Solving IT's mobile app deployment dilemma

Users want iPhones, iPads, and Android devices; IT wants to control application delivery and security. New management tools give them both what they want

You may have heard the ugly, disease-evoking acronyms MEAP and MCAP, which AT&T and Verizon Wireless have been pitching for a few years in their attempts to be the applications-provisioning tollbooth between IT and mobile users. That push initially meant using their apps, then it meant provisioning apps only to users on their specific networks. Not surprisingly, MEAP/MCAP fell with a thud, and IT administrators were left with no elegant way to provision enterprise apps to mobile users in a manner they could secure, monitor, and manage.

That's changing, thanks to new mobile app management (MAM) tools such as Antenna Software's Volt and the app-provisioning features in some mobile device management (MDM) suites, including those from Good Technology, MobileIron, and Trellia. The emerging tools let IT do more than create enterprise app stores from which employees download software to their iPhones, iPads, and Android devices -- after all, you can do that with no extra tools on both iOS and Android by providing links from a secure Web page to the downloads.

[ Read Peter Wayner's series of HTML5 how-tos: local storage, forms, and canvas tags and media. | Keep up on key mobile developments and insights via Galen's Twitter feed and with the Mobile Edge blog and Mobilize newsletter. ]

What emerging tools such as Volt let you do is create HTML5-based apps that can tap into devices' native capabilities through JavaScript API extensions from Apple, Google, and others, as well as via W3C-supported BONDI APIs. (Those extensions allow, for example, the capturing of signatures through a canvas tag or the generation of bar codes.) You develop these HTML5 apps in your IDE of choice (even a text editor), but you do have to use Antenna's APIs for the apps to work within the Volt client and be provisionable and manageable by the Antenna Mobile Platform (AMP) server.

From there, you can code installation profiles based on user policies such as roles. When a user logs into the (usually hosted) server, the apps tied to his or her profile are downloaded to the device. The server also pushes updates and gives IT a console for monitoring usage, changing application permissions, locking down data, and wiping apps when a user leaves the company or changes roles.

Other tools such as Ondeego's AppCentral offer similar capabilities. However, the combination of the Volt client and AMP hosted server appears to be more appropriate for enterprises, in terms of integration with policy servers such as LDAP, integration with MDM tools, and use of high-level encryption and authentication technologies. (AT&T uses AMP in its Workbench offering, but the Volt/AMP pairing is not limited to AT&T-connected devices, as Workbench is.) The Volt client was released this month for iPhones running iOS 4 and devices running Android OS 2.1 through 2.3; iPad-savvy, Android 3.0, and BlackBerry OS 6 versions are planned by summer.

How the new breed of mobile app managers work
The enterprise-created HTML5 apps provisioned through Volt are kept in their own workspaces, so their data is encrypted and separated from the device's other info. Apple's iOS natively supports such encryption and separation, but Google's Android does not. Because the enterprise HTML5 apps run within Volt, the AMP server can directly manage them, without affecting the device's other apps.

In the case of iOS, the AMP server can also manage native apps provisioned through AMP or through an MDM integrated with AMP. Likewise, an MDM tool that integrates with AMP can manage apps provisioned by AMP (HTML5 and native) or by the tool itself (native). Either way, the HTML5 apps provisioned through Volt work offline, syncing data when reconnected.

1 2 Page 1
Page 1 of 2