1. technology and computing
2. operating systems
3. windows

White Paper: Key Considerations for Taking a Microsoft Windows
8.1 Enterprise Application or “Apportal” Cross-Platform to iOS and/or
Android
Introduction
Today, public sector and commercial sector security professionals are struggling with consolidating
information in a meaningful way for their executives, channel partners, employees, and customers.
Employees must learn how to use multiple applications, tools, reports, and systems. Then they must
toggle between them throughout the day to get the information that they need extracted and packaged
up for stakeholders. All of this results in very low productivity and high frustration. In addition, employees
are moving between laptops, mobile phones, and tablets continuously. More than eighty percent of
mobile users are viewing information through Apps because viewing information on a device via a Web
browser is a very poor experience. The future of great experiences in the Enterprise will be viewing
enterprise information through Windows-based Apps.
An “Apportal” (pronounced App portal) is a Microsoft Windows 8.1 enterprise App that can integrate a
company’s entire Line of Business (LOB) stack, social media, news, and business intelligence into a
single, modern, touch-based experience seamlessly across Windows-based devices.
The concept behind a Windows Apportal, according to Microsoft, is simple—provide a single view of the
heterogeneous Apps that exist in organization today in an “on-the-glass” experience. Microsoft has been
evangelizing that in today’s diverse organization environments, it is not realistic or desirable to build a
single, monolithic application. Instead, organizations can use the flexibility of the Windows 8.1 OS to
create a UI-based virtual integration. With the help of firms like Bloom, business users can initiate a new
P a g e 1 | 10
way to experience information in the enterprise that is extremely simple, intuitive and designed
specifically for the modern UI. And, because the App can be customized and experienced based on the
user’s role in the organization using Active Directory, the experience is all the better.
With Windows 10 launching later this summer and new Cortana APIs that will allow users to interact with
their Enterprise App using voice, the demand for Windows-based enterprise applications for security
professionals will surge to deliver more relevant information to users quickly and to ease mobile
workflows.
Apportals are native to Windows,
and as such, bring the inherent
advantages of a Windows
application running on the
Microsoft network ecosystem.
This includes critical enterprise
security elements such as
transparent authentication, Single
Sign-On (SSO) capability, rolebased security, and integrated
enterprise identity management.
Bloom’s Company Apportal available on the Microsoft Store
Apportals work easily within the Microsoft network ecosystem, integrating easily into corporate security
policies. This is also true of Apportals that are deployed to Windows-based mobile devices such as the
Phone and Tablets. All of the advantages an Apportal has on a Microsoft network ecosystem are also
inherent to an Apportal that runs on a Windows mobile device.
Microsoft’s Patrol Car of the Future Apportal Concept for rugged, in-car laptops
P a g e 2 | 10
But what about non-Windows devices?
Most mobile devices are non-Windows, with Android accounting for approximately eighty two percent of
the mobile device market and iOS accounting for approximately fifteen percent. As mobile devices have
proliferated, the use of them for work-related tasks (especially e-mail and chat) has skyrocketed.
Accompanying this has been a surge in demand to have the same secure, seamless, company-specific and
job-specific mobile applications on non-Windows devices that already run on Windows desktops, laptops,
and mobile devices. As a result, many companies are looking to a Bring Your Own Device (BYOD) policy
for their Enterprise Mobile solution. This means that companies must find ways to incorporate personallyowned, non-Windows devices into their existing security policies for network, data, and applications. The
headache of creating, distributing, and maintaining applications for separate platforms like iOS and
Android, as well as securing the data and devices has led some to call BYOD “Bring Your Own Disaster.”
While this might be an exaggeration, it does reflect the difficulty many companies are facing as they try
to address usage of enterprise Apps via non-company issued mobile devices.
One of the main challenges is that these non-Windows mobile devices are running operating systems that
have significantly fewer capabilities in terms of native enterprise security than Windows-based devices.
According to Forrester research, enterprise security is the top Enterprise Mobility Management concern.
