Imagine you’ve been tasked with designing your first mobile app, which will provide the ability to access a production tracking system via smartphone or tablet for two basic purposes:

Scanning the bar code on a product to see the production status of that item.

Looking up open orders by customer and viewing all order details.

Your company has embraced the Bring Your Own Device (BYOD) phenomenon. So, the app will need to run provide:

    - Secure access from personal devices
    - No-VPN options
    - Isolation and protection of business from personal data

Imagine also that while you’ve been wanting to try mobile development, your background is in Microsoft and web technologies.

You have two proven paths for a smooth start in mobile: You can target the iOS environment with Cordova-based development, or you can execute a solid solution with a container-app approach that gives users access through any device they happen to already carry.

Considerations for Apple iOS Development

As Apple’s iOS quickly became the most popular mobile platform following the introduction of the iPhone, many developers who are new to mobile apps today assume that iOS is the best place to start.

In practice, iOS apps are most commonly written by more seasoned mobile developers in Objective-C using Apple’s Cocoa and Cocoa Touch frameworks. Developers who have not used these technologies but do have extensive web experience to leverage often turn to a package called Cordova (formerly PhoneGap) that enables iOS app creation using JavaScript, CSS, and HTML. Cordova supports a plug-in architecture in addition to its base functionality, and a bar-code scanning plugin required for our hypothetical project is readily available.

Augmenting Cordova with a Web-based Streamlining Service

Developers who are concerned about creating an app often investigate a web-based service called PhoneGap Build, which is designed to simplify publishing iOS apps that incorporates web app code.

The Container App Alternative: Rapid Development with Familiar Tools

There exists yet another alternative for new mobile app developers, especially those for whom there is no value in distributing apps through the App Store. A container app approach such as that offered by Rover Apps involves a centralized development plan:

- Install the Rover Gateway on any Windows server.
- Install the Rover Retriever client on any leading mobile device (iPhone, iPod Touch, iPad, Android).
- Develop your app using any web development tools, on any platform, with no need to build a native app.
- Deploy the resulting JavaScript/CSS/HTML and resource files to either the Rover Gateway or one of your existing web servers that the Rover Gateway can reach.
- When you run your web app in Rover Retriever, two of the APIs used in the previous development scenario – Cordova and bar-code scanning – are already there, built-in and waiting for you.
- Once you’re satisfied with your app, real users can begin accessing it with no additional deployment effort, and without having to go through an app store.

Ease of Upgrading Container Apps

In addition to offering the simplest means to develop and deploy mobile web apps, Rover offers comparable simplicity in app upgrading.

Suppose your mobile app for accessing a production tracking system gets a new requirement: As some of the production details rarely change, it would be nice to store them on the device for faster access – yet details are valuable, competitive information that must be secured. With a traditional mobile app approach, you would need to figure out all the security details yourself. Rover eliminates that need.

Rover offers analogs of HTML5 name-value and database local storage, and Rover’s versions store all data on the device in fully encrypted form. If an administrator blocks the device, the secure data is deleted the next time the device accesses the gateway.

Suppose further that the ability to access order details as well as production details was not fully implemented in the app’s initial release, and that the order details are on one server while the production details are on a different server. This would be a real problem for client-centric web apps, as JavaScript famously prevents so-called cross-site scripting.

Again, the integrated nature of the Rover system provides a solution. A JavaScript AJAX request can access any server that is reachable by the Rover Gateway by proxying its request through the Rover Gateway. In this approach, the device is not accessing multiple sites directly – the device’s requests are proxied through the Rover Gateway so security is maintained for the both the client device and the server.

Finally, suppose that in your next app release you would like to maintain a record of whenever the user scans a bar code that is not part of your production system, as a means to track whether the app is being used properly and to provide an early warning of glitches in the production system. Again, Rover keeps it simple.

Rover provides an integrated logging facility that makes it easy to track a soft failure. Using a Rover log similar to the JavaScript console log, a message generated by JavaScript on the client is dispatched to the Rover Gateway log. Any log processor you are currently using should be able to parse out entries in this log.

You can use this log for debugging as well. Often it is difficult to get debug information from a running hardware device, but Rover lets you easily route as much debug information as you choose from the client app to your Rover Gateway log for observation and analysis.
The “Container” Approach to BYOD

In addition to the value Rover Apps brings to the deployment model, your hybrid application also gets all the security and BYOD features built in to the platform.
The Rover Apps container approach to BYOD focuses on securing applications rather than managing devices. The Rover Apps platform includes a gateway that communicates over a private communications link with secure “containers” on personal devices, encryption applied to all information at flight and at rest, and corporate data isolated from all personal applications and settings on the personal device.

This scenario keeps mobile users’ personal devices off the enterprise network while empowering IT to publish intranet sites, line-of-business applications, documents, and internally developed apps to specific users. IT retains full control over the “secure island” of data, and with company information isolated from other mobile device information and settings, employees are free to use their smartphones and tablets for personal applications at will.

The container solution also ensures this level of protection with strong user authentication coupled with tight device pairing. This is generally a form of two-factor-authentication, in which each device must have explicit approval before connecting with the container gateway, and the user must also provide credentials to verify access authorization.

It also ensures that a lost or stolen device poses minimal security risk in unauthorized access of information stored on the device. The secure browser’s encrypted cache which, unlike a consumer browser with unencrypted cache, eliminates the possibility of exposing sensitive data to malicious software or to unauthorized users who comes into possession of the device.

Conclusion

With Rover, you can immediately code a secure solution. The APIs are already there – you needn’t be concerned about finding and building plugins or any other deployment issues. Rover makes a developer’s life easier and keeps a lot of other people happy as well, including your users, your CSO, and your IT department. Even the CFO is happy, thanks to Rover’s affordable and flexible pricing options.

See more information on The BYOD challenge to enterprise App development.

Try Rover FREE for 30 days

Read our white paper for further detail.