The App Model’s Governance Gap


With all of the talk about moving IT systems and processes to the cloud, there is minimal discussion around the governance issues that come with managing this relatively new model. There are strikingly few governance options across hybrid cloud solutions and, at best, limited options in pure-cloud solutions when compared to the degree with which you can manage, automate, and govern your on premises solutions. There is much talk about online solutions reaching parity with their on prem counterparts, but not much talk about making the management and governance capabilities that we require at the enterprise level to be consistent, if not at parity. And for the most part, we’re still talking about the private cloud here, where most enterprise solutions live while we wait for the public cloud to mature.

The bigger gap, I would argue, is between our enterprise governance requirements and what is being delivered in the public cloud. Reporting options are limited, at best. And because features are not yet at parity, what you can control and automate is also limited. The end result is that many organizations are finding that managing hybrid environments is exponentially more complex than on prem (or pure-cloud, for that matter) can be on its own.

Now add mobile apps to the mix. An October 2013 article is SDTimes (Is the future of enterprise apps in the public cloud? Yes, MAM) author Alyson Behr shares that large enterprises are increasingly planning for large app stores, which according to ABI Research, will grow at 30.4% year-over-year. With the need to distribute apps across a wide variety of devices — and then manage them within corporate governance standards, Behr introduces the idea of Mobile Application Management (MAM), and quotes Jason McNicol, a senior analyst at ABI Research, regarding the limitations of this approach:

"Adoption of BYOD has led to an influx of third-party apps being used to support business functions. Instead of blacklisting these apps, enterprises are embracing, securing, and deploying third-party apps through the enterprise app store. Some firms may purchase a MAM solution as their first step toward enterprise mobility, but later realize MAM did not solve all of the enterprise needs.

“When building an enterprise app, developers needs to consider how the app will interface with other solutions.

“Security is *the* issue when discussing the enterprise."

The focus of many enterprise IT organizations on the user experience (UX) is a good thing, but the rush toward new platforms (social, cloud, mobile) must be tempered by sound governance principles, ensuring data and key intellectual property remains secure, compliant, and ultimately — manageable.

Christian Buckley

Christian is a Microsoft Regional Director and M365 Apps & Services MVP, and an award-winning product marketer and technology evangelist, based in Silicon Slopes (Lehi), Utah. He is the Director of North American Partner Management for leading ISV Rencore (, leads content strategy for TekkiGurus, and is an advisor for both revealit.TV and WellnessWits. He hosts the monthly #CollabTalk TweetJam, the weekly #CollabTalk Podcast, and the Microsoft 365 Ask-Me-Anything (#M365AMA) series.