What's going on in the development of corporate mobile applications

In 2013, the market for mobile development for business was estimated at $ 245 million. In 2016, our market should have been $ 1 billion, but, most likely, it will be slightly lower due to the economic situation and sanctions. According to some estimates, this is about half of the total mobile development market.

People get used to working with tablets and phones, they get used to having access to corporate services in cafes, on airplanes, in cars — and employers want employees to be in touch outside their offices as well. From here and such growth of the direction.
')
The Russian segment is also a lot of “improvements in the file” , because turnkey solutions for our big business are not suitable. Plus a sea of integration with zoos of corporate systems, this is also a large share of the development. At the same time, today half of manufacturing companies, retailers and government organizations in Russia do not have their own applications. An example of a complex application is here .

Below is a more technical overview of the situation and a number of rakes. Starting from such obvious ones as the fact that if you are engaged in nuclear energy, you probably should not do the storage of documents through Google.Drive.

Why do we need these business applications so dramatically?

In 2013, the share of office workers using phones and tablets in the case exceeded 50%. And the leaders suddenly realized that when a person has a phone with him, then:

He can work 24 hours a day, because he has the phone with him, and if something is urgently needed, he will answer;
The man himself, voluntarily, was hung with sensors, in particular, geo-location;
It is better to be able to control corporate data on the phone than not to have it;
Anyway, he will climb into the network for important documents from the phone, so it is better to protect this exchange.

The first swallows were remote workplaces, such as terminals “punching through the base” of rights by traffic police officers and terminals for checking passports of the Ministry of Internal Affairs. Then a business tied up with logistics joined up - first, trucks began to be tracked, and then full-fledged applications for couriers and merchandisers appeared. For example, the courier delivers the order, he notes in the application that the order has been delivered. If the client starts saying that there is no order, you can check the track of the courier via GPS.

Now we already see that the workplace is three screens. Desktop, tablet and phone. Information sharing does not stop. Previously, the office was limited to the LAN perimeter, but now everything has started to change dramatically.

Mobility, of course, is needed by no means to all office workers. Accounting for a long time will work with the desktop. On the other hand, couriers, traveling employees and tops have long and firmly settled on tablets and phones. They were quickly joined by lawyers, insurance agents, and other people who needed a database at hand or some complicated calculator.

Naturally, the staff is not always happy. For example, the adorable chip for Android phones is a remote wipe in case of dismissal. If Blackberry has a well-demarcated corporate memory and ordinary user memory (and the contact of the counterparty cannot be transferred from one to another, for example), then the other OSs are still growing to that.

Employers are happy, of course. You can write a letter or agree a document outside working hours. Personal time? No, not heard. In the US, for example, they do strange things in places using mobile apps. For example, they check that the employee actually went on a business trip and actually stayed at the hotel from where he brought the documents. Or roaming is paid only during working hours.

But, of course, epic failures also happen with incomprehension. Mobilization requires additional costs for the security of corporate resources. First you need to protect the internal Wi-Fi network, then implement microVPN for remote connections, then think about MDM systems for managing profiles and application / certificate updates, blocking and wiping stolen devices and so on.

Another important moment of implementation is that document management should be made secure, and more often than teaching people, it is easier to pick up applications that they themselves can and VPN, and everything else. Prior to this, for example, there were cases when employees did not read the licenses of the same “Google” about the fact that as soon as you upload a document there, you are not sure to complain that it is no longer yours. The security guards already understood that they wouldn’t take away the phones anyway, and they are forced to love mobile document circulation for security. The same SAP seems to be a “foreign aggressor”, and it seems that FSTEC has been certified that they have no bookmarks. In general, there are only a few companies in Russia that are trying in this direction (below), so there is no one to choose from.

Where are these applications put?

Sometimes the company buys iron itself and distributes it to employees. The clearest example is the Russian Railways with their “bulletproof” smartphone, on which you can drop a brick.

The second option is industrial devices, such as tablets, which are tightly welded to the machine tools or are generally part of them.

The third option is personal devices, this is the so-called BYOD concept.

Let's go over each. It is tempting in BYOD that it seems to be cheap to use employees' smartphones, you don’t need to buy anything. But it is necessary to maintain a whole zoo of axes and iron, plus you need to constantly think about security. Both iOS and Android are developing in the direction of supporting special workspaces that are separated from user personal ones, but so far anyway, particularly tricky can do anything on their devices. Although, of course, Android 5.0 took a big step towards business users, in particular, built-in encryption appeared. For BYOD, it is very important to have expensive and multifunctional solutions of the Enterprise Mobile Management class (this is MDM + MAM + MIM), that is, centralized application management, VPN access for mobile devices, software updates, policy policing, and so on.

