Sie sind auf Seite 1von 11

Mobile

App Management Best Practices


Mobile App Toolkit

Mobile App Toolkit


The Mobile App Toolkit is a set of documents, templates and guidelines that provide enterprise Mobile IT organizations with best practices for mobile app development and management. The toolkit is intended for organizations that are both developing mobile apps as well as distributing and managing apps to mobile devices. The goal of the toolkit is to answer two fundamental questions: What tools and resources will I need to develop apps? What tools and resources will I need to manage apps? The toolkit aims to answer these questions by adopting a lifecycle approach to mobile app development and management. It is broken down into four phases: Prepare, Develop, Rollout, and Sustain. The role of Mobile IT varies for each phase and for each company based on available resources, level of mobile maturity, and priority of mobile apps in the enterprise. With early IT involvement in app development, organizations can identify where apps may encounter problems later in the lifecycle, especially around security and compliance requirements for data protection, user authentication or enterprise integration. The purpose of the toolkit is to provide resources to Mobile IT teams so that they can provide information, guidance, and tools to business stakeholders to accelerate the development of mobile apps. One of the most important points to remember is that mobile apps are very different from desktop applications. To highlight this distinction, this paper will use the word app to indicate mobile applications and differentiate them from desktop applications, which designate desktop and legacy enterprise systems. Mobile apps, like the word, are smaller, faster and targeted to perform specific functions simply, and with a focus on the user experience. Mobile App Lifecycle The mobile app lifecycle describes the phases that a typical app goes through from concept to retirement. The lifecycle view shows how the impact of early design and development decisions effect later distribution and management activities. The holistic view obtained through the mobile app lifecycle approach allows companies to put critical components and processes in place early on, so as to save time and resources and minimize app revisions, which will delay development and increase management efforts. The phases described here may be expanded or combined depending on your environment and may be performed by multiple teams or by a single person. The important point is to follow the workflow of the lifecycle and focus on the critical activities and issues that need to be addressed at each phase of the lifecycle. 2012 MobileIron P a g e | 1

Mobile App Management Best Practices Mobile App Toolkit


The four phase mobile app lifecycle and related tools are listed below.

Prepare
Assess Mobile IT capability and ini?ate lifecycle Iden?fy and engage stakeholders Select and provide guidance to developers

Develop
Dene architecture, security and compliance standards Establish approved methods for access to enterprise systems Provide guidance on data and content management

Roll-out
Develop Mobile App Policy

Sustain

Implement and op?mize groups, policies and Create and manage opera?ons accounts Deploy self- service tools Plan distribu?on groups Create trouble- shoo?ng guides Set up metrics Create user communica?ons Automate maintenance and service ac?vi?es

The first two phases of the lifecycle focus on app development and are referred to as Mobile App Development. The last two phases, which focus on deployment and management, are referred to as Mobile App Management. Mobile App Development Mobile app projects are often initiated within business units such as sales and marketing. The first two areas where apps are often developed are in field service organizations and product teams. It is important to distinguish the differences between apps developed for public use and apps that are created for in-house use. Most companies have different workflows, lifecycles, and processes for public facing vs. enterprise apps. Many public apps are currently developed and published without IT based on existing marketing and branding programs that exist around product lines. In cases where mobile consumer apps are an extension of existing campaigns, IT may have little need or desire to be involved in the public app process. For public apps that fall within the purview of established marketing campaigns, mobile devices are another delivery channel in addition to media and web properties. Since most of the content delivered through the mobile app follows the same compliance, regulatory and disclosure requirements as existing channels, the content can be reused under the governance of existing information that has previously been vetted with legal and compliance organizations. Only if new content is developed for

2012 MobileIron

P a g e | 2

Mobile App Management Best Practices Mobile App Toolkit


the mobile app will additional approvals be necessary for regulated industries. At this time, the prevailing view is that IT involvement in public app development will depend on the tools, resources and maturity of the IT organization and the value that IT can bring to the development process. For enterprise apps, IT plays a much bigger role. IT primarily establishes the requirements for access to corporate resources, enterprise applications, and internal data sources. IT also addresses the security and compliance requirements for enterprise apps, which are substantially different from public apps. Once implemented, an app lifecycle methodology will facilitate Mobile ITs involvement in the development process. ITs role and influence will change as apps move through the lifecycle. In the Prepare and Develop phase, IT plays a consultative role to communicate and help plan how enterprise requirements can be met for mobile apps. Issues such as data protection, encryption, user authentication and authorization, network access and data integration are areas where IT should provide guidance to business app sponsors and developers. By establishing common ground with stakeholders, IT can identify potential issues and help mitigate them as part of the overall development effort. Prepare Phase Initiate the Lifecycle The initiation of an app development effort starts with a concept for a new app based on a variety of inputs. From marketing products and services to solving business problems to improving productivity and efficiency, mobile apps come in many forms for many reasons. Irrespective of where apps come from, a standard process is required to bring them into the app lifecycle. A mobile app inventory and assessment of IT capabilities is required to catalog and identify the app, check for existing duplicates, perform feasibility, strategic, and tactical reviews, and charter a development effort. Once approved for development, the app is tracked through the lifecycle process. Initially, stakeholder identification and management is important to establish communication channels and set expectations. Engage Stakeholders Different stakeholders will need to be engaged at different points in the lifecycle and will need a clear understanding of their respective roles and responsibilities. A kickoff meeting with stakeholders gets the process started and allows each members goals and concerns to be voiced. Typical stakeholders are listed below and may vary with your organizational structure.
Mobile App Stakeholders

