Deploying mobile apps is challenging. The process varies by use case, and it is rare for any one person or team to know every post-build activity needed for a successful deployment. App deployment processes are often disjointed, requiring involvement and coordination across disparate teams and systems. Significant work is needed after app development is complete and before the app can be distributed and made available to users.
To get a sense of just how challenging this process can be, consider the following two use cases:
- Enterprise employees use a third-party developed app to access corporate data using their own personal devices. Since these are typically unmanaged devices, mobile apps that access corporate data from such personal devices need app-level security controls to meet the enterprise's security policies. However, integrating the security controls into the apps is very difficult without source code access, which the enterprise does not have.
- Apps distributed to multiple app stores require different distribution channel assets. They also require integrations into numerous distribution mechanisms. Since mobile apps are updated many times a year, it is challenging to ensure consistent app store entry customizations before publishing apps.
There are many other examples, but in general, the app deployment process is varied and has many moving parts involving multiple teams, tools, and practices.
A workflow for a mobile app deployment is a collection of activities executed across multiple departments, systems, and tools. It may begin with importing the app from a dev repository, then scanning the app to find known vulnerabilities and to ensure compliance. Then, the mobile app is hardened to protect it from reverse engineering and hacking. Next comes app signing to identify the app's author and verify its legitimacy. Automated testing is the next key phase to ensure a quality product. Last but not least is the actual app distribution to stores and users.
This process, or a more complicated version if the use case warrants, is repeated every time an app is developed or updated.
With multiple teams involved, the chance for errors increases. For example, perhaps you import apps from a code repository that your dev teams use for app collaboration. Maybe your company uses two or three repositories because the apps come from different distributed dev teams. How do you coordinate all of this and make the deployment process as seamless as possible?
Mobile app deployments are prone to errors and mistakes because of the number of activities involved and the manual coordination required. A recent survey reported that 61% of respondents believe a reliance on manual processes is a major barrier to productivity. This slows down the deployment process leading to missed revenue opportunities and diminished customer satisfaction.
As organizations seek ways to reduce errors and increase productivity, they are increasingly turning to orchestration.
If you are deploying a single app to only one app store, the process is relatively straightforward. But for many organizations, a typical workflow might need to be applied to 10, 20, or 50 apps, multiple times a year. There may be different workflows for different apps, requiring coordination across a different set of activities. If each app is distributed to a unique app store, the workflow permutations become enormous. How do you keep it all organized across the various teams?
Orchestration helps coordinate the different workflow activities across people and services, automating tasks where appropriate. Perhaps one team is responsible for the signing, while another is getting the app published to a public store, while others focus on working through compliance and security. Orchestration enables efficient and error-free workflows that eliminate deployment delays while supporting compliance with security policies and regulations. And orchestration provides the recipe for ensuring rigor for app deployments. Orchestration is important when there are many workflows that have unique recipes or activities.
Orchestration Extends and Unifies Deployment Workflows
Given the distributed, fragmented, and complex nature of app deployments, orchestration helps to unify, streamline, and simplify the post-development activities. Examples app deployment activity classes include:
- App Import: Moving app binaries from CI/CD pipelines to a deployment workflow
- App Scanning and Analysis: Exposing unknown and undiscovered app vulnerabilities using third-party security analysis tools
- App Hardening: Applying techniques to prevent app reverse engineering and ensure compliance
- App Enhancement: Modify already compiled apps to add new functionality.
- App Signing: Digitally sign apps.
- App Testing: Improving app quality and usability via feedback loops
- App Distribution: Pushing apps to end users by using integrations with app catalogs, app stores, or other distribution channels
There are additional activity classes, but based on the descriptions, it is easy to see that each of these activity classes represents substantial effort, as each activity requires many tasks. The entire set of activities may rely on dozens of technologies and tools used by teams possibly distributed across geographies. In this context, orchestration (and automation) are a requirement (and not merely an option).
It is crucial to point out that orchestration is not always a completely automated process. In fact, in specific scenarios, workflows cannot be entirely automated. For example, testing is a hybrid activity as it will naturally have some manual dependencies as testers and end users provide feedback, which will be incorporated into an app to improve it.
The Blue Cedar Platform: Transforming Mobile App Deployments with Orchestration
The cloud-based Blue Cedar Platform is designed specifically for deploying mobile apps. The Platform orchestrates release activities for both people and services, automating tasks where applicable. Orchestration enables efficient, error-free workflows that eliminate deployment delays while assuring compliance with security policies and regulations.
The Platform orchestrates standard deployment workflows for common use cases such as adding mobile app controls, supporting multiple unified endpoint management (UEM) solutions, and distributing apps. Using the Platform's standard workflows is easy; you just need to select a workflow, perform a one-time configuration, and then run the workflow. Standard deployment workflows enable organizations to realize the Platform's time-to-value immediately.
Blue Cedar also integrates with third-party technologies used for mobile deployments. These integrations enable the Platform to use an organization's existing security and deployment tools, extending the deployment workflows’ coverage, increasing the value from those investments.
If you would like more information on Blue Cedar, contact us to arrange a live demonstration or read the white paper.