Given this reality, what is the best way for an organization to get an Apportal into the hands of nonWindows BYOD mobile device users while still addressing BYOD concerns? Until recently, it was necessary
to write a native application for each of the device operating systems, consuming significant resources to
create and maintain each of them. Luckily, there are a growing number of development frameworks
designed to make cross-platform mobile application development far faster and easier than it has been
in the past.
Cross-Platform Development Tools
There are multiple options for developing cross-platform Apportals that run on iOS (iPhone, iPad), and
Android. The four main categories of cross-platform development tools are: HTML5/JS/CSS, pure web,
Native, and Hybrid. The following is a comparison of the general pros and cons of each.
1. Web Toolkit
The primary cross-platform development frameworks are PhoneGap/Cordova, and Sencha. These are
examples of HTML5/JavaScript/CSS-based development frameworks. They use existing JavaScript libraries
such as AngularJS and Knockout to rapidly create applications that can run on any smartphone.
In essence, they create an empty native application shell hosting a WebView control which runs an
HTML5/JS/CSS application. These options are the most popular because of the substantial number of
developers who have HTML5/JS/CSS skills, and the speed with which they can create a native application.
 Pros: They are free (with payment usually only for professional support), it is relatively easy to
create applications, and there are numerous plug-ins and controls available. There is also a
relatively large pool of talent with the skills to use these. And the convenience of a single code
base for iOS and Android implementations, as well as a seamless update path for applications is
important.
 Cons: There is no Windows Apportal code reuse. This is a big one. There is also little to no access
to native APIs, and the performance issues of the more substantial applications compared to
P a g e 3 | 10
native applications. The lack of a native look and feel on each device might also be a problem. The
look-and-feel of the application will be the same (non-native) across all platforms, which could be
significant depending on your applications’ goals.
2. Pure Web Application
Another option is to have the Apportal be purely a web-based solution running only in the device’s web
browser.
 Pros: The advantages here are similar to those in the Web Toolkit approach. The browser-only
approach also takes advantage of web authentication and security mechanisms, which are
established and ubiquitous—if not seamless and transparent. A web application would use the
same HTML5/JS/CSS applications as the Web Toolkit options, but run only in the device’s web
browser instead of in a custom application with a WebView, making deployment and updates
convenient. The technologies are free, open-source, and have a large pool of skilled developers
and a number of toolkits that make development easy. The device fragmentation issue in Android
would be dramatically reduced.
 Cons: Again, No Windows Apportal code reuse. The browser has extremely limited access to
native APIs (mostly no access), and there are some cross-browser compatibility issues in that
different browsers (e.g. Chrome, Safari, IE) get updated capabilities at different rates. The
application is also unquestionably a web page, and so does not have the same conveniences—
including native controls and navigation—as a native application, and does not have the look and
feel of a dedicated application.
3. Native-based Development Framework
Xamarin and Appcelerator Titanium are currently the main cross-platform development platforms that
compile to native code on both iOS and Android (and Windows mobile), even as there are others on the
way. These have the singular advantage of compiling their applications to native code for each device,
which give them native performance.
Appcelerator Titanium
Titanium uses JavaScript as its language of choice. It is an open source cross-platform development
framework that has been packaged by Appcelerator, a private company. Appcelerator’s implementation
of Titanium is used to create cross-platform mobile applications that run on iOS, Android, and Windows
mobile.
 Pros: Like with PhoneGap, there are a lot of people with working knowledge of JavaScript. It runs
a native-looking UI on each device, although some of the nuances will be different for each device.
The native aspect of the framework means that it also has some ability to use native APIs for
features such as Bluetooth communications and camera.
 Cons: The code base, while common across iOS and Android, will be different from a native
Windows Apportal. It also has an immature development system, and the security integration is
not as seamless as in Xamarin.
