Mobile Checklist:
Preparing for Building
an Enterprise App
Unlike fleeting consumer apps, enterprise mobile applications for a business are
transformative. Forward-thinking organizations are eager to take advantage of increased
mobility to empower their workforce and give them access to enterprise data. But
before jumping into development, many considerations must be taken into account to be
sure an enterprise is ready to deploy an app.
Like any project, whether it be software development or construction, preparation is
key in ensuring its success. When building a deck or patio, preparing a solid foundation
will make sure the resulting structure will stand for years. In mobile development,
understanding the environment within which an enterprise is working will accelerate
implementation and yield a smooth deployment process.
What follows is a list of items that should be considered before embarking on a mobile
project. Whether the app is created in-house, or by a third party vendor, going through
this checklist will prepare an enterprise for the successful development of its application.
Each item is grouped into one of five steps: Audience, Data, Infrastructure, Deployment,
and Support (ADIDS).
White Paper
Norton Lam
“An enterprise needs to understand the objective of mobile visitors through
current web site analytics and cater to their needs.”
Audience
outnumber iOS devices in the market and are making their
Determine the appropriate
audience
policies. Windows Phone isn’t a player yet, but should be
Developing use cases is a great way to develop an enterprise
mobile strategy. Use cases can help a company develop personas
to determine if one or multiple apps are needed. If multiple apps
are needed, a roadmap can be developed to implement all the
desired apps on an appropriate schedule.
By focusing on the application’s utility in contrast with these
personas, an enterprise will decrease cost, control scope, and
improve adoption rates. Personas also define if the app(s) should
be internal or external facing. Knowing whether the mobile
application being developed will be targeted to internal or external
customers will affect how the application will be deployed and
accessed.
Understanding the audience and developing the personas and
use cases will help with decisions further down in this checklist.
An added benefit is that stakeholders and developers will be on
the same page which will speed up implementation.
Understand the audience’s objective
A mobile user has a completely different objective than that
of a user visiting a web site on a desktop or laptop. A web
site visitor is probably looking for a lot of different kinds of
information while a mobile user tends to look for specific
information. An enterprise needs to understand the objective
of mobile visitors through current web site analytics and cater
to their needs.
Decide which platforms will be
supported
When prioritizing mobile platforms, it’s important to consider
each platform’s strengths. Apple’s iOS is a popular choice
because of their reputation and loyal fan base. Android devices
2 | Robust Mobile Security for the Enterprise
way into the enterprise through Bring Your Own Device (BYOD)
picking up market share with the release of new phones and
the buzz surrounding Windows 8. And while RIM’s BlackBerry
has seen its market share diminish, it is still the de facto choice
for some enterprises because of its robust security.
An enterprise should have an idea of which platform they
want to target and possibly narrow the choice as they progress
further down the checklist. Limiting the app to one platform
will decrease cost, but will also decrease the likelihood
of universal adoption. If multiple platforms are deemed
necessary, prioritizing the order in which the apps will be
developed will optimize the development process.
“Limiting the app to one platform
will decrease cost, but will also
decrease the likelihood of universal
adoption.”
Determine if native apps are possible or
if mobile web will be sufficient
An app developed natively for a platform will bring the richest
user experience and provide the best performance. Native apps
should be developed whenever possible. However, they require
specialized skills that can be expensive. Development also has to be
performed on a platform-by-platform basis, which increases cost.
Many times, developing a mobile web site using HTML5 is a good
alternative. One site can generally be deployed across multiple
platforms with interface tweaks for specific platforms. The tweaks,
however, can consume more development time than expected if
not managed correctly (see below).
Budgets and the skills of available resources—for development
disconnected at times (while on an airplane, for instance).
and support—will play a big part in this decision.
Decisions will need to be made about what data can be stored for
If mobile web, narrow the devices that
will access the site
offline access and what data needs to be up-to-the-minute. Device
While mobile web sites can be deployed to multiple platforms,
enterprises will generally want to customize the user interface
storage may play a part in those decisions. Even though many
of today’s devices have a significant amount of storage, it is still
limited. Images and videos can expose these limitations quickly.
to specific platforms. Not only can screen sizes and resolutions
Once the type of data that can be stored offline has been
differ, but the capabilities of mobile web browsers can differ
determined, securing it must be taken into account. Some devices
from phone to phone. Designing and implementing a mobile
can implicitly secure data local to the device, but enterprises that
web application for all these device configurations can get
encrypt the data themselves will get an added layer of security.
out of hand quickly unless project scope is narrowed to target
Many third party packages exist to implement enterprise class
specific devices.
security locally on the device.
Data
Infrastructure
Determine the data that will need
to be presented on the device
Identify which systems the
data resides on
Going through the exercise of determining the audience for a
Depending on the size of the enterprise, data can be divided
mobile app will help to determine the data that needs to be
between multitudes of systems. It’s important for an enterprise to
presented to that audience. Knowing the data will determine its
identify which systems hold the data needed for the mobile app so
sensitivity and in turn determine the security measures needed to
that access can be granted to the data.
protect the data.
