How (not) to manage apps in an iOS and Android world

As users get apps from an app store, how does IT manage and support them. Guess what? It doesn't

Page 3 of 4

In this new world, commercial apps are treated the same as devices: It's a bring-your-own reality, where the license is associated to the individual, regardless of who ends up shouldering the cost. And at the small costs of mobile apps, having a labor- and technology-intensive process to manage their purchases and track their installation is simply out of whack with the reality on the ground. (Yes, I know there are certain organizations that need strict controls. They'll continue to work that way, as they should. But you have to ask yourself honestly, what control do you really need over apps and endpoint devices. It's not as much as you're used to.)

These commercial apps are not part of the MAM mix, though some MDM tools let you restrict which apps can be installed on a user's device authorized to access your network. Realistically, however, this approach works only for highly controlled devcies, such as iPads used in a retail store by all employees; it's not feasible for bring-your-own devices.

But your private, internal apps are assumed to be managed, either in a lightweight way such as being downloaded (if a native app) or accessed (if a Web app) from an intranet site (VPN-protected, I would hope). You may use a MAM tool to manage them, such as to remove apps from contractor and employee devices when they leave the project or company. The use of MAM makes sense for apps that run locally and don't require access to resources in your data center -- in other words, a stand-alone tool that you don't want a person using at another business. Likewise, MAM makes sense for removing or disabling apps that store sensitive data locally on a device.

However, most internal apps are really front ends to an internal resources -- ERP, CRM, IT management console, databases, BI, VDI, and the like -- for which you exercise your control by managing access to the internal resource. In other words, you should disable access to that information for that user, regardless of the apps they might work with. They may still have the apps, but they can't access or work on the data.

This realization explains why so many businesses are enamored with tools like Citrix Receiver -- essentially the same model of a Web app and should be of your native client apps. This access-control approach -- rather than app management approach -- is both safer and easier than trying to track every endpoint app (including browser) a user may leverage to access that information. Plus, this access-control approach applies to any device: smartphone, tablet, computer, and whatever else may be on the horizon, whether owned by the business, the user, or both.

| 1 2 3 4 Page 3