Sponsor Finance End User Security


Business Lead Marketing Legal and Compliance IT

2012 MobileIron

P a g e | 3

Mobile App Management Best Practices Mobile App Toolkit


Select a Developer If the developer has not yet been chosen, enterprises may find a developer through the following means: Procurement department Referred by business, colleague or vendor Pre-approved and recommended by Mobile IT Referred by Apple Referred by/existing relationship with Marketing or Creative Agency Some considerations for the developer agreement include the points listed below. The guidance is to work with your procurement and legal departments to draft an agreement that meets current as well as future plans for strategic vendor relationships around source code, intellectual property, maintenance and management.
Developer Agreement Considerations

Source code agreements Intellectual property Support and Maintenance Non-disclosure Digital Certificate Use

Use of third party developers Digital rights Upgrades Reuse of code, code sharing

Mature organizations have standardized methods for accessing enterprise resources through mobile apps. Mobile IT can help app sponsors significantly accelerate development time by making enterprise-specific libraries and APIs that define authentication, data protection and security methods available to their selected developers. Developers use the libraries and enterprise tools to shorten development cycles and save valuable time during future security and compliance reviews as well as during connectivity and integration testing. Select App Architecture The app platform (or mobile OS) and architecture selected impacts the cost, scope, timeframe, maintenance, and, most importantly, end user experience with the app. Although selection is dependent on the scope, feature set, and function of the app, some general guidelines and decision choices are described below. Most enterprises have standardized on iOS as the enterprise mobile app platform. This decision was based on the early dominance of iOS in the enterprise today. Since Android continues to emerges as 2012 MobileIron P a g e | 4

Mobile App Management Best Practices Mobile App Toolkit


the second enterprise mobile platform, companies now need to perform an assessment of where and when to support and develop Android apps, and how to address the variety of devices, OS versions and screen sizes. Evolving technologies such as HTML5 and web services may be able to address some of the fragmentation challenges. Legacy platforms such as Windows Mobile and Blackberry have limited app development value expect for edge cases. Other potential platforms, such as QNX and Windows 8 have yet to be released. An app decision tool, which will be developed as part of the toolkit, will assist in establishing a repeatable process, with a methodology to map the requirements of an app to an appropriate platform and architecture. Some of decisions that the tool can assist with are described below. Platform (Mobile OS) selection: Almost all in-house apps being developed today are for iOS devices so this selection is a given. However, with the popularity of Android in the consumer marketplace, enterprises need to assess how to approach Android apps as a second mobile platform. The dependency for in-house Android app development is the support and management of enterprise Android devices, which becomes a pre-requisite to development. Mobile IT will need to develop guidance for the Android platform in the enterprise, if it has not already done so. Enterprise development for other mobile platforms is not relevant at this point in time, aside from creating or modifying web pages to display correctly on mobile browsers. Architecture selection: The three primary app architectures have emerged in the mobile space are described in the table below.
Mobile Architectures

Native apps: These apps are built to run exclusively on the device and are self- contained binaries that are installed and reside in local storage. Native apps are ideal for high performance, optimal user experience requirements. Also, native apps have the highest level of integration with on-board hardware and device capabilities. The downside is that they are more expensive and time consuming to develop and need to be built individually for each mobile platform. Web apps: For fast development at a low cost, web apps allow developers to reach the widest audience with a common set of tools and source code. Some customization is possible to address a variety of device capabilities but there are some drawbacks. Off-line use is not possible and the user experience is not as rich as with native or hybrid apps. The level of access to hardware capabilities is limited. With the evolution of HTML5 capabilities and greater integration with web to hardware interfaces, web apps are quickly becoming the preferred architecture platform for many developers.

2012 MobileIron

P a g e | 5

Mobile App Management Best Practices Mobile App Toolkit


Hybrid apps can be seen as either a compromise of native and web apps or a solution to address the deficiencies of both. For enterprises that have established services to leverage, hybrid apps can provide a fast development path to access internal applications and data. The disadvantage is that some native functions and performance speeds may not be accessible though hybrid apps, and additional effort must be made in data integration and normalization. For apps that manage and deliver large amounts of data, hybrid apps can solve the significant problem of content management.

