ACE Consortium Looks to Simplify Mobile App Configuration and Security

Looking to standardize how providers of management applications invoke APIs on mobile computing applications, the AirWatch unit of VMware, Box, Cisco, Workday and Xamarin today announced an open App Configuration for Enterprise (ACE) initiative.

Announced at the Mobile World Congress 2015 conference, Kabir Barday, lead product manager for application development at AirWatch by VMware, says that in collaboration with other vendors AirWatch is trying to standardize the best practices for invoking mobile application APIs. As an open initiative, Barday says AirWatch is inviting not only providers of cloud applications to participate in the effort, but other providers of enterprise mobile management (EMM) software as well.

The initiative is intended to create an alternative to proprietary approaches to configuring and securing mobile applications. Barday says that the industry as a whole needs to standardize on an open approach to configuring, securing, and wrapping containers around mobile applications that invoke the APIs developed by Apple and Google.

Once that is established, Barday contends it will then be only a matter of time before providers of mobile computing platforms with significantly less market share fall in line with the broader ACE industry initiative.

Specifically, ACE would cover automating the first-time setup experience with app configuration capabilities; securing app connectivity to corporate networks using per-app tunnels; avoiding separate user login requirements for each app using single sign-on capabilities; allowing access to native apps only on secure, compliant devices with access control; preventing data leakage with a flexible set of security policies including open in and copy/paste controls; and wiping corporate data remotely from lost or stolen devices.

Right now, Barday says each provider of EMM software approaches these functions differently — even though they invoke the same Apple iOS and Google Android APIs.

Barday says standardizing those functions would mean there would be no need for proprietary SDKs or app wrapping. In its place there would be vendor-neutral applications that required no coding for setting security functions. That latter capability is crucial, says Barday, because most developers want to offload security functions to a Platform rather than have to build that functionality into every application themselves.

End users, meanwhile, would gain a seamless, native device experience enabled by the auto-configuration of applications, says Barday.

Ultimately, the rise in DevOps is making the development and management of mobile applications more efficient. But that doesn’t mean there isn’t still a lot of room for improvement when it comes to consistently configuring and securing applications in a way that finally also makes them simpler to manage.

Be sure to read the next Mobile article: Google Announces Android 5.1 Lollipop SDK