Gartner: Quarter of enterprises to create app store in next five years

Bring your own app (BYOA) trend creating security headaches for IT staff

A quarter of all enterprises will create their own app store in the next five years, according to a report from analysts at Gartner, as IT staff seek to manage the threat posed by the growing bring your own app (BYOA) trend.

As bring your own device (BYOD) schemes gain traction, employees are increasingly able to access software apps through public stores such as Apple's App Store and Google Play, creating potential problems for IT security. In order to manage the security risks, Gartner predicts that 25 percent of large organisations will introduce their own internally managed app store by 2017, as they seek to gain more control over software accessed through employee's smartphones and tablets.

"Apps downloaded from public app stores for mobile devices disrupt IT security, application and procurement strategies," said Ian Finley, research vice president at Gartner. "Bring your own application (BYOA) has become as important as bring your own device (BYOD) in the development of a comprehensive mobile strategy, and the trend toward BYOA has begun to affect desktop and Web applications as well."

The report notes that there are a number of benefits of introducing an entrpise app store aside from greater security, such as in the procurement of software. As well as automating the procurement of enterprise software licenses, it could put companies in a better position to negotiate license terms with suppliers, the report claims.

"Enterprise app stores enable procurement to broaden user choice by encouraging providers to submit competing apps, and to monitor demand for popular apps that may benefit from better negotiation of license terms and prices," said Stewart Buchanan, research vice president at Gartner.

In addition, IT staff could benefit from feedback for specific apps, and gain an oversight of the popularity of individual apps.

It is already possible to provision apps to employees using existing mobile device management (MDM) systems, but many enterprises are already looking to offer a wider range of apps.

"Today, most MDM providers have a simple way of extending apps to mobile devices, usually through a basic agent on the device," said Finley, "but many are launching more-sophisticated app stores that can host enterprise and third-party apps to be accessed by smartphones, tablets and PCs."

The main stumbling block around the introduction of enterprise app stores is that a large enough choice will need to be offered to employees, or they could revert to public app stores for certain software. This could cancel out the security benefits of an internally curated enterprise app store.

"The implementation of an enterprise app store should be seen as a component of an organisation's application strategy, rather than infrastructure strategy," said Brian Prentice, research vice president at Gartner. "The primary determinant of success is app supply."

He continued: "As a result, application leaders should be given overall responsibility for any app store initiative, but they should work in a collaborative fashion with other teams. The types of apps downloaded and used provide important information as to what types of solutions are of value to each type of user."

Tags: Mobile & Wireless, Gartner, Apple, Google, applications, security, software

Google introduces Chrome 'factory reset' pop-ups to tackle extensions hijacks

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

ZENworks® Endpoint Security Management

Get Powerful Protection for All of Your Mobile Devices

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.