that. iOS and no Android or Blackberry, that's another statement that fails to meet a basic reality test. Windows Phone will be a diminishing set in the overall mobility arena, but Windows 8 promises to be relevant. And the comment about the ROI of MAM and pricing also reflects either a complete lack of understanding of the market or simply a way to hide support for solutions that actually fail to provide real security and can, at best, wipe already compromised devices and close the barn door after the proverbial horse has left. What is needed is active, accurate, reliable, compliance-ready management of corporate assets, in a way that enables users to be more productive and effective without compromising the company as a result.

      The final comment I have to make is about BYOD. I suggest the commenter should just bother to read the latest research regarding overall trends, numbers, and spread. BYOD is a change in the way IT is consumed and used. As with many previous significant changes, there needs to be a transformation is how it is managed and how its benefits (and challenges) are addressed. The right service is provided by addressing how to do this by protecting the corporation, helping IT, and supporting users, and MAM is a cost-effective, targeted, mature, and effective way to do so.

      - Carlos Montero-Luque
  • Paid advertisement?

    Oh dear look at all the vendors jumping in to trump up their offerings. Gentleman I'm sure you products are fantastic. I'm sorry real world (at our company) fell short. The fact is the market is in an immature state from a MANAGEMENT perspective. Yes some companies will still prefer to manage how / when / why corporate resources are utilized.

    Can we PLEASE stop saying it's all these IT / Admin guys standing in the way of "progress". I'm as pro mobile friendly as they come and I welcome solutions that help govern thousands of mobile devices, be it Blackberry, iOS, Android and yes if it ever does anything Windows Phone. The roadblocks preventing users from all the wonderful enablement of mobility are legal, compliance and HR. These orgs are stuck in 1950 and what worked then is how they want things to remain. If they could they'd shut off the internet and block wireless signals in building (I'm sure some places out there do this).

    I have sat through countless roadmaps from MAM as well MDM vendors all stating things they have planned, or coming in Q3, Q4 etc. Thus the market comment. What kills all these vendors are Apple and Android don't give a second thought to enterprise mobile needs. It's a niche market to them and they'd rather enterprise bends to them vs. the other. Will consumerization change this, maybe. Some companies it works, in ours we have employees that do not like change, and certainly feel "big brother" is watching them. Some company cultures will have a hard time for BYOD to be adopted, no trend is going to change that.

    A good amount of MAM interest are companies that want to prevent certain Apps from being installed / used. This totally flies in the face of BYOD as alluded the device is serving a personal and business role. Thus you will (in these cases) continue to see companies provide a device as well have users with their own device. Will things bleed over? Maybe but chances are companies are taking harder stances how how corporate data and access are utilized.

    For the record we have a BYOD program, it's seen limited adoption and will likely use a MAM next year. Mostly for a content control / vetted App approach. Be it MAM or MDM there are users who do not like anything "touching" their device and from the MAM solutions I've seen there are serious privacy concerns with App inventory and usage metrics gathering.
  • BYOD and Enterprise Mobility


    I am not sure where the message was about "IT / Admin guys standing in the way of 'progress'". If anything the point I was trying to make was precisely the opposite, that real world management of mobile environments has new requirements and brings up new complexity. We would not be providing value if we were to be pushing the same old functionality in the view of new environments and capabilities. The point about HR, legal, compliance, and governance issues (including sovereignty issues regarding where and how mobile IT is used) are real and IT orgs are trying, very hard, to do a very good job in an environment where these issues are paramount and where the playing field continues to be changing.

    I would not argue about the state of the market and the amount of noise in it. The easiest way to have one's roadmap copied by a bunch of companies (and we know this well) is to publicize it. I've been in enough customer meetings in which a roadmap we'd just done was "already presented" by slower competitors with bigger marketing dollars. And the amount of hand waving in this market is even funny. No point in complaining about it, it is the result of how much money, interest, and innovation is being created, from the platforms to the management tools, apps, etc. The problem I had with the original statement is that there are very substantial differences within the market, and painting everyone with the same brush has the unfortunate side-effect that it favors the slow and unresponsive and punishes the innovators, just the opposite intent from what one would want to get from their vendors.

    As for Apple and Google/Android, they are very different cases each, as you well know, from a very controlled environment to one that is to thrive based on variation and a broad ecosystem. Both of them have serious advantages and challenges, and can create different frustrations for enterprises, IT departments, users, and vendors as a result. While their work is very consumer-oriented, the number of devices and the staggering amount of money involved in mobile devices at work (mostly iOS and Android today) make these markets in no way irrelevant to them.

    Two points about BYOD and "big brother". The first is that BYOD is not and will not be the end all. For a number of reasons, legal, cultural, environmental, functional, etc. BYOD and corporate-provided devices will coexist in very diverse proportions. But BYOD as a substantial portion of the market is here to stay, unless trends are going to be reversed in an unexpected way. The economics favors enterprise BYOD in many cases (and we know what that means in terms of changes) and for many users, the line between personal and business time is blurrier than ever, and while that is not necessarily a positive thing or a negative thing, as there are important implications in either direction, it is a simple statement of fact.

    Which brings me to the last point now, which is the question of privacy and behavior, and corporate limits on both. Here I will insist that MDM and MAM have to be seen from very different points of view. MAM exists in large part to establish a compromise between on the one hand, protecting, judiciously, rightly, legally, and (very importantly) more effectively corporate assets in mobile environments. Manage, protect, install, uninstall, prevent, enhance, secure, integrate assets that don't belong outside corporate use for whatever reason. And on the other hand, limiting those actions and protections to truly relevant corporate assets, and leaving personal assets outside of those limits and controls. It is intended to be a tool for the collaboration that I mentioned in my earlier post between users who need these tools and capabilities both for their personal lives and as they thrive professionally, and IT departments who "don't stand in the way of progress" but are as responsible as ever for protecting the corporation, its shareholders, customers, and employees, from any issue, malicious or not.

    - Carlos Montero-Luque