Mobile apps allow workers to be productive anywhere. That’s a key reason why enterprises invest in mobile apps for their employees. Enterprises also have vast troves of on-premises data that enables this productivity through mobile apps, so there is incentive to allow access to it from mobile apps—but only if it is done in a secure manner.
However, organizations that are bought into Microsoft Endpoint Manager, and therefore Microsoft Intune for mobile devices and mobile apps, are faced with a couple of pressing issues when trying to enable all employees with secure access to these protected on-premises resources.
A primary issue is enabling remote access. Microsoft Intune is the component of Microsoft Endpoint Manager that provides both MDM (mobile device management) and MAM (mobile application management). Enabling access for employees whose devices are under Intune’s MDM controls is not a problem as Intune gives organizations the ability to add and configure VPN connections to managed devices. However, for employee-owned devices where employees permit organizations to have only MAM controls over enterprise apps, which is common for BYOD (Bring Your Own Device) scenarios, Microsoft does not offer a viable solution to enable secure remote access from Intune-enabled apps.
A secondary issue is enabling Intune’s MAM controls in the mobile apps that employees will use, most of which are from third-party app providers. Without MDM, Intune’s MAM controls are the only line of defense. Most third-party apps will not have Intune controls integrated into them and, while Microsoft provides basic app wrapping capabilities that add Intune controls into mobile apps without requiring code to be written, it doesn’t enable all of the capabilities available in the Intune MAM SDKs. This shortcoming, coupled with the lack of a viable solution for secure remote access from devices not enrolled in Intune, can be a showstopper.
Fortunately, there are viable alternatives, which are already being used by leading organizations. An in-app VPN that is optimized for mobile devices provides one part of the solution as it creates discrete per-app connections that work well in a BYOD context. An in-app VPN requires neither device management nor a device-level VPN in order to provide remote access, ensures that traffic from different apps is kept separate, and does not impact the use of personal apps. A no-code integration service that integrates Intune MAM SDKs and the in-app VPN into mobile apps without requiring source code access or developers to write code provides the remainder of the solution.
But an in-app VPN and no-code integration of Intune and the in-app VPN into mobile apps are a solution to one part of a much larger problem that organizations making a digital transformation face: app deployment. Other deployment activities, both required ones such as app signing and app distribution and optional ones such as app scanning and app protection, will need to be performed in order to get apps to end users. Each activity may require multiple steps. Coordinating those activities in the correct sequence to efficiently deploy mobile apps is no easy feat. Multiply that by the number of apps in the mobile app portfolio of a typical enterprise and that problem becomes significantly more intimidating.
Deployment orchestration provides an elegant solution, coordinating the activities needed—i.e., automatically integrating Intune and in-app VPNs, performing app signing and publishing to app stores—to get the appropriately modified apps to end users. In the process of streamlining app deployments by codifying the activities into workflows, organizations can realize measurable increases in ROI.
Enabling secure remote access and Intune controls in mobile apps achieves an organizational goal of allowing all employees to be productive anywhere. Getting it done without the need to write code lowers costs. Orchestrating deployments through workflows reduces wasted efforts, which also lowers costs. And since these activities—no-code integration and other app deployment tasks—will need to be multiple times a year for any apps, due to app updates, OS updates or SDK updates, those cost savings are magnified.
Increased productivity at a lower cost. What’s not to like.