In Leveraging mobile cloud apps in the enterprise, we outlined the requirements for cloud-based mobile application development. Specifically, we discussed the need for Mobile Enterprise Application Platform (MEAP). MEAP or no MEAP, there is still the challenge of mobile application delivery and governance.
We all know how easy it is to download new applications to our smart mobile devices. In fact, we at Nemertes recently queried a large, multinational corporation that found thousands of unauthorized downloads of applications to its RIM BlackBerry devices. Granted, most of these applications were harmless: navigation, weather, games, Facebook and LinkedIn. Wait, harmless? I think not. After all, the No.1 target for malware these days is social computing. So, let’s take a step back from application delivery and take a look at mobile application management.
MDM: Mobile device management
Good mobile device governance demands strong application control. The bottom line is employees will download if they can, even if they shouldn’t. It’s so ingrained in our psyche now to go to the app store for whatever you need. The only way the enterprise can gain control over applications is to deploy Mobile Device Management (MDM). MDM is not new and anyone running a RIM BlackBerry Enterprise Server (BES) is running MDM; granted, just for BlackBerry devices. Ideally, the enterprise should have one MDM supporting multiple mobile platforms (just like MEAP). The MDM market is ever-expanding, including the following vendors: BoxTone, Good Technologies, McAfee (Trust Digital), Mobile Iron, RIM and SAP/Sybase (Afaria).
MDM is part of an overall governance plan including these features:
- Device management
- Service management
- Security management
- Application management
The last point -- application management -- refers to the lifecycle management of mobile applications. A key aspect of MDM application management is application delivery. Unlike application delivery to the desktop, application delivery to the mobile device should match the dynamic nature of the device. In other words, enterprises should use a mobile cloud computing model to provide dynamic support for mobile applications over the air.
There are two basic models of application delivery clouds: external and internal. The external cloud model leverages existing app stores such as Apple iTunes and the Google Android market. Not surprisingly, the internal model requires standing up a self-managed cloud. Let’s look at delivering IOS apps for the Apple iPhone as an example.
There are three mobile cloud computing models for enterprise-level application delivery to an iPhone:
- Use iTunes to distribute the app for installation by employees. Since iTunes is optimized for mobile application delivery, there is an advantage to leveraging iTunes infrastructure. Though iTunes is optimized for mobile application delivery, it also means corporate assets -- custom-developed applications -- are resident on iTunes servers.
- Post the app on a secure Web server, enabling users to access and install the app wirelessly. This option offers the highest security and control over enterprise applications, but it does require the standing up of a secure mobility cloud for application delivery.
- Use a combination of the two. It is highly likely the enterprise will want to deliver custom-developed applications and COTS (commercial off-the-shelf) applications. This requires either delivering all applications via iTunes or standing up a private cloud for custom-developed applications and using iTunes for COTS.
I find it interesting most people assume all Apple applications must be delivered via iTunes. This is not the case. But providing a highly available, high-performance cloud for application delivery is beyond the scope of many enterprise organizations -- leading mobility architects to turn to communications service providers for a hybrid cloud approach.
Hybrid cloud for mobile application delivery
Communications service providers such as AT&T, Orange Business Services, Verizon and Vodafone are jumping on the cloud-based mobile app delivery model. They typically implement an MDM (and possibly a MEAP) in a multi-tenant fashion while standing up a service delivery cloud. With this model, the enterprise is able to perform application delivery in-house, and use the hybrid cloud to deliver mobile applications securely to employees. This model shifts the burden of establishing the mobility cloud to the service provider while keeping the responsibility and control over application development in-house. Over time we believe this model will become the model of choice for enterprise mobile cloud delivery.
Conclusions on the future of cloud-based mobile apps
Mobility is one of the most pressing areas of concern for today’s IT organizations. There are financial and competitive pressures raising questions of employee ownership, in-house application delivery and how best to deliver applications via a mobility cloud. Unfortunately, the issues directly affect each other and the complexity is multiplicative. For example, mobility management combined with employee ownership and application delivery is a far more complex undertaking than just straight mobility management.
The bottom line is that IT planners must get out in front of the mobility curve. The first step must be addressing (or deciding to explicitly not address via denial) employee ownership. The next step is implementation of mobile data management followed by the decision of a MEAP. In conjunction with the MDM and MEAP decision must be the mobility application cloud delivery model.
About the author:
Ted Ritter is a senior research analyst with Nemertes Research, where he conducts research, advises clients, and delivers strategic seminars. A Certified Information Systems Security Professional (CISSP), Ritter leads Nemertes' research on information stewardship, which includes compliance and the management, access, storage and backup of data.
Mobile device management with SaaS
Policies for securing mobile devices
Mobile device management spotlight