Do enterprises need their own app stores?

Moderated by Lawrence Dignan | May 27, 2013 -- 07:00 GMT (00:00 PDT)

Summary: BYOD has added a layer of complexity to IT management. Can internal app stores help?

Eileen Brown

Eileen Brown

Yes

or

No

Matt Baxter-Reynolds

Matt Baxter-Reynolds

Best Argument: Yes

77%
23%

Audience Favored: Yes (77%)

The Rebuttal

  • Great Debate Moderator

    Thanks for joining us

    Is everybody ready?

    Posted by Lawrence Dignan

    I'm ready

    Let's go

    Eileen Brown

    I am for Yes

    I'm ready, too

    First question...

    Matt Baxter-Reynolds

    I am for No

  • Great Debate Moderator

    Distribution policy

    What are the best ways to distribute enterprise apps?

    Posted by Lawrence Dignan

    Test first, then deliver

    Enterprise apps should be delivered from a centrally managed repository with appropriate policy controls in place. All applications in the repository should have been tested for compatibility with existing line of business applications, and delivered to the users that have a requirement to use the apps.

    The apps can then be managed effectively due to the infrastructure in place at the organisation. If the application is needed for a specific job function and is not compatible with other line of business applications then it can be delivered by an application virtualisation solution such as Microsoft’s App-V to avoid one app causing issues with another. Without this level of management and control, the user runs the risk of installing an app that conflicts with or renders the line of business app unusable

    Eileen Brown

    I am for Yes

    Define the policy

    If you have devices that you need to control, the best way to distribute apps is simply to have the sysadmins define policy that causes apps they want to install to be installed. Having the user follow the app store metaphor is unnecessary.

    Matt Baxter-Reynolds

    I am for No

  • Great Debate Moderator

    Need for app stores

    How important is the concept of control regarding enterprise app stores?

    Posted by Lawrence Dignan

    Corporate IT must control through user policies

    In branch office scenarios it is vital that the enterprise datacentre is able to deliver apps to all subsidiaries by delivering the applications across the infrastructure  to the content servers in the remote offices over the WAN. Corporate IT needs to control the publishing, distribution and on-going management of applications by user policies.

    Application licences can be assigned by the centralised IT team to specific users, teams or organisations and dynamically re-allocate the licences when the business needs evolve. Applications can be pre-scanned for malware or viruses before the user downloads the app to their device. Each user has their own unique requirements for apps which dynamically change as organisations re-org and change strategic direction. Centrally enforced policies are therefore a necessity to manage the changes.

    Eileen Brown

    I am for Yes

    The blacklist

    A key feature of enterprise app stores is the ability to black list (i.e. "prevent installation of") apps that you don't want the users to be running. This feature is very much about control -- and I'll talk about this shortly.

    The other features are more about convenience. The intention of using the app store metaphor in enterprise app distribution is to give the users something that they understand and which using doesn't require too much cognitive loading.

    Matt Baxter-Reynolds

    I am for No

  • Great Debate Moderator

    Why?

    Why not just use Google Play and Apple's B2B App Store?

    Posted by Lawrence Dignan

    Mass confusion

    When customers download apps from Google play or Apple B2B App store there is no option to manage or control distribution of apps through a centralised corporate policy. Any user that obtains a redemption code can download an app – whether or not it is of value to their task in the organisation. Costs would be difficult to manage centrally and licence re-allocation would be impossible as apps are controlled centrally by Google and Apple.

    Eileen Brown

    I am for Yes

    Trade secrets

    These are public stores. If you have trade secrets that you wish to protected (e.g. an app that contains code that describes a procedure that you'd rather keep from competitors), you need private distribution.

    Matt Baxter-Reynolds

    I am for No

  • Great Debate Moderator

    Security control

    Do enterprise app stores do anything for security?

    Posted by Lawrence Dignan

    They need to pass inspection

    Enterprise app stores allow business focused apps to be downloaded into a DMZ (de-militarised zone) whilst they are being checked for patches, worms, viruses and compatibility. When the IT team is satisfied that the app passes all of the corporate tests, it can be assigned to the appropriate policy for distribution to the correct set of users.  Financial institutions such banks also need to guarantee that their line of business apps are deployed securely. Placing these apps onto Google or Apples store would cause concerns over security for some organisations. Financial based apps tend to perform one particular complex task such as applying for a bank loan, a mortgage or credit card. Rapidly changing user responsibilities means that organisations need to efficiently provision and deactivate access to systems to ensure adherence to the dynamic nature of the enterprise business.

