How to build a corporate app store

British American Tobacco on its approach to building a corporate app store to support personal and work devices.

The average employee increasingly carries a personal smartphone or computer that they use to get work done.

Letting staff access corporate information and systems from these devices in a way that doesn't risk breaching regulations or security is something of a headache for companies .

British American Tobacco (BAT), the global tobacco company operating in 180 countries, is tackling this issue by building a corporate app store. The store is designed to provide staff with apps that tap into corporate systems in a secure fashion and run on a host of devices.

BAT support of BYOD began in 2010 when it made corporate email, then based on IBM Notes, available to Apple iPad devices. 

Today thousands of BAT staff are able to run corporate apps from their personal devices. These apps are designed to run on their device inside the Excitor Dynamic Mobile Exchange (DME) client.

Because apps are lightweight — built using modern web technologies, such as HTML5, CSS3, JQuery and Sencha — they will run on any iOS or Android device from within the past couple of years, as well as from the desktop.

Read this

BYOD and the consumerization of IT

Special report: The Bring Your Own Device phenomenon is reshaping the way IT is purchased, managed, delivered, and secured. We look at what it means, how to handle it, and where it's going in the future.

Read More

"Users can chop and change devices," said said Laurence Dale, lead mobile solution architect for BAT, at the Ovum BYOX World Forum 2013 last week.

The benefit of running apps in the secure container provided by Excitor DME is that BAT doesn't need to lock down the employee's personal device, which can be used as normal. The Excitor DME client uses 256-bit AES encryption to protect data both at rest and in transit. Staff log into the DME client to use the apps, and as more apps are made available employees role-related apps should be made available.

To serve up data to thse apps BAT built a backend platform, which can integrate with its corporate systems, such as SAP ERP systems.

This platform is currently in beta, and has an SDK that can be used to integrate it with other back-end systems. The platform is designed to scale up in a modular fashion as demand builds for apps.

About 6,000 BAT users worldwide have access to the Excitor DME client and BAT has deployed its platform to its three tier one datacentres to make it available globally. Server hosting, additional software licensing and helpdesk costs are charged back to regional IT centres. 

Email is currently the only app generally available, to about 1,000 users in EMEA and close to 1,000 in Asia Pacific and the Americas. However, a limited number of users also have access to an internal contacts directory. Dale said BAT was now working on integrating the platform with its SAP ERP system to serve new apps for specific departmental tasks.

Dale said that BAT had completed the hardest part of the job in building the platform to integrate with BAT's back-end systems, and now it was a case of connecting more systems and adding more apps.

A team of about six people work on building the app store, including a web developer, a Java programmers, a UX specialist, an HTML5 specialist and infrastructure expert.

A lot of work has gone into making sure apps scale and are comfortable to use on different sized form factors, according to Dale.

The business rationale for supporting the likes of personal iPhones and iPads is that "it's good for employee satisfaction", said Dale.

"These are devices that people want to work with so lets them be more proactive. Otherwise there is a risk of people running off and doing their own thing and a general lack of control."