In the case of their corporate devices, you can provide much tighter control over the data. For example, there is even a domestic development, Shaitan-brick, which works on its own special Linux without any unnecessary skirts. They are going to undergo a full certification so that the devil-brick was available for state institutions. I have already seen the device live (with an incomplete set of software) and I can say that I am most pleased with 70–80 hours of regular work. In the sense - 3 days without charging, simply due to the lack of a heap of background processes like media caching, pushing, and so on.

Russian solutions

Here is a list of domestic and open source vendors:

CDC Group of Companies supplies Russian-made software products based on the OPTIMUM technology platform, which allows you to create multi-functional automation solutions for mobile personnel and add additional modules as needed. CDC customers include more than 4,500 companies, most of which are Russian market leaders.
NIIS OKB - Russian MDM, the product is called SafePhone PLUS .
WSO2 Enterprise Mobility Manager - open source MDM.
Openmeap is an open source map that is used in a lot of places.

If you have something to add - write in the comments.

Alternatives to the application

An alternative to a mobile application is either terminal access to the “big” desktop version (I even know people who use 1C: Enterprise so from phones), or a web-snout of the same application.

The problems are obvious:

Browsers are not so optimized to provide fast performance in remote complex applications. In the application, the same code, for example, responsible for rendering dozens of fields, is executed much faster. Over time, the gap between the hardware purchased by the company and the web technologies is growing, and it is becoming harder and harder to work. On the other hand, applications that are optimized even for the oldest models of tablets and phones are routine. Response time is one of the main indicators of application usability for practical tasks.
In the case of terminal or web access, it will not work offline. You can work with the mobile application at any time, and as soon as synchronization occurs, the data will go to the system. This is very convenient for those who travel a lot or often run to the shop, for example. Loss of communication does not become a disaster and does not lead to data loss.
Providing terminal access to the internal corporate environment from mobile devices is a special task. In practice, no one will adjust the interface to the device, think about the convenience of the user. It will be convenient to work except from a laptop.
The mobile application can be installed not only on a smartphone or tablet, but also on industrial devices, which in principle cannot be or extremely inconvenient to connect to the web environment. For example, there is an application for managing the maintenance and repair of equipment in industrial plants. Often special devices do not contain a browser at all, like the same courier services reader.
Terminal access, relatively speaking, provides the ability to access the "picture with buttons" and does not allow the full use of the functionality of a mobile device. For example, insurers can take pictures of dents on cars and immediately transfer them to the office using a mobile application. With web access or terminal access, this cannot be done as quickly. They also have a photo check in the same application, implying that there were no image modifications between the camera and the application.
Another example is the mobile version of the company's website with sales. You can simply make a mobile layout of the site, or you can use a separate application with the ability to log into your personal account, auto-track location, upload a personal profile photo, bind a phone number for SMS alerts and more. As a rule, for many regular customers or counterparties, the application on the head is more convenient. From the point of view of commerce, PUSH-alerts are an opportunity to keep up to date with stocks in stores, taking into account geo-location.
In the case of terminal access, transferring data from one IT tool to another is difficult. For example, in the case of a mobile application, you can create or edit a document in the "Office", load it into the application and send it back, or you can simply upload something to your mobile device and save it.

There was an example when production workers could not work through web access at all: there is no 500 megabyte cache, no offline.

