Why putting your enterprise apps in a public app store is dangerous

There are many different ways to distribute enterprise mobile apps. Two popular methods are via app stores, either public or private. At first glance, a public app store may seem like a viable solution – cheap to use, and leverages a model that your end users are familiar with. However, this is not only a poor user experience and an administrative headache – it’s actually dangerous to your organization’s security and reputation.

Finding your app

The first issue for your users will be finding your app; this is a huge barrier to app adoption. Forcing your users to search for your app out of millions in the public ecosystem causes huge headaches. Administrators often try emailing out direct links to the public app store, but then they need to curate links for the correct users, some users won’t find the email, support tickets start to roll in, and the deployment is a failure. Unfortunately, even worse things can go wrong. If you have a private version of a public app, like Dropbox, and a user accidentally downloads the public version, sensitive company information can leak out without your users even knowing. Or, they may decide the whole process is a hassle and not use your app at all. This destroys the ROI of your app and defeats the point of building it. Custom app stores solve this problem by giving each user a branded app store that is built solely for their organization to use. In this case, users see the exact apps curated for them based on their role in the company, and don’t worry about installing the wrong thing.

Public app store = publicly available apps

Having an app in a public app store means anyone can install it. You may think putting a login gate on the app will keep it protected – while this may prevent any random person from accessing the content displayed when a user logs in, any hacker with a moderate amount of skill can easily access the app’s data. There are many open source tools that make decompiling and analyzing iOS and Android apps a cinch. Any assets and data baked into an app – images, text, API keys, internal company URL’s, etc. – are easily retrievable from the application binary. Of course, if someone were to steal an employee’s device, data could be analyzed as well. But using a custom app store greatly reduces the attack vector by limiting the amount of users of the app to your own employees. Putting an app in the public app store is like shouting to hackers with a mega phone – “Our internal company app is here! Try and get our secrets!” Also, advanced mobile application management (MAM) platforms use a variety of app-level wrapping technologies. These automatically add data at rest (DAR) encryption, VPN, and data in use (DIU) inter-process communication encryption that make extracting information from apps extremely difficult, so your organization’s risk is greatly reduced.

Public app stores are not built for app management

Mobile application management platforms have a wide variety of use cases whereas managing apps in a public app store provides a very limited set of features that were not created for the enterprise app use-case. For instance, the iOS App Store requires that Apple review every app and update that gets released on their system. This makes updating and releasing apps a long and inefficient process. Also in this case, if a security hole is discovered, and your app requires a critical security fix, you’ll need to wait for Apple to approve it before your users can get it. Even further, you can’t force your users to update the app. Mobile application management platforms are completely configurable and with open APIs integration is simple. MAM users can push app updates directly from their build server, instantly providing the latest version to their users. You don’t need approval for your app – everything is instantaneous, smooth, and built from the ground up to make managing and deploying enterprise apps as easy and straight forward as possible. Fully equipped with a self-updating apps feature, you can easily force all of your users to update to the latest version to ensure compliance and squash security holes ASAP. Robust mobile application management platforms also provide analytics that give immediate insight into which users have what app version, how often they use it, and any risky app behavior.