    Eileen Brown

    I am for Yes

    Limit choices


    Yes, insofar as they can used to blacklist apps that you do not want users to be running.

    Whether this controls security, or whether it controls how much time the user spends doing non-work activities is unclear. It certain reduces the vectors that are in-play with regards to leaking confidential data outside of the enterprise boundary.

    Matt Baxter-Reynolds

    I am for No

  • Great Debate Moderator

    The use of technology from others

    How do technologies from Citrix and others impact the need for an app store? In other words, can't you just distribute apps via tunneling and virtualization to tablets?

    Posted by Lawrence Dignan

    Use what's available

    Some apps need to be accessed whilst the user is away from the corporate LAN or working offline. In areas of low connectivity, offline apps still need to be provisioned, delivered and used whilst not connected, syncing data when the user is next connected to the corporate network. Technologies such as Citrix XenApp and Microsoft App-V enable apps and user settings to be preserved whether online or offline and maintain a centralised and managed infrastructure.

    Eileen Brown

    I am for Yes

    Horrible user experience

    This creates a horrible user experience and is not something I recommend for general use. (It's fine as a strategy for saving money on rarely used apps.)

    However, as a counterpoint, my ZDNet colleague Jason Perlow had this to say about [session-based remote computing with regards to mobile apps in the enterprise].

    Matt Baxter-Reynolds

    I am for No

  • Great Debate Moderator

    HTML 5 effect

    Will HTML5 ultimately eliminate the need for app stores and apps?

    Posted by Lawrence Dignan

    Rich-client apps

    There will always be a need for rich-client apps. HTML5 will take away some requirement for rich client, but some legacy apps will always need local access to the device.

    Eileen Brown

    I am for Yes

    Native apps are much better

    HTML5 in enterprise apps is an interesting one. It seems logical to suggest a single web app can expose data and functionality out to devices, however the reason why this doesn't happen in consumer environments -- i.e. that the experience is awful and native apps are much better -- would seem to apply to enterprise apps at all.

    Matt Baxter-Reynolds

    I am for No

  • Great Debate Moderator

    Packages only

    Do you anticipate that app store distribution will simply be packaged in mobile device management applications?

    Posted by Lawrence Dignan

    It's all or nothing

    Mobile device management applications and settings are already packaged like this. The requirement for a password on the device and the auto-lock function are already distributed via policy settings. If the users refuses to accept this policy, then they are prevented from accessing the corporate intranet from that device. This ensures that corporate policies and updates go across every device that connects to the corporate network. Adding policy specific apps to the mobile device management application ensures that each user gets the correct suite of applications to a secure and well-managed device.

    Eileen Brown

    I am for Yes

    Yes

    Yes.

    Matt Baxter-Reynolds

    I am for No

  • Great Debate Moderator

    Already outdated

    Given the use of SaaS and apps from the likes of Salesforce and Workday already distributed on iOS and Android, aren't custom enterprise apps going the way of the dinosaur?

    Posted by Lawrence Dignan

    Necessary for highly specific tasks

    In many specialised environments such as supply chain management, finance and the pharmaceutical industry, apps that perform highly specific tasks are often used. Workflow processes, governance and multi-layered security apps are used which are often written for specific devices such as ruggedized, sterilized and embedded devices. These apps may be required to be certified with the appropriate authority before the app is permitted to be used. SaaS cloud apps – where used in global companies that need to deliver apps to many different countries can have local compliance and legal challenges. Laws regarding data access, security and information access could make SaaS more difficult to manage than an enterprise app store. 

    Eileen Brown

    I am for Yes

    They're not for everyone

    I think it depends on the approach. It's possible to find within your organisation "audiences" of people who need certain chunks of functionality. For example, in airline you might find a need to deploy iPad-based flight bags with apps needed to support piloting a plane, but you have a whole load of other people within that organisation who don't fly the planes.

    I don't think custom enterprise apps are going away, but I'm not sure that custom apps that apply to all users within an organisation will apply.