Establish web services to access the data
Determine what, if any, data needs to be
accessible off-line
The best way for mobile devices to access enterprise data is through
web services. It doesn’t matter what technology the web services
Generally, everyone is connected all the time. However, worldwide
are developed in as long as they are well-defined. A well-defined
Internet access is not yet available and users will find themselves
interface can be used on multiple platforms and non-mobile
3 | Robust Mobile Security for the Enterprise
“If developing an internal app, the data is only as secure as the weakest link.
This includes the mobile devices themselves.”
Deployment
systems, reducing the need for repeated development and thereby
lowering cost.
App Stores
for External Apps
Secure the web services (HTTPS)
Securing data while it is in-transit is easy to do using the HTTPS
protocol for an enterprise’s web services. Data is encrypted before
it leaves one side of the transaction and decrypted when it gets to
the other side. Most IT departments are familiar with HTTPS and
can set up a web server implementing the protocol with little effort.
Allow for web services to be accessed
outside the network if needed
If the target audience needs to access the enterprise data from
outside the enterprise network, the web services, and therefore the
machines that house the web services, will need to be accessible
from outside the internal network. Most enterprises prevent
outsiders from accessing their internal network. A special machine
may need to be established outside the internal network to act as
an intermediary between external devices and the enterprise data
within the secured corporate network.
Secure the devices accessing the internal
network
If developing an internal app, the data is only as secure as the
weakest link. This includes the mobile devices themselves. Many
enterprises are adopting a BYOD policy because of the proliferation
of personal devices and because it saves money. However, devices
that don’t adhere to security standards are vulnerable to attack and
can compromise enterprise data.
Enterprises must establish security policies and implement a Mobile
Device Management (MDM) system to enforce said policies. MDM
software can enforce security policies in real-time as well as prevent
malicious applications from being installed. They can also remote
wipe data on a lost or stolen device.
When developing an app targeted to external customers, the app
will likely be placed on the iTunes App Store, Google Play (Android),
or Blackberry App World. Each medium will require its own
registration and submission fees Enterprises also must understand
what assets will be needed for each deployment. Each app store
requires different sized icons and screenshots. The number may
vary as well.
MAMs for Internal Apps
Internal apps need to be restricted to the enterprise’s employees
and that is not possible using the public app stores and markets.
MDM systems can also handle Mobile Application Management
(MAM) and deploy apps internally. If an enterprise doesn’t already
have an MDM system installed, it will need to evaluate potential
vendors and have one installed and ready prior to deployment.
Otherwise, the enterprise will need to determine another way to
deploy the app.
It’s also worth noting that Apple requires enterprises to obtain
an Enterprise Development license for apps deployed outside
of the public iTunes app store. The enterprise license process
could take several weeks to complete, so starting early is highly
recommended.
Support
Determine who will support &
maintain the app
Whether developing an app in-house or through a third party, the
group that supports an application is rarely the same as the group
that develops it. It’s important to identify the group that will be
tasked with supporting the app as it may affect the decision of
4 | Robust Mobile Security for the Enterprise
whether to develop an app natively or as a mobile web app.
a Mobile Device Management system, create an elite mobile app,
Plan ahead for knowledge transfer
and support the final product. Our end-to-end solutions have
A mobile app can’t simply be dropped on someone’s desk.
Knowledge transfer between the developers and support staff
should begin several weeks before the development process
completes. This will ensure a smooth transition and prevent the
support staff from having to ask questions of the developers after
the project has been handed off.
helped transform hundreds of businesses.
Summary
All too often, enterprises jump into mobile development without
taking into consideration the preparation needed to successfully
deploy an application. An enterprise should think through the
five major ADIDS steps prior to embarking on
“Preparing for mobile development can be a
daunting task. With experience in all facets
of mobile – design, development, deployment,
support, QA – Magenic is here to help.”
Magenic’s Mobile Expertise
Preparing for mobile development can be a daunting task.
With experience in all facets of mobile – design, development,
deployment, support, QA – Magenic is here to help. Magenic can
help determine the audience, decide on a target platform, set up
any enterprise mobile endeavor Each step will
help to form a strong foundation upon which
an application can be developed. During the
development of a mobile app, all of the ADIDS
steps will eventually be accomplished. Savvy
businesses will perform them proactively in
order to accelerate the development process while limiting the
risk of project delays and unforeseen complications. The careful
preparation that is built into ADIDS, helps avoid difficulties so
that development of an app for employees or customers can be
executed smoothly.
About the Author - Norton Lam
Norton Lam has been the mobile lead consultant for Magenic. He brings with
him more than 20 years of experience in the software development industry
and is particularly versed in Java and Android development. He holds a B.S. in
Computer Science and Math from Purdue.
About Magenic
Founded in 1995 by the same technical minds that still run the company,
Magenic focuses on the Microsoft stack and mobile application development.
Visit us at magenic.com or call us at 877.277.1044
to learn more or to engage Magenic today.
5 |Robust Mobile Security for the Enterprise