Xamarin
Xamarin is a framework that grew out of Mono (Spanish for “Monkey”), which is an open-source
framework for cross-platform app development based on Microsoft’s C#. Like Titanium, it compiles to
native code for each device. It has its own integrated development environment (IDE), called Xamarin
P a g e 4 | 10
Studio. Even more useful though, is the fact that it is fully integrated into Visual Studio 2015, a much more
mature IDE.
 Pros: A large proportion of the Windows Apportal code can be reused. It also has the advantage
of running a native UI on each device. This gives it a native look and feel with the full power of the
native navigation and access to all of the native APIs. Xamarin uses Microsoft’s powerful C#
programming language and has recently adopted XAML Forms as a way of drawing the crossplatform UI screens.
 Together, this gives the Xamarin solution a compelling single code base for native-compiled
Apportal business logic. With XAML Forms, the UI layer can also be built with a single code base,
bringing a tremendous cost and time savings by having to maintain only one rather than two or
three code bases for the various mobile platforms.
 Another potentially decisive advantage of Xamarin is that user authentication with Azure Active
Directory, Azure Active Directory Premium, or Active Directory Authentication Library is native
rather than third party. Given the fundamental importance of security in an Enterprise Mobility
Management (EMM) strategy, having a core layer that connects natively to Microsoft network
authentication and security policies gives Xamarin a powerful leg up.
 Cons: With all of these advantages, there must, of course, be some disadvantages. These include
a steep learning curve for developers transitioning to it, a relatively high price for the
development environment (especially the integration with Visual Studio), testing environment
and support, an immature development system in Xamarin Studio, and the importance of having
a good understanding of native iOS development as well as native Android development to create
effective cross-platform applications.
4. Hybrid Solution
A hybrid solution is a way of getting some of the best of both native and web tools. This approach consists
of using a cross-platform Xamarin shell application to leverage the power of native code and native APIs
while using a hosted WebView similar to what Web Toolkit solutions use to host the views and
interactivity. This could either use only a WebView or use a combination of cross-platform XAML pages as
well as WebViews for interactivity. A skilled designer/developer team can make these seem seamless.
 Pros: The core app development and maintenance is made easier by using HTML5/JS libraries,
while still giving access to native APIs via Xamarin. It also makes most updates and changes easier,
as they can be delivered via a hosted web page instead of having be published and distributed via
the app store.
 Cons: No Windows Apportals code reuse. It requires a two-tiered implementation, with some
application capabilities running in the WebView and others running in the shell application. This
increases the complexity of overall maintenance by requiring it those two places.
The Best Choice
The best choice for implementing cross-platform Windows Apportals is Xamarin. The reuse of the
existing Windows Apportal business logic, combined with native performance as well as the security
advantages make it the clear winner.
P a g e 5 | 10
Capabilities
Xamarin
Development Framework
Titanium Pure HTML
Web Toolkit
Hybrid
Integrated AD security
Windows Apportal code reuse
Native UI
Native performance
Free toolkit
Comprehensive testing facilities
Large library of open-source
controls
Low cost
Access to native APIs
* The Hybrid has partial capabilities in each of these categories
Implementing Apportals on Non-Windows Devices
Now that you have an idea of what tools there are to create cross-platform Apportal solutions, let us take
a look at how well Apportals fit to each different type of platform.
iOS
Each of the cross-platform development technologies can be used to create your Apportal for iOS, but
with varying results.
Using Web Toolkit
 Pros
If an Apportal was created using a framework like Titanium having the Apportal running in a
hosted WebView, the HTML5/JavaScript/CSS would easily be able to show an Apportal with a
horizontally-scrolling executive dashboard or marketing view. This has the advantages listed with
the development environment (e.g. large number of available developers, free development
tools).
 Cons
The main drawback is, of course, that it would require creating a new and completely separate
codebase from the original Windows Apportal—meaning no Apportal code reuse. Also, including
the capability to seamlessly join the enterprise domain is a complex and tedious task at best,
currently requiring third-party tools. Recently Microsoft has simplified this process somewhat
with Office 365 and Azure Cloud Services, but is still lacks the elegance of the native approach.