    Matt Baxter-Reynolds

    I am for No

  • Great Debate Moderator

    Your ideal system

    If you could create your perfect mobile application distribution method for corporations what would it be?

    Posted by Lawrence Dignan

    Behind the firewall

    A perfect method would be to access the corporate VPN via a technology such as Microsoft’s Direct Access that eliminates the need for a dongle, secure key generator or other physical device such as a smartcard. Once inside the corporate firewall, apps can then be downloaded to the device over the air in a secure, well managed infrastructure with policy controls in place.  Users would never need to visit the office for updates, virus checks or patch management as this would be delivered over a seam free VPN access solution. For branch offices that have video requirements solutions such as Cisco Application and Content Network Streaming solution could be used to deliver live and on demand video streaming to branch offices.

    Of course the need to track and manage the applications and keep track of the devices are important so a good mobile device management (MDM) solution such as Mobile Iron will enable organisations to track who downloaded each app and to control when and where they are used.

    Eileen Brown

    I am for Yes

    IT team should manage

    It's really the necessity to borrow the app store metaphor that I think it wrong here. If you have devices that you need to control, it makes more sense that the IT team simply pushes down a policy that installs or blocks apps that you do or do not want the user to have. Making the user jump through hoops just to follow the metaphor of "going to a store and 'buying' apps they want" seems unnecessary.

    Matt Baxter-Reynolds

    I am for No

  • Great Debate Moderator

    Evaluating success

    What are the key items to evaluate with enterprise app stores?

    Posted by Lawrence Dignan

    Bandwidth and accounting

    Key items that impact users are the accessibility of the bandwidth between the branch office and corporate headquarters. If the WAN link is slow, for example less than 64kbps, then app deployment to branch offices might be an issue. In this scenario, then content servers with requisite apps should be placed at the remote end of the WAN link for users to download across the LAN. Any updates, patches, and security checking can then be distributed locally to the branch offices.

    Other requirements for enterprise app stores are to ensure that there is an appropriate way of implementing cross charges and service delivery charges back to the business to ensure that the business groups within the organisation have the associated costs assigned to them. Business groups with heavy app download requirements (and consequently higher deployment and management costs) can be evaluated against other, more cost efficient businesses in the organisation.

    Eileen Brown

    I am for Yes

    Blacklist, and installation prodedures

    You're really only looking for three functions -- the ability to "blacklist" apps that you don't want the user to run, the ability to force installation of apps that you want the user to definitely have, and the ability to offer installation of apps that the user can optionally have. That's really all that you're looking for with an enterprise app store.

    Matt Baxter-Reynolds

    I am for No

  • Great Debate Moderator

    Lasr question: Role of BYOD and multiple platforms

    How do BYOD and multiple platforms play into the enterprise app store model?

    Posted by Lawrence Dignan

    Brings flexibility

    BYOD brings a great deal of flexibility to the enterprise. Users want to be able to have the same experience regardless which device they use locally and remotely. Having a centralised corporate repository of user defined settings, security and data integration – with the policy settings, compliance model and structured management.

    Enterprise app stores, coupled with a suitable enterprise app delivery mechanism enables the company to maintain control, ensure security of corporate data and ultimately keep the costs of BYOD down to a minimum.

    Eileen Brown

    I am for Yes

    Makes it more difficult

    It makes it much more difficult. If you don't have a platform that you have standardised on, you'll always be chasing around after whatever set of platforms comes into vogue within the organisation. One year you could have everyone bringing in iPads and Android phones, the next year you could have a few iPads, lots of Windows tablets and BlackBerry phones.

    Matt Baxter-Reynolds

    I am for No

  • Great Debate Moderator

    Great Debate!

    Both Eileen and Matt did a great job. Since both live in the UK, we allowed them to write in their native language. Check back Thursday for the closing statements and Friday for my final verdict. Don't forget to talkback and vote.

    Thanks again for joining us.

    Posted by Lawrence Dignan

Talkback

21 comments
Log in or register to join the discussion
  • BYOD or no - it's an interesting proposition.

    I'll start by saying I'm not really a big fan of BYOD, and that I'm likely to buy my own separate work device should I ever have to work for a business that requires BYOD.

