This post is from the Apperian blog and has not been updated since the original publish date.
App Wrapping is A Form of App Containerization
In the wake of the BYOD (bring your own device) movement, Gartner has had a lot to say about app containerization. The research firm listed it as one of the seven key components to look for in an enterprise mobility management solution, and since then we've been fielding a lot of questions about what it is and how it works.
What is app containerization?
When employees use their personal mobile devices for business purposes, enterprise apps and data become vulnerable if the right management policies are not in place. The aim of app containerization is to separate personal and corporate data through a series of technological features. This can include things such as; encryption, authentication, and other measures to protect from data leakage.
By creating an app container, corporate information can be protected in cases where the employee loses the device, cuts ties with the company, or in any number of other scenarios. Some argue that this makes it easier to enforce mobile application security policies.
This approach, however, is not without its pitfalls, specifically when it comes to usability. Requiring users to switch in and out of an app container between work and personal use is cumbersome, frustrating and generally leads to user abandonment and work-arounds. Device-implemented containerization can adversely affect performance, battery life, and the UX. Furthermore, it offers little protection from rooted or jailbroken devices. Then there are the problems that arise from enforcing policies on a device that is owned by the user, not the organization. Apps can also require additional work from developers to prepare them to work within a device-implemented container.
Where app wrapping fits in
App wrapping is a type of containerization and can used to isolate individual enterprise apps and data at the app-level, not the device-level. The granularity of an app container makes it well suited to a BYOD environment. By working at an app-level to support mobile application management (MAM) and institute security policies, employing app wrapping gives you all the benefits of containerization without the disadvantages.
From a technical standpoint, an Apperian wrapped app is “injected” with dynamic libraries, or “policies” to extend it with various security capabilities (e.g. encryption, authentication, VPN connections. etc.) or other behaviors (such as geolocation, self-updating and app-remote control).. These libraries are layered over the native binary of the application and are added after the application is compiled, meaning developers don’t need to become subject experts in FIPS-140 encryption, for example. In fact, it’s a non-technical Apperian administrator who applies these polices – no coding or SDK required. The end result is an app that is both secured and easily managed by an administrator.
Because app wrapping is not implemented on a device level, and in fact, users generally don’t know their apps have been wrapped and can still enjoy administrative control over the device they own. At the same time, organization can be rest assured that their apps and data are secure in each app container.
With BYOD more commonplace than ever, it only makes sense to move on from intrusive device-level management approaches to more contemporary application-level security strategies like app wrapping. Together with a comprehensive app lifecycle management suite, business leaders can create an environment where BYOD has the opportunity to flourish and stay safe.