How 3 Big Enterprises Are Building Their Own Internal iPad Apps

The heavy influx of iPads into large enterprise organizations is posing new kinds of challenges for IT departments, particiularly around developing and distributing corporate apps. At the annual Gartner Catalyst conference this week in San Diego, top companies like Genentech, Eli Lily and Northern Trust Bank shared some of the secrets behind their impressive app portfolios. 


How do you grow your internal mobile app portfolio to 112 different apps over time? Paul Lanzi, the mobile apps team manager for Genetech/Roche, likes to give his apps cute names, such as "Peeps" for the corporate personnel directory and "Kudos" for employee rewards.

Lanzi set out to make the company's knowledge workers the best mobile-equipped workforce in biotech. Genentech/Roche currently supports more than 13,000 iPads, 10,000 iPhones and 18,000 Blackberries. Half of its users have more than 55 apps, and some have more than 300 apps on their devices. The company took a long-term view towards creating a solid application infrastructure that could be reused, which is why it has so many internal apps. It used a mixture of custom code and commercially available apps to provide access to existing SharePoint and SAP back-end systems that were already in popular use.

Eli Lily

Lilly, another big pharma company, wanted to meet the needs of a mobile salesforce that is present in 125 different countries. It chose more commercial apps, and focused on "simple apps that do one thing, and do it well," said Tom Nienhaus, part of the company's mobility team. "We were trying to provide Web access to various enterprise data platforms to our iOS users," he said. Lilly's architecture relies more on Apple's security and data protection APIs, as you can see in the architecture diagram below.

Northern Trust Bank

Northern Trust's client managers -- the people who work with very wealthy individuals - wanted to be able to bring a client's portfolio and review what actions the bank should take with a client's investments. They wanted to do this on the iPad, no matter where their clients were located. "We frequently have our managers get on private aircraft or yachts with our clients, and needed an app that would work under those circumstances, regardless of connectivity and Internet access," said Chris Price, one of the bank's vice presidents and a system architect. The bank designed an iPad app for this disconnected situation from the start.

Each of the three companies had to make a variety of decisions in building their apps. For example, they had to choose whether to code a native iOS app or not, what middleware and APIs to use, how to implement the various security requirements and what kind of internal app store to use to deploy their app. Adding up all these factors means handling lots of different pieces of technology.

"We typically build Web-centric apps because they are easier and quicker than native iOS apps, but in this circumstance we wanted the iOS app to make it more secure, particularly when it was in online mode," said Northern's Price. The bank was worried about various Web-based attacks like cross-site scripting and SQL injection that could compromise their data. Also, the native app could be made more efficient with its use of local storage.

Enterprise iPad Lessons Learned

All three companies shared some key lessons they learned from rolling out corporate iPad apps:

  • Get the first app right. Genentech's first app was a add-on that took close to eight months to develop because of all the various infrastructure pieces, including security, middleware gateways, authentication and identity management. But once all this was in place, the company's second app took much less time. "Indeed, we were able to leverage 80% the non SalesForce-related Web services that we built for the first app," said Lanzi.
  • Know your middleware. Northern Trust Bbank and Eli Lilly both employed middleware from Layer 7. Both wrote some additional custom middleware code to work with their back-end systems. Genentech also used a commercial middleware solution.
  • Plan for the worst case security scenario, especially when your users are roaming all over the world on untrusted networks. All three companies worked to make sure that even if an iPad was lost or stolen, none of its data would be compromised.
  • Invest in your user experience design. There is a difference between interface design and user experience, and make sure your developers know how to distinguish the two. Lanzi mentioned Genentech's early experience with an "On the Road" app as an example of what not to do.
  • Foster inter-department code sharing. Lanzi spoke about "fostering" the coding that was already developed for Genentech apps so that others in the organization could more readily build their own mobile apps. "Even if I could scale my team to three times its current size, I still could not meet the demand of all the mobile apps that my users want me to build." He put in place a series of common code libraries for his iOS native apps for functions such as jailbreak detection, identity management and authentication, and gave these out to all of the company's internal developers. Genentech is working on common HTML5 libraries and other Web services too.

Your company may not have as many internally developed apps as Genentech does, but your apps will be better from following its principles. "We have no tolerance for bad apps around here," said Lanzi.


Lead image courtesy of Shutterstock.