Earlier this year, I blogged about an integral piece of an enterprise’s mobility strategy: lifecycle management. Since then the topic has taken hold, and noted Aberdeen analyst Andrew Borg covered it in "How to master the enterprise mobile app lifecycle."
The reason for this increased interest? The realization that enterprises are concerned about securing their data, not just the device.
That’s what we’ve been saying all along and have reiterated in the blog announcing our Day One readiness for Apple iOS 7. The best validation is the business-oriented features in iOS7. Open-in management to control which apps can be used to open documents. Per-app VPN to allow only managed apps to access the corporate intranet. Automatic data protection for third party apps to ensure that corporate data is secure. All this demonstrates an understanding of enterprises’ need to secure their data and ensure it is always under their control.
What’s the connection to app lifecycle management? In mobile, by managing the apps in which business data is used, IT can control its consumption, changes and eventual retirement. iOS 7 has added basic security capabilities which is a step towards more comprehensive app lifecycle management, something Good’s customers are intimately familiar with through their ongoing use of Good’s containerization technologies and the Good Dynamics Secure Mobility Platform.
Consider the following analysis by Melinda Ballou, program director for application lifecycle management & executive strategies, IDC Research, on the need for mobile app lifecycle management in the enterprise.
“While iOS 7 makes some improvements in the area of application encryption, in an enterprise environment, where data is moved between apps as part of a business workflow, app-to-app security is essential. Enterprises must understand and analyze application lifecycle management beyond the confines of traditional approaches and recognize that quality and security are both pressing and closely linked areas. IT leaders can raise the bar for how efficiency, quality and business risk mitigation are driven into application lifecycle management with comprehensive solutions that address security and management simultaneously.”
Everything has a finite lifetime, including data. For example, you would want only your current product pricelist to be used by your channel partners – and only them. Ensuring currency is difficult to enforce on PCs as multiple revisions of the same pricelist can live on in various Excel workbooks scattered across your partners’ hard drives. Restricting the pricelist to only your channel audience is also a challenge since those Excel workbooks are easy to share.
However, on smart devices, you could have far more control. Build a mobile optimized app with enterprise level security and controls, privately distribute it to your channel – and only your channel – via an enterprise app store and then manage its evolution. Pricelist updates, data wipes for misplaced or stolen devices, access changes (e.g., partners exiting your channel program), app improvements based on user feedback and eventual retirement of the app. That’s what app lifecycle management enables and with the Good Dynamics Secure Mobility Platform your organization can build enterprise-ready mobile apps and distribute and manage those apps through their evolution.
The best part is that it can be done without having to manage the device. Don’t get me wrong. I’m not dissing MDM. It has a place in an enterprise’s mobility strategy, which is why it’s part of the Good Dynamics Secure Mobility Platform. However, for a variety of logistical and regulatory reasons, it is often not possible have MDM on a device. For example, your channel partners will not give your organization device level control over their smart phones and tablets. Plus your IT team would say no to adding those channel partners to the corporate directory systems, the key control mechanism for devices under MDM control.
For IT, security of corporate data on mobile devices is a key concern. App lifecycle management will address that concern as it provides complete control over business information during its lifetime, independent of platform OS (i.e., it should simplify the IT cross-platform management headache), device ownership (i.e., BYOD or corporate liable) and device management (i.e., MDM or not). And because the focus is on protecting only corporate information and not encroaching on personal information, end user privacy can be protected – an important consideration for users since a single device is often used in both the work and personal spheres.