Using Hybrid/Pure Web
This has the same advantages and disadvantages on iOS as the Web Toolkit approach.
Using Titanium
 Pros
The benefits of Titanium are partly the same as the other JavaScript-based options, which is that
P a g e 6 | 10
it uses an easy language that is well-known in the marketplace. The native look and feel is also a
benefit.
 Cons
Titanium has been accused of being laggy on iOS, especially when it comes to animations.
JavaScript is also generally regarded as ill-suited for all but the most basic applications.
Using Xamarin
 Pros
The Xamarin option has the benefit of being able to reuse almost all of the business logic code
base from the Windows Apportal as well as being able to use the Xamarin XAML for both the iOS
and the Android implementations. This gives at least the business logic layer a single codebase.
And while UI is a separate implementation, it still requires only one code base for Android and
iOS.
 Cons
As Xamarin compiles to native iOS, it uses a completely different visual interaction paradigm, and
a different navigation paradigm. This can be jarring to someone used to a regular Windows
Apportal experience.
Summary
The iOS devices are among the most expensive and are limited in many ways. The Apple App Store has a
notoriously tedious publication procedure that can sometimes take weeks or months to get an app or
update available to the end users. And this is even more difficult when looking to publish an application
to a private store. There are Mobile Device Management (MDM) solutions which address internal
application delivery, but they require additional expenses in purchase, installation, and management.
Apple’s iPad also has a more square form factor. This square form-factor (4:3) does not intuitively lend
itself to horizontal panning the way that most 16:9 PC and laptop monitors do.
While Apple’s hardware and software are of consistently high quality, the device limitations—especially
in joining AD domains and having network security policies enforced—are a critical shortcoming. There
are EMM systems to address this, but they have limited capabilities and if they are not already
implemented, doing this is a complex and expensive process. Using cross-platform development
technologies such as Xamarin and/or taking a hybrid approach, it is possible to get a decent Apportal-type
experience on Apple. But compared to the native ease of an Apportal in Windows, making Apportals on
Apple iOS is a considerably trickier and more expensive proposition.
Android
Using Web Toolkit or Hybrid/Pure Web
 Pros and Cons
These are the same as for iOS.
Using Titanium
 Pros and Cons
These are the same as for iOS.
P a g e 7 | 10
Using Xamarin
 Pros and Cons
These are the same as for iOS, except that Android has a similar navigation paradigm as
Windows, so that is not a drawback.
Summary
Android has the same Active Directory authentication challenges as iOS, and requires the same solution.
Android also has severe device fragmentation, as well as OS fragmentation, with many different
companies adding different capabilities to the Android base, since it is open source. There are estimates
of 10,000 or more combinations of devices, screen sizes, and orientations.
The most visible consequence of the device fragmentation is the way that images—especially icons—are
rendered. Because of the large number of resolutions and screen sizes, the visual design of the application
must be both flexible and also have enough assets of different resolutions to reduce the need for excessive
scaling when rendering the screen. So while the cross-platform solutions that work for iOS can also work
for Android, there is an additional degree of complexity required due to the device fragmentation.
While Google Play has a faster publishing turnaround time than iOS, it still has an external store. And, like
the iOS App Store, the process of making and maintaining a private section of the public Google Play store
can be cumbersome, as can using MDM infrastructure for an internal mobile application distribution
system.
Also, alarmingly, Android has by far the highest incidence of malware of any mobile device, making up
over 60 percent of the infected devices. By comparison, iOS, Windows Phone, Blackberry, and Symbian
together make up less than one percent of the total. And, unfortunately, Google has a reputation for
slow security updates. If BYOD weren’t a bad enough headache for IT, this can certainly increase the
pain level.
Advantages
Device Platform
Windows
Android
iOS
Minimal device fragmentation
Low Incidence of malware
Low cost device options
High market penetration
Effective Apportal form factor
Native AD authentication
Fast application publication time
Internal App Store publication option
P a g e 8 | 10
Windows Apportals
With Apportals, Active Directory authentication,
the simple, intuitive Apportal modern UI design,
and transparent logins are native to Windows
applications, whether they run on the desktop,
the laptop, the tablet, or the phone.
