5 Must-Haves for SharePoint Mobile Apps for the Enterprise

By Indus Khaitan

For more than a decade, Microsoft SharePoint has led the way for businesses of all sizes as the top choice for a collaboration tool.

With more than 125 million users worldwide and nearly 80 percent of Fortune 500 companies using SharePoint, it’s easy to understand its success within an organization.

To maintain that collaboration advantage, many organizations are looking to enable SharePoint on mobile devices.

Challenges of Making SharePoint Mobile

With the prevalence of employee owned devices, and the emergence of cloud-based solutions for anywhere any-device access to the Internet and corporate Intranet resources the lines have blurred between business-critical corporate vs. private data and applications. 

In our experience, we estimate that about 80 percent of SharePoint’s global users say that data security challenges are at the top of their list when it comes to accessing documents on SharePoint from mobile devices.  

Some of these business proprietary documents are highly confidential and subject to compliance laws on security and privacy. 

SharePoint security in a BYOD environment is now essential and anything less than a robust approach to security could potentially result in a breach that places customer data and company information at considerable risk.

Evaluating SharePoint Apps for Mobile Use

While evaluating SharePoint apps for enterprise mobile usage, an app must meet a certain threshold before IT can roll out to a larger audience. Here are five must-haves for SharePoint apps for mobile devices:

1.      IT Managed sharing of enterprise content

Thanks to the onslaught of higher-powered tablets and phones, computing has moved closer to the end-user. This is in sharp contrast to client server and web-based computing where much of the data resided with monolithic servers and the end-user only saw a “presentation layer” such as an HTML page or a form.

The emergence of native apps gives rise to the thick-client phenomenon where raw data moves to a tablet or a device and gets rendered in the touch-enabled user-interface. This phenomenon also adds risk of data leaking from the device from other apps.

In an IT-managed mobile app for SharePoint, administrators control access to content, sharing of files, printing based on a user’s role, device type, location and even time for certain use-cases.

Restrictions on sharing give IT control in remotely deploying policies for a managed “Open-in” environment where files can be shared with a specified set of “white-listed” apps and services.

2.      Single Sign-on

Single Sign-On (SSO) is the “enabler” of IT simplicity where end-users can navigate from a myriad of internal websites and services without interacting with the challenge screen with a different username and password. This problem has been solved many times over in the web infrastructure but mobile apps bring a new set of challenges.

An app which supports SSO to different SharePoint sites without forcing the user to sign in multiple times is a key differentiator when supporting complex IT infrastructure. The smaller form-factor of smartphones makes SSO a must-have for a SharePoint app.

Large security-conscious organizations also require support for PKI-based authentication. Lack of support for this technology on the app side forces IT to degrade their security a few notches to enable a “fall back” authentication mechanism.

3.      Encryption of data above and beyond the platform’s default encryption

Mobile apps and platforms are designed for a collaborative environment where “keys” are stored (or cached) locally. In a situation where a platform can be compromised, both the keys and data can be retrieved and reverse engineered.

SharePoint apps that provide encryption based on derived credentials such as an end-user’s enterprise password use a pre-emptive strategy to mitigate such data-leakage scenarios. Even if a device is compromised, encryption strategy that doesn't depend on the platform’s default encryption mechanisms protects data.

4.      Isolation of personal and corporate data

An IT-managed environment mitigates risk of data-leakage, but services which decouple multiple user-personas take the security further. When evaluating a Sharepoint app for mobile devices, it is important to find out if the app allows partioning of data from multiple SharePoint sites.

A use case for this is when a contractor has access to multiple SharePoint sites (maybe one on the cloud). In this scenario, the app should be able to enforce fine-grained policies some of which can be assigned from the SharePoint servers. 

5.      Un-degraded touch experience of mobile devices and tablet

Most security conditions are met by degrading user-experience. For example, a lack of SSO capability forces a login every time.

A lack of strong encryption on a device disallows end-users from downloading any data at all. Some IT departments also completely disable any touch-enabled native-app experience because it's still a mine field to enforce security realms beyond what can be enforced on a browser.

Secure Mobility Is Possible

The edge of the network has been redefined by BYOD and traditional on-premises approaches are not adequate.  It’s critical to secure these devices to protect the integrity of the network, and ultimately place control back with the IT department.  The above guide will help you make a smart choice while evaluating SharePoint apps for smartphones and tablets. 

Indus Khaitan is a co-founder of enterprise mobility provider Bitzer Mobile. [Editor's note: Late on Friday Nov. 15,  it was announced that Oracle has acquired Bitzer Mobile, of which Indus is a co-founder.]  Previously he was a founding partner at The Morpheus, a Bangalore-based seed fund where he invested in more than two dozen ventures. Past roles at Symantec and HP helped him see the realities of solving problems of very large companies.