Content Management System (CMS) Many first generation apps have embedded rich media content within the app, often causing the app to grow very large in size. By developing apps with advanced content delivery and management systems, developers are able to reduce the size of the app by installing a shell that downloads, synchronizes, and manages the content with a CMS. For many companies, the initial business case for deploying tablets was to replace workflows that involved the distribution and management of large volumes of printed documents. Migrating documents into an app or synchronizing them manually quickly became difficult to manage and maintain, especially where documents needed to be updated or modified, often for compliance purposes. The use of a CMS allows companies to make the model scalable, sustainable and cost effective while delivering a superior user experience.
CMS Benefits

Initial app download size and times are greatly reduced. Content is available offline use. Content can be managed for compliance purposes. Content is delivered intelligently, downloading only what the user needs. Content can be managed by user or group membership. Content can be tracked for audit purposes. Content can be optimized and delivered efficiently.

2012 MobileIron

P a g e | 6

Mobile App Management Best Practices Mobile App Toolkit


Mobile App Management Mobile App Management consists of the Roll-out and Sustain phases of the Mobile App Lifecycle. Once an app has been developed, approved and packaged for distribution, Mobile ITs role changes from guidance and consultation to execution and management. Apps must be distributed, supported and managed on a day to day basis. In order to perform and scale app management functions efficiently, Mobile IT will need tools, processes and resources to facilitate the Roll-out and Sustain phases. Mobile App Policy The primary driver for subsequent configuration and deployment activities is based on the Mobile App Policy. This policy will define what apps are appropriate and what apps are disallowed for business purposes, with an explanation of the underlying reasons for classifying apps as allowed or disallowed. Regulatory and compliance directives may dictate that certain apps not be used for business purposes. There may also be business and cultural reasons for restricting certain apps or app categories, such as games or social media apps. The policy will also define the financial model for app purchases and guidance on account management, allowances, and reimbursement policy. This may be part of a larger Mobile Device Policy or can be called out specifically in the Mobile App Policy. Once the Mobile App Policy has been defined, the roll-out phase can begin by deploying apps to users in a controlled and secure manner with a focus on scalability, efficiency and simplicity for end users. Unlike desktop application distribution systems, with mature tools and processes that have evolved over years, mobile app distribution systems are still nascent and present their own set of challenges. The expectations for mobile app distribution capabilities need to be reviewed when compared with desktop application distribution systems. As mobile management tools evolve and mature, additional capabilities will be available that meet or exceed existing desktop application solutions. Until such time, the tools and processes that Mobile IT organizations develop for distributing, maintaining and supporting mobile apps need to be planned in the context of mobile devices, rather than as extensions of desktop management systems. Phased Roll-out The first step to rolling out apps is to develop a well-formulated plan designed to deliver the expected number of apps to all potential user populations. Users who are already accustomed to a smooth app delivery experience on public app stores will expect a similar experience on the enterprise app store. In addition to providing a comparable user experience, Mobile IT must also enforce enterprise app policy, security, and governance. Considerations for app control policies, including whitelisting and blacklisting apps, compliance actions and app categorization are necessary before initiating the enterprise app storefront service. Another area that requires careful planning is the grouping of apps distributed to users and business units. Whether apps are distributed by AD group membership, regional locations, business units or other segmentation model, a blueprint for the categorization and distribution of apps and users is required. 2012 MobileIron P a g e | 7

Mobile App Management Best Practices Mobile App Toolkit


A phased roll-out plan will specify the infrastructure, policy and end user assets that need to be in place ahead of time, how apps will be deployed in a secure and controlled manner, and how to cover gaps through technical as well as non-technical approaches. App Store Account Management One of the thorny issues when deploying apps to enterprise users is the question of whether to use personal or business app store accounts to purchase apps. Many users already have personal accounts and prefer to use them for simplicity. Mobile IT needs to determine if the use of personal app store accounts can meet corporate requirements for security, regulatory, legal and privacy concerns while maintain a good user experience. The advantage of a personal account is that users only have one account to manage, which leads to a simplified user experience. The use of a separate business app store account may at first appear to provide a clean separation between personal and business use, but managing two accounts and the level of control that it actually provides requires careful review and comes with caveats. For example, the creation and maintenance of secondary corporate app store accounts will require resources to manage and augmented processes to overcome the enterprise challenges inherent in consumer-based services. In addition to password and account maintenance models, payment guidelines need to be established. From a financial perspective, payment for apps requires careful planning and understanding of the options available. Policies and guidelines will define what apps can be used and purchased for business purposes. Depending on how app store accounts are provisioned, reimbursement models will vary based on how apps are purchased. Apples Volume Purchase Plan can assist enterprises in deploying paid apps to users but the nuances of app ownership and portability based on App Store account need to be understood. App Metrics Guide App metrics come in two flavors individual app usage and web metrics that are normally built into the app and reported back to the app owner on specific activities that take place within the app as well as statistics on time and duration of app usage. From an administrative perspective, metrics can be collected on the collective use of apps across the mobile fleet as well as apps installed on specific devices. The app inventory is the basis of app control activities, where the presence of specific apps on devices can trigger alerts or compliance actions. As the availability of metrics beyond inventory become available on devices, additional metrics can be collected and coordinated with mobile metrics solutions.