    I'm certainly never going to put my personal phone on a business network.

    That being said an "enterprise app store" is an interesting proposition, and that could take a load off of the shoulders of IT, regardless of the BYOD policy.

    The users would be in charge of downloading software as they need it, so the IT personnel wouldn't have the burden of deploying the software.

    That is, assuming that easy-to-use tools are available for creating such stores.

    It could potentially have downsides, though: If there are limited numbers of licenses for the software, and users abuse the system to download software you really don't need, you could find yourself in a position where the people who really need the software can't use it because abusers used up all of the licenses. Things like that certainly need to be addressed.

    But do businesses *need* app stores?

    I'd say no. Especially small ones might not need something like that. This strikes me as something for medium to large businesses.

    I will likely vote "no," but it would be a weak "no," as I can certainly see the benefits. I am not *against* the idea of having an app store. But on the other hand, I don't see it as being so overwhelmingly useful that it could be labelled as a "must have" for businesses.
    CobraA1
    Reply Vote I'm Undecided
  • How is that any different than "side loading" applications?

    Looks like a duck, quacks like a duck...
    jessepollard
    Reply Vote I'm for Yes
    • Probably the trust aspect

      If you can set up a company store where all available apps are trusted (after appropriate testing, presumably), the IT people are more likely to be willing to work with it.
      Third of Five
      Reply Vote I'm Undecided
  • Not a solution

    The real reason people bring their own device is because of the employers restricting their employees sometimes to such an extent they forced to use external channels to do their work, or just to feel connected to the outside world. So now we are going back to it?
    andries.spies@...
    Reply Vote I'm for No
  • I voted yes but I am not sure that it applies to all enterprises.

    I work for a major Midwestern university and for many years we have had a website whose sole purpose is to deliver to students any software for which the university holds an enterprise-wide license. Of course, a university environment represents the epitome of BYOD but the premise is the same. In light of the explosion of BYOD devices, whether or not the institution needs something more attuned to the needs of individual devices is a different question.

    Most BYOD devices already have access to an OS-dependent app store so enterprise-specific apps are often better served through the vendors app store than through an enterprise-specific app store.

    Still, I think the time is coming when BYOD will require the enterprise to make industry-specific applications available through such an app store mechanism and whether or not OS vendors allow the enterprise to connect to the device via an enterprise app store or whether the enterprise is forces to use Google Play, or the Apple AppStore remains to be seen. Microsoft has already said they will permit the enterprise to "side-load" their own apps.
    M Wagner
    Reply Vote I'm for Yes
  • blackberry does this, hello

    I'm surprised you don't know or didn't mention that blackberry 10 devices have their own enterprise app store. In fact blackberry has had this for years. They never seem to get credit where deserved.
    Ahnomimush
    Reply 1 Vote I'm for Yes
    • BES 10

      Yes, and BES 10 can do that for Android 2.2>, iOS 4>, BB 10, and PlayBook 2.x devices.

      Done.

      That was easy.
      bb_apptix
      Reply 1 Vote I'm Undecided
  • Not even on the table...unless we can remove what we want when we want.

    Simply by connecting to our corporate network with your own device reserves us the right to wipe the phone when it is believed that something installed is a security risk. What is a security risk? Who monitors them? How many new FTEs for all of that? Do the user's feel comfortable granting this kind of control of their own device to their employer?

    The opening statement sounds nice but not for personal devices. If you are restricted to apps only provided by your company then shouldn't it be a company device managed by the company?

    If you connect your existing phone using vpn to your company network have you read the company policies? Ah, thats why that app has the access it does!
    hashref
    Reply Vote I'm for No
    • Not even....

      Many FTEs want to use their own devices particularly remote workers and road warriors that want light or feature rich devices. Selective wipe is a reality and a corp responsibility in BYOD scenarios.

      Any half-@$$ IT department can monitor & automate Alerts to users and move the users access to a GUEST status in a highly secure DMZ. Skills and grey-matter is all that stands in the way.
      TXtunes
      Reply Vote I'm Undecided
    • What makes you think

      we need to connect to your network. We are the knowledge workers who create the content. If you do not serve us we will move our content to other servers and dismiss you.
      AnalogJoystick
      Reply 1 Vote I'm Undecided