Enterprise App Stores

PDF version of this report
You must have Adobe Acrobat reader to view, save, or print PDF files. The reader
is available for free

Enterprise App Stores

by Brady Hicks

Docid: 00021394

Publication Date: 2206

Report Type: TUTORIAL


The term "Enterprise App Store" refers to a collection of enterprise-selected
and/or customized software for employee mobile devices or tablets. Instead of
selecting and installing apps for users, IT administrators let staffers "shop" for their own. Some major
organizations employ this approach.
Enterprise App Stores offer potential advantages over public marketplaces in terms of security, manageability,
customizability, and user
productivity, even as the actual technology and best practices to govern them
continue to evolve.
As a result, organizations need to carefully plan before implementing their own
store. This tutorial takes a look at some of the necessary considerations needed
prior to deploying an Enterprise App Store.

Report Contents:


[return to top of this report]

An Enterprise App Store is a Web- or mobile-based app through which employees
can access, download, and install corporate hand-picked and approved apps for
work devices. In particular, the popularity of mobile apps for business has
pushed enterprises to find ways to both give employees the flexibility to pick
what is best for their own needs and to control what software they use.

Faulkner Reports
Application Platforms Tutorial
Applications Tutorial
Self Service
Concepts & Technology Tutorial
Management Tutorial

Private app stores aim to strike a balance between these two goals. Like the
large online app stores run by Apple, Google, and others, these private stores
present users with a catalog of software from which they can browse, sample, and
install. Unlike commercial sites, however, they are maintained by a single
enterprise and available only to that organization’s employees. The enterprise
chooses what software is included and how it is configured, thus ensuring that
users are getting "good" software while at the same time avoiding issues such as
malware infections and security flaws that could expose sensitive information.

Many private stores are built and maintained by enterprises themselves,
typically with the help of development tools from specialty companies such as
Appaloosa or Digital.ai, as well as, increasingly, from larger companies
such as HPE, SAP, and Salesforce.com. In addition, another model has emerged in
which a commercial app store maintains the infrastructure but customizes the
content according to the needs of a single enterprise, which is then given
exclusive access to a private site. Google’s and Microsoft’s online stores offer this option.

To build a private store, enterprises should focus on meeting their own
strategic goals and on satisfying the needs of their users, while also
establishing effective governance controls.


to top of this report]

advent of enterprise app stores has come at
a time when IT departments have begun to view their role as providing a
service to employees, and as employees have increasingly expected their
experience at work to be more like their experience with personal


some enterprises operate private stores to distribute mobile apps to
their employees. These stores present users with an interface that
looks like the public,
commercial app stores run by Apple and Google, whose mobile device
platforms lead the market. Users browse through the store and
select the apps they want. In most stores, the technology is in place
to enable an app to be installed automatically after the users selects
it. (Employees
would not typically be charged for downloading apps; instead, the
enterprise would cover licensing and other costs.)

Employees can connect their own phones and
to corporate networks, a trend called bring-your-own device
(BYOD), and they
are picking their own technology to use at work, which has come to be referred
to as
“self-service.” This arrangement puts an enterprise’s users
into the role of
customers, and places the IT department into the role of a
service provider. Instead of rigidly controlling the selection and
distribution of software, IT departments give employees a fair degree
of flexibility and independence.


while aiming to give users some freedom, one
of the main reasons that enterprises create private app stores is to
exert more
control over employee software access, in particular to avoid
the threat of the malware that sometimes appears within public stores. Estimates1 point to more than 35 million "mobile malware attacks" in
the fourth quarter of 2019 alone, an amount that is up by about 10 percent from
18Q4. Other findings include 50 percent Y2Y growth in mobile malware for 2019,
with "hidden" apps accounting for 30 percent of this increase.

Figure 1 illustrates this rapid growth of instances of mobile malware – both
mobile-specific and other forms – over the

Figure 1. Mobile Malware Growth

Figure 1. Mobile Malware Growth

Source: McAfee

Enterprises, of course, can restrict who can use their private store and what
they can download while they are there. They also determine what software is
available – which might include apps developed in-house and apps
licensed from a third-party developer – and how it will be configured. Other
recommendations, per Kaspersky2, include:

  • Restricting installs from "unknown sources"
  • Never overriding device restrictions
  • Following recommended updates and patches


[return to top
of this report]

vendors such as Digital.ai and Appaloosa have specific tools to help
enterprises create private app stores. This software gives organizations an interface

  • Resembles a commercial app store
  • Is designed to be visually appealing and easy to use
  • Add customized logos, look, and functionality
  • Offer trials

tools for creating private app stores work on most mobile platforms.
This multi-platform support is crucial because many enterprises are
now supporting a diverse range of devices. This is especially true of
enterprises that have BYOD programs, which typically lead to more
heterogeneous environments. Some commercial products for building stores also offer management
capabilities for:

  • Validating software
  • Deploying apps,
    including forcing required software onto employee devices
  • Configuring permissions
  • Authenticating users
  • Updating apps
  • Measuring use statistics


to top of this report]

Many believe that an increasing number of private app stores may use a model
that has recently emerged in which:

  • The commercial app store maintains a
    virtual private section for an for an enterprise’s employees
  • The
    enterprise determines which apps will be available within it
  • Companies do not
    have to maintain resources to develop and host their own stores.


Starting with the Windows 10 operating system, Microsoft implemented a
“private store” that can be created in the Microsoft Store for Business and Education so that
enterprises can select which apps will be made available to their
employees.3 Apps may include software
from Microsoft and third-party
developers, as well as customized software that the enterprise, itself, develops for
its users.


Similarly, Google
offers a customizable "collections" area4 for business and education
Google Workspace accounts. This function
allows enterprises to create a dedicated, private area within the
Chrome Web Store and brand the collection with the enterprise’s
name. Like Microsoft’s private site, this collection can host
commercial apps as well as software from the enterprise itself.


Salesforce.com’s AppExchange, likewise, provides an online software store5
that includes support for creating a
private, dedicated section. In addition to letting enterprises create private sections, Salesforce also
allows vendors to create their own public
app stores, so that they can sell their software. This tool, AppExchange Store Builder, is designed to
allow organizations to better
control the sale of their apps than they could by using one of
the large, public app stores. If this approach
becomes popular, enterprises with private stores may need to deal with
a range of providers instead of just the handful of major online
stores that distribute apps today.


Although less customizable, HPE also offers assorted "Company
Apps" for iOS6 and Android7 devices.


to top
of this report]

An Enterprise App Store’s
primary aim is to help employees do their jobs more effectively. While issues such as avoiding malware are important, the focus in designing a
store is best placed on business goals. Employees and other users should be consulted,
as they are the ones who will define what they need. If
these needs are not met, it is these users who will seek software from
other, perhaps more dangerous sources.

Developing a good store also involves considering
the needs of the
enterprise and its plans for the next few years. Building a store
entails making decisions such as about which apps employees will be
allowed to use and how they will be allowed to use them. To make these
decisions effectively, organizations need to consider their mobile plans
in light of their overall strategy, which will help in answering
the following questions:

  • What volumes of data will be
    stored and shared?
  • What types of data will be used?
  • What security requirements will
    need to be met?
  • What regulatory requirements
    will need to be met?
  • How many people will use the
  • What types of permissions must
    be automatically enforced?
  • What management capabilities
    will be required?
  • What monitoring and tracking
    capabilities will be required?

An enterprise also needs policies and procedures for evaluating and approving
software, especially if it comes from third parties. This evaluation has to
consider both user need as well as factors such as security and reliability.


[return to top
of this report]