Furthermore, Microsoft’s One Windows
Platform approach and Universal Apps solution,
makes the creation of Apportals across different
form factors a more straightforward process
with a single code base. It is also easy to create
an internal app store on a company’s network
using InTune, which make the cataloging and
distribution of secure applications a more
manageable process.
Writing applications for Windows devices also allows the native use of Microsoft’s best-of-breed
development environment in Visual Studio. With its many tools and extensions, as well as its long track
record, Visual Studio simplifies the development process far more than other environments.
Far and away the most important aspect of mobile applications from the corporate perspective is security.
Windows phones and other devices provide a built-in ability to be managed by corporate security policies
with no additional tools or headaches.
The Bottom Line
To get the inherent advantages of Windows Apportals on a non-windows device, the best bet is
Xamarin. Not only do you get to reuse a large portion of the existing Apportals code base, it is likely
that you can even use the very same developers. While it is not free and open-source, and there is a
developer learning curve, the Total Cost of Ownership (TCO) looks to be lower due in large part to the
future headaches that can be avoided. The most prominent of these is the lowered cost of code
maintenance from having a smaller code base and the disasters avoided by having good security
capabilities built into the system. As companies continue to develop their BYOD policies, it makes sense
to go with the technologies that elegantly address the potentially costliest problems. None do this
better for Apportals than Windows and Xamarin.
P a g e 9 | 10
About the
Author
Mitch is a Senior Solution Architect at Bloom Consulting and
Manage Group, Inc., a Redmond-based business consulting and
application development firm and Microsoft born in the cloud
partner.
Mitch created his first software project—“Alphabet Invaders”—
at the age of 14 on the computer that was his birthday present.
Soon after he got his first computer-related job teaching software
development classes for a local computer store.
As the Senior Solution Architect for Bloom, Mitch is responsible for Windows 8 application development
innovation and leading Window 8 “Apportal” projects for the firm. Mitch has been part of several
technology startups, eventually co-founding a company that specialized in Port Security software,
working with the United States Coast Guard to help to protect the ports of Miami, Long Beach and
Seattle, among others. He was recruited by Microsoft where he worked for five years as an architect
and developer and eventually left to start his own consulting company.
About Bloom Consulting Group, Inc.
Bloom Consulting Group, Inc. is a world class business management consulting firm based in
Redmond, Washington that serves leading businesses and public sector organizations and is one of
the few partners in the U.S. trained by Microsoft in late 2014 to develop Windows 8.1 Enterprise
Apportals. Bloom helps clients grow their business by delivering a range of high-impact strategy
consulting, creative design, business intelligence, development (web, Windows application, mobile,
SharePoint), social, cloud, and project management services. For more than a decade, Bloom has been
proving that a boutique firm can attract top talent and make lasting improvements for clients at all
levels of their organization. Bloom Consulting Group, Inc. was purchased by Daves + Associates, Inc. in
2009 to strengthen its solution selling and cloud first, mobile first capability and is now a wholly owned
subsidiary. In the twelve years that the firm’s principals have worked together, the team has delivered
over 1000 projects and worked with Fortune 500 companies such as Xerox, Disney, HP, GardaWorld,
IBM, Cisco, Citrix, and Microsoft. In addition to the firm’s Redmond headquarters, Bloom has sales
offices in Atlanta, D.C., and Irvine.
WE CAN HELP YOU CREATE AN ENTERPRISE 8 OR 10 APPLICATION OR APPORTAL TODAY! AND WE CAN
DEVELOP IT CROSS PLATFORM.
Contact Bloom:
Email: [email protected]
Phone: 425-219-3518
Headquarters: 7730 Leary Way Redmond, WA
98052
Bloom Apportal developed for Windows, iOS, and Android
P a g e 10 | 10