BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Every company needs a mobile strategy to remain competitive; the reasons are plenty. Having made smartphones their primary computing and communications platform, customers and employees demand apps, rather than just reskinned webpages, while your competition is probably already using apps to provide new services, streamlined business processes and deeper customer engagement.
IT plays a critical role in the development and implementation of an organization's digital strategy, and that requires leadership from the top. CIOs must understand the strategic landscape for mobile and be the catalyst for change if organizations are to overcome inertia, and both technical and cultural challenges: Enterprise IT organizations have been slow to build and deploy mobile apps due to a lack of development expertise, tight budgets, new languages and development environments, unfamiliar Agile methodologies and release cycles, and the complexity of supporting two major operating systems with hundreds of device permutations. Indeed, a 2015 Gartner survey found that "the average number of custom apps per company that have been developed so far is less than 10, despite huge internal demands to mobilize." Without C-level IT leadership, IT organizations will languish behind their more innovative and aggressive peers in building the mobile skills and applications necessary to succeed in what some call the app economy.
Software automation and services, along with what the above Gartner analysis called "lightweight Web and mobile-style app integration," are the only way to cross the technological chasm without unrealistic injections of money and manpower.
Fortunately, mobile apps are ideal candidates for exploiting cloud services by using a bifurcated software design in which the native client app primarily handles the UI, information display and device sensors -- such as a GPS device, accelerometer and camera used primarily for data collection and UI enhancements -- while business logic, data access, analytics, synchronization and security are performed by cloud services better known as mobile backend as a service (MBaaS). It's an increasingly popular app design model that we guess has already surpassed Gartner's 2013 prediction of being employed in 40% of mobile app development projects by this year.
Mobile cloud features
Like other cloud services, MBaaS features are exposed and accessed via REST APIs, and typically include the following features:
- Data storage, management and synchronization. Not only is the amount of available storage on mobile devices inherently limited, much of the data needed by apps invariably resides on enterprise databases or with third-party data providers. Furthermore, mobile devices get lost, and as the Apple-FBI imbroglio demonstrated, a determined attacker can usually find a way to access information on any device they get their hands on. Add the fact that more people use apps from multiple devices and want a unified profile, app state and data set, and the inescapable conclusion is that persistent data is best kept on a secure back-end service. There, data can more easily be aggregated, filtered and analyzed using powerful server virtual machines, not a puny smartphone system-on-a-chip. Mobile back-end services provide a convenient client app interface to secure, encrypted data communication; persistent storage; and client synchronization.
- User identity and access management. Users hate creating new accounts with new passwords to remember, which means single sign-on is a necessity for enterprise apps. Mobile backend as a service can integrate with enterprise directories -- such as Active Directory, LDAP and VMware Identity Manager, among others -- or third-party credentials at sites like Salesforce or Google Apps to provide secure user authentication and authorization that can also exploit existing user and group role-based security policies. For example, Kinvey allows app developers to implement client logins with a single function call, eliminating the need to learn SAML or Active Directory API semantics.
- Mobile push notifications. Interfacing multiple mobile apps with two different client notification APIs is a chore. MBaaS solves this by providing a central notification queue that intermediates between back-end notification publishers and mobile client subscribers. For example, Amazon Web Services (AWS) Mobile Push provides a simple API that allows back-end apps to send messages to either a particular device or every client subscribed to a Simple Notification Service (SNS) topic. Furthermore, since SNS is the standard publish/subscribe messaging service for AWS, Mobile Push allows apps to receive notifications from any AWS service.
- Business and third-party systems integration. Enterprise apps often must use information from existing back-end systems, such as customer relationship management, ERP, finance and HR. They may also require information or functions from external applications, such as third-party data providers or software as a service (SaaS) accounts. Mobile back ends provide storage and API gateways that facilitate such access and allow processing the data in situ on the cloud before passing information back to the mobile client. API gateways also mean mobile apps are more easily extended, for example, by passing information, mashup-style, between apps using custom APIs.
Deployment and product options
We have focused on the mobile cloud, and, indeed, in our opinion, the best way to implement a bifurcated mobile app design is via a hybrid approach using a public cloud back end that connects to on-premises applications and data. All the major infrastructure as a service (IaaS) providers have mobile services: AWS Mobile Hub and Cognito, Azure Mobile App Service, and Google Firebase and App Engine. There is also a thriving market in MBaaS point products from companies like AnyPresence, Appcelerator, Kinvey, Kony, Red Hat FeedHenry and others that offer fully managed SaaS implementations.
Organizations that aren't comfortable adopting public cloud services or have a large and growing portfolio of mobile apps can opt to deploy many of these MBaaS products as a private cloud on internally managed systems. We don't think security concerns are a valid excuse for shying away from cloud services, but a traditional on-premises software deployment may be more cost-effective for organizations with a large app development pipeline and that are also looking for a fully integrated suite encompassing app design, development, testing, project management and runtime back end. We would still be cautious about this route, since the mobile backend as a service market is extremely dynamic, with new features constantly being added and niche vendors -- like FeedHenry -- being acquired and incorporated into larger cloud portfolios.
Organizations already using one of the major IaaS platforms should start their mobile cloud search there, since their respective feature sets are deep, competitive and growing.
What your developers should know about MBaaS
Networking strategy to support mobility