This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.
With the exploding success of the Apple and Android consumer app stores (Apple is poised to reach 1 million apps by year-end), it is not surprising that pundits are asking if the same success can be achieved with public business-to-business app stores. There are some unique challenges that public enterprise app stores, like an iTunes, would face, including:
" The high cost of enterprise apps (versus the "99 cent" apps common on consumer sites)
" The complexity of those apps, and the processes required within most large enterprises to deploy them properly
" The need to track those licenses for software compliance and software license optimization purposes
For these reasons, there does not yet appear to be an obvious public marketplace app store model that can compare to the iTunes experience. And unless and until these challenges are worked out, that's probably a good thing.
On the other hand, internal enterprise app stores are flourishing today. In this "consumerization of IT" age, in which IT management is under great pressure to deliver better, more user friendly service, internal enterprise app stores are an obvious solution. Their true utility is behind the corporate firewall, where IT can maintain security and control, and where employees can get the apps they need, when they need them, in a user-friendly, familiar self-service environment. Organizations seeking to deploy an enterprise app store should take the following into consideration to ensure success:
* Identifying need: When changing the focus from a consumer-oriented app store to an enterprise app store, organizations must address unique challenges around policies and security. Making applications available in an enterprise self-service model requires careful consideration and planning around visibility, approval and licensing requirements.
For instance, visibility requirements often arise around the needs of the business unit, role-based permissions, or even export compliance rules. Developing an appropriate structure within the app store to control what apps a user can request ensures the user gets what he is looking for while the enterprise maintains administrative control.
Moreover, the goal of the consumer-orientated app store is to expose users to as much product as possible -- individuals are encouraged to buy as much as they can, and upgrade to "premium" versions over "standard." In contrast, enterprise app stores require controls. For instance, giving employees the choice between standard, professional and premium versions without consideration to their business needs and feature requirement is a recipe for high license costs. Enterprises should therefore only make available a filtered catalog of apps, tailored to the role and needs of users within various departments, that meets actual business requirements -- no more, no less.
* Approvals: Once the system determines an application is available it must next evaluate approval conditions. While this is often done manually by the business owner (manager, cost center owner, etc.) certain applications may need further review by security teams and application owners to ensure the business case and use rights are valid. When cost is a consideration in determining approval, careful review of the application's intended use must match its functional specifications.
The app store, must therefore have robust workflow capabilities capable of being tailored to the needs of the organization. For instance, using the example above, workflow capabilities should be flexible enough to allow an app owner to review user requests, in addition to the manager. Once the manager has approved the request from a cost perspective and the app owner from a business need, the final step is to ensure that the licensing being issued is in compliance with the enterprise's software license agreement and entitlements.
* Software license optimization: The number of licenses an enterprise has rights to, and the specific manner in which those licenses are entitled to be used (its license position), plays a key role in managing an enterprise app store. If an enterprise issues licenses it doesn't have, or those licenses are issued in violation of specific entitlements in the license agreement, the enterprise can expose itself to unbudgeted six-, seven- and oftentimes eight-figure software audit "true-up" penalties.
Likewise, an enterprise app store must have similar hooks into license inventories to ensure all licenses purchased by the organization are used before new licenses are acquired. If there is unused software that can be reclaimed or reharvested to fulfil the employee app request, the app store must be smart enough to recognize these inventories, otherwise serious overspending on licenses will result.
This risk is not well understood by users, because apps are not paid for by the employee but rather by the organization. This disconnect often results in over-spend if proper inventories, license restrictions and use rights are not evaluated during the time of request, and if the app store does not apply appropriate rules.
The enterprise app sore should also provide safeguards preventing access to and download of applications unavailable due to licensing and entitlement restrictions.
With built-in app store capability to alter the approval process based on ever-changing usage of applications, licensing requirements and entitlement rights, enterprises can adapt quickly to license availability limitations and prevent non-compliant use that would subject them to software license audit risk.
Organizations implementing enterprise app stores that have also deployed sophisticated software license optimization systems are much better armed with the tools necessary to make real time decisions around licensing. Is there a surplus of available licenses for download? Can a license be used by this particular user in compliance with licensing terms?
Ensuring that the enterprise app store is integrated with the software license optimization solution allows faster business decisions and more sophisticated cost controls. And it provides the end user functionality demanded by today's users, without increasing audit exposure risks due to non-compliant use.
With these fundamental systems in place, the enterprise app store will function to the end user like the consumer app stores they are comfortable with -- while still ensuring central accountability and control.
Maureen Polte is senior director of product management at Flexera Software.
Read more about anti-malware in Network World's Anti-malware section.