Experience of implementation, the facts in bulk

Recently appeared the magic product SAP Mobile Documents. This is a native application that allows you to work with documents from various sources and their functionality, for example, the check-in | out mechanism. Also organized mechanisms for safe operation and storage of these files, for example, the life of a folder, document, restrictions on actions with the document: reading, downloading, printing, deleting, and so on. This thing has web and desktop versions. It is still very fresh, but many already like it. We have one big introduction. It is especially pleasant that he knows how to connect out of the box with the same Sharepoint 2010 and sap-services. While the product is fresh, the vendor often gives along with it licenses for its MDM. But, of course, climb errors. We, for example, on test trials caught the bug that files uploaded from a Windows client cannot be taken offline for collaboration on iOS. SAP rules, of course.
Samsung advertised a new piece of hardware and came to visit with it, there is a solution only for corporate customers. If you need a super-protected system, then you need to look in the direction of Tizen (z3, Tizen OS 2.4.0.1) - you do not dig there, it is certified in the Russian Federation that there are no bookmarks, and now it collects documents for the second management certification. They have their own applications there, and they, too, are all signed and certified one by one: device and disk with checksum, even like that. Each individual device receives its own set of documents. But this is entirely for the defense departments. According to Samsung, you can broadcast applications from Android, and you can write in native C ++ or make hybrid applications. They promise to give the source to everyone who uses it.
One of the most ridiculous workflow rakes is that some customers introduce RAR encryption of documents in corporate policy. There, the employees think that they took the document, filed it in the archive, and it is protected. Or put passwords on XLS. The problem is that all this is the good old "123456" and in general everything that goes over a dictionary or brutal in half an hour. The same applies to Wi-Fi - open at times. During the last audit, it turned out that the accountant closed all his documents with the same password “Vera 2015”. So fear people with powerful graphics cards on laptops.
The good old mistake is to take a student to write an application within the company. Having no background, he will definitely leave a hole. Then it will be found (not immediately, at first a critical mass of leaks will accumulate for the scandal), and you will still have to rewrite everything. Another common mistake is that as soon as a new iOS comes out, everything falls off immediately. Android is not as aggressive in terms of updates (“There is a hole in 4.4, you want - update”, plus the company may not release an update; basically top devices and devices from Google are guaranteed to be updated for 2-3 years), but not iOS update tragedy for the end user. Although there is always clear in advance what will happen, but no one itches. The story is that pros roughly understand what will happen tomorrow, and do not do what works right now.
Another point in the devices - the software requirements are different. The phone three years ago does not cope with everything. We bought Chinese devices in one company, we decided to save money. Grabbed problems in full. It began with the fact that the Chinese firmware does not work as it should. Then it turned out that it was no chance to check what was inside there. Then 1000 pieces of iron began to slow down - they "littered" with the products of vital activity of the applications, somewhere they went down for the specification, somewhere the Chinese changed the composition of the iron a little within the batch ...
Once there was a funny story at work. We were given an administrator who does not log in SQL. At all. We ask: is he the main sysadmin exactly? Yes, they say the oldest. We ask: what is his experience, are there any certificates? Yes, they say, eychary send. Eichary and send: "Master of telephone etiquette."
It happens, people themselves knock at once to the vendor. The story is this: they come, then they dance beautifully. The company buys a base product. Licenses are sold, vendor leaves - everything, the deal is closed. And then it turns out that you need to customize. The same MS Sharepoint is often implemented in the form of “yes, cool, working - and what to do next?”. Despondency begins. It is necessary to finish the company, then give the methodology of use, put the process, explain what and how to do. There was not even an information security regulation on one customer - they say, recommend how best to do it. Many times I have seen how MS Project Server without a proper understanding of what to do with it in business practice, was just being introduced in vain.
Very often, the reason for the introduction becomes the phrase "Here these have, I also want." The concept of using mobile devices - almost no one in the Russian Federation. Do not even think about it. What for? We need a system, then we will write the concept, as it will be. In fact, you need to understand why and how you are going to use it. And not just because Petrovich has.
Once the customer says: "Let's have a super fail-safe system, critical data inside." We consider a cluster, then we show it, and already in the smoking room it turns out that exactly 8 people will work there for a couple more years. Architecture, a lot of time, scaling calculations ... And it is enough just to copy the virtual machines. They have idle time fit into what can be deployed for the same period.

Specifically, iron on such projects has recently become less, because it has become more expensive in dollars. Sometimes it works when there are many different products on the same piece of hardware. But this is not always good. It is better to save iron on not making a failover cluster - it is better to solve it with virtualization and fast backup. Many even look at our cloud. Previously shunned, and now begins: "Or maybe rent?" Especially those who earn in rubles.

Much can be done generally on open source or free software. The same balancers - please. Above MDM is open. It is clear that all the same money will be spent on implementation. It is clear that taking a free product, it is necessary to take on the implementation of technical support of this free product open source for a year or at least six months. And immediately think: would you need a couple of javistes later to serve all this?

Process: how best to implement

First you need to write a concept or another similar document - which pieces of hardware and what exactly will be used. What data and where will be available. What can that can not be brought to the mobile and so on.
Evaluate budgets and the need for such implementation in general - that is, it is a rational approach to the issue. Evaluate options for the open source and the costs of them (including for development and support). If not the open source, then understand the domestic vendor or the western one.
Understand the architecture and immediately lay scaling.
Once again, consult with pros already on a commercial basis. And not those who made the election above. Two looks better than one.

Actually, at the first stage, all this can suddenly turn into a web-muzzle. Or in an application that contains a web view and VPN stray.

Sometimes it happens that you need exactly, but how and for what - you did not think. It must be said that the bank can write the concept itself, but the mining and processing plant - not always. This is simply not his specificity. There are companies where they have already attacked the rake, and there are - where they still have to learn the words “scaling” and “data protection on mobile devices”. Often, a CIO will still think about mobile workplaces, the only question is how and when. In this case, it is convenient to look at the practices of the western market: ours are still catching up, one year faster there than in Moscow, and one and a half more than behind the Urals (forgive me).

In recent years, the fact that earlier it was necessary to fit into the existing channels has changed, but now they are everywhere good in large cities.