The Keys to a Successful Enterprise App Strategy
By John Crupi, CTO, JackBe
Take something good in the consumer market, apply it to the enterprise and immediately you’ve got a success on your hands, right? The philosophy certainly seems to make sense on the surface and there wouldn’t seem to be any better example than all things MOBILE. Smartphones and tablets have reached ‘ubiquitous’ status and close on their heals are the endless list of Apps that run on them.
Simply follow Apple’s App Store and Google’s Marketplace recipe, maybe sprinkle in some enterprise-grade security and voila! Your organization has a smorgasbord of Enterprise Apps that can now be self-selected and self-installed on their favorite mobile device. Now tell that to your CIO its time to eat and watch him turn green as he tries to wrap his head around the indigestion you’ve given him: how to create, secure, govern, manage and socialize dozens, hundreds or even thousands of independently-written Apps running on a laundry list of mobile OSes.
Your CIO now has the role of ‘Chief App Officer’ (CAO) and, in my opinion, his panic is somewhat justified. We’re not talking about Apps like Angry Birds or Tower Defense but Enterprise Apps that do things with your organization’s multi-million dollar HR, ERP and BI systems. Imagine the joy of your peers when they can adjust marketing campaigns, reallocate personnel resources or set a new price for a supply chain all at the speed of a finger swipe in the luxury of their living room.
Gartner predicts that App development will outpace traditional application development by 4-to-1 in the next few years. If the experts, vendors and early-adopters I talk to everyday are right, the next-generation enterprise portal will look and operate more like a Mobile App Store than an on-premise portal. So what’s a CAO need to do to capitalize on this App-mania and keep his job/sanity too?
When asked this question, I typically recommend that newly-appointed CAOs follow 6 guidelines:
Think End-to-End. Many Enterprise Apps tend to be data-centric and so they should be thought of as part of your enterprise architecture, just like a reporting tool might be treated. One of the most effective ways to accomplish this start-to-finish approach (from the mobile App itself down to the internal and external data systems) is to follow the “hybrid” model. A hybrid mobile App is essentially a native App on a mobile device that acts as the “portal” into the mobile enterprise apps provided by your organization.
It works like this: Acme Inc. would have an App installed on a sales manager’s iPhone that securely authenticates the user into the enterprise identity management system and subsequently handles all permissions, policies, and entitlements. But the data itself is delivered into that App as HTML5-based pages (I often call them ‘Views’). The model is a ‘hybrid’ because the Views are dynamically rendered just like any web page, but they are rendered within the safe confines of the native App.
The hybrid model avoids the nastier issues of all-native approaches, particularly the ‘recreate everything for every platform’ problem. Instead, the Views are built once and reused on every HTML5-friendly device (which is most of them nowadays), but with the safe, secure confines of an App native to that device.
Lock it down. How do you keep that unique, mission-critical data safe? The best Mobile App security solution is to connect this new-school stuff directly into your old-school security system. In other words, that App should get login approval an security credentials directly from the authentication and permission systems you already have, ensuring a consistent and persistent set of authorizations and permissions, just like every other data-access systems would do.
Then your mobile users only see data they have access to and unauthorized users won’t see anything but a blank screen. Although it’s not front page news yet, many cyber hackers see mobile devices as their next big target and this can be an important part of your defense plan.
Start your own store. One of my customers was the first to encounter the ‘more than a handful’ problem: build a bunch of Apps and then you suddenly need a place to make them available to your users. You need your App Store. Thanks to Apple, Google, Microsoft and a few other megavendors, this is a model that is well understood and accepted by most of your potential Enterprise App users. And this kind of organized catalog can also help you track usage and demand patterns.
Think like a librarian. This one is closely related to the App Store tip above.The Apple iStore has 500,000+ Apps and every single one was reviewed by an Apple employee. Why? Quality-control, mostly. After security, the major concern of any CAO should be to prevent ‘App Sprawl’, the creation of Apps that aren’t well-conceived, governed, secure or just plain important. By having an internal App Store governance process, where an administrator, group or governance body can review/approve/decline Apps, your organization’s mobile strategy will be even more effective.
Keep them small. Don’t try to recreate your entire SAP G/L interface as an App. App functionality can be a slippery slope and it’s easy to start throwing everything into them. Don’t. Think of every App as a single-purpose mini-application that must run not only in your Enterprise Portal(s) but ALSO on mobile devices. The ‘ALSO’ is important because mobile users mean your Apps must be designed to run seamlessly inside and outside the firewall, and they must adapt to the look-and-feel your mobile (especially iPad) users expect.
Be a like the power company. When it comes to mobile users, you need to plan for a different set of expectations and a fundamentally different set of usage patterns. They expect to access Apps anytime, anywhere. Your App infrastructure should be prepared for a sales manager who wants to check daily sales revenue from the restaurant on Saturday evening. That means your data sources, your security and governance infrastructure, and your human/technical support systems all need to operate in real-time.
Hopefully, these guidelines help you (and your CAO) begin to build your enterprise App Strategy. Remember, the best way to turn something into a big success is to build from many small successes. Start small and see where your App strategy takes you!