2012 MobileIron

P a g e | 8

Mobile App Management Best Practices Mobile App Toolkit


User Communications In the mobile world, the user is king. This can cause conflict for IT organizations and organizational cultures where the trust level between users and the enterprise is low. Often in those environments, a great deal of time, effort, and resources are spent in mitigating the low underlying trust level, whatever the cause. Useful tools that educate the user and allow for self-remediation will engage the user and allow a higher level trust model.
User Guides and Tools

FAQs Self-Service Guides Training and Education o Online o Classroom o Documents and User Guides o Help Desk training

Shared responsibility model User Agreement Compliance remediation o Notification o Self-remediation guide

Sustain The last phase of the App Lifecycle is the Sustain phase where the app is in production and the role of Mobile IT is to support, maintain, upgrade and eventually retire the app. Important tools for day-to-day operations for administrators can be categorized into app control policy and management, app distribution management, and app upgrades and maintenance. App Control and Distribution App Control Policy and Management includes functions such as whitelisting, blacklisting, making apps required or recommended, and the compliance actions taken when devices fall out of compliance with corporate policy. Since every app cannot be reviewed for appropriate use, users will need to be educated on corporate policy along with the reasons for disallowed apps so that they can make an educated judgment when new apps become available. Also, certain apps may be allowed to be on the device but not allowed for business use. Clear communications detailing app policy, with examples of appropriate and inappropriate app use, will assist users in understanding how to safely and securely use apps for business purposes. App Distribution is managed through distribution lists or groups that determine which apps get distributed to which user. These groups can be managed individually but for large distribution lists, must be managed through a corporate directory structure such as Active Directory in order to scale and automate the distribution process. Administrators will need the ability to manage individual membership in groups in order to define how apps get distributed to specific users and departments.

2012 MobileIron

P a g e | 9

Mobile App Management Best Practices Mobile App Toolkit


App Management includes adding new apps for distribution, upgrading existing apps when new versions are available, and removing apps once they have been retired. For iOS apps, an annual process to re-sign and redeploy apps is required. Best practices and guidance for managing apps will be an important tool for operations and sustaining organizations. When apps are retired from the system or removed from devices, appropriate data handling procedures must be followed in order to remove and protect any corporate data that may have been part of the app. Self-Service and Troubleshooting Deploying a Self-Service Support Model is an important way to keep costs down and increase user satisfaction by allowing users to install and manage apps on their own in the same way consumers install and manage their own apps. The difference for enterprises is that users will need to be educated on which apps are appropriate for business use and which apps are disallowed. An explanation of the reasons for disallowed apps, such as compliance with regulatory rules, will also allow users to make informed decisions on their own as opposed to constantly referring to lists of approved apps. Also, automatically notifying the user when compliance actions are taken will allow continued reinforcement of good behavior by educating users on what actions break compliance rules. As part of the self-service model, troubleshooting guides will be necessary for both users and the help desk to step through problem resolution quickly and efficiently. Conclusion and Recommendations Mobile apps are opening up vast opportunities for enterprises to change the way they interact with their customers and employees. In many ways mobile apps are redefining fundamental business processes and changing peoples relationship with technology. During the initial phase of mobile device adoption, enterprises were focused on personal information management functions, specifically email, calendar and contact apps. For years, email was the only requested and used mobile app for the majority of mobile users. While email continues to be the killer mobile app, there has been a sea change in the way apps are used on mobile devices. Apps provide value to mobile. Apps are what make smartphones smart. While consumer services for discovering, installing and using apps have matured with evolved, enterprises are just beginning the journey to develop and distribute mobile apps to bring business value to their organizations.

2012 MobileIron

P a g e | 10

Mobile App Management Best Practices Mobile App Toolkit


Mobile App Toolkit The graphic below describes the tools that make up the App Toolkit, organized by phase. The toolkit materials will be made available as they are developed. Currently available materials include Mobile App Management Best Practices, Mobile App Maturity, Differences in Mobile App Management, and App Signing Guidelines.

2012 MobileIron

P a g e | 11

Das könnte Ihnen auch gefallen