What is app wrapping (application wrapping)?
App wrapping (application wrapping) is the use of a management layer in an existing mobile app. This is usually done by an organization using third party tools. App wrapping is done to add security, management and analytics to an app.
App packaging is a method that allows users to access the organization’s data on devices while giving the organization the ability to maintain control over it.
Many organizations use mobile apps for business purposes. These apps can be developed in-house, purchased as turnkey solutions or as third-party services. Typically, this is used with BYOD or corporate-owned, personally-enabled (COPE) devices. Apps can be used with confidential material that the organization needs to control. The organization may be legally required to maintain control of the data and ensure that it is encrypted and audited.
Coding the right management capabilities into an app is difficult, especially when encryption or access controls are required. Adding these features to an existing app requires expensive reprogramming and may not be possible for some purchased apps. Wrapping a compatible app can provide capabilities to manage existing apps without any programming.
App packaging is mainly developed for Android (Android Package Kit) and iOS (.ipa file) apps. It is used as part of an enterprise mobility management (EMM) strategy. Increasingly, app packaging is being done for Windows and macOS programs with unified endpoint management (UEM).
These packaged apps must be distributed through a corporate app store, portal or mobile device management (MDM) software. They cannot be downloaded from the normal app store.
Abilities added by app packaging
App packaging adds many capabilities to mobile applications, including the following:
Security. App packaging can add extra security to apps that don’t support it natively. This may include encryption, authentication, remote erase, copy protection and screenshot limitations.
Management. Apps can be assigned based on roles. They can be updated automatically.
Analytics. App usage and data access can be tracked and audited.
Features added by app packaging
Features added to app wrapping include the following:
Single sign-on. Users sign in only once to access all their corporate data.
Jailbreak detection. Block the use of jailbroken and compromised devices.
Lock inactive. The user is asked to re-authenticate after a period of inactivity or whenever the app is closed.
Remote wipe. Administrators can initiate an automatic deletion of corporate data.
Encryption at rest. Implement device or per-app encryption. It may comply with government requirements, such as the Federal Information Processing Standards.
Per-app VPN. Encrypt data in transit and allow access to on-site resources. This can be implemented regardless of the device’s internet connection via VPN.
Blocking data exfiltration. Stop screenshots, copy/paste, file export and print.
Benefits of app packaging
There are many advantages of app packaging for organizations:
Integrated deployment. All applications are controlled from a central point. An organization-wide policy can be set that affects all applications. Users don’t need to log into apps from different providers.
Low code / no code. Some app wrapping services can remove shelf apps and add a wrapper without any changes required to the underlying app. In-house developed apps can be migrated to an app packaging platform with little or no changes.
Disadvantages of app packaging
There are several drawbacks to app packaging, however:
More energy resources. Because app packaging adds additional rules and policies on top of an app, they are often a bit less responsive and more resource intensive than non-packaged apps.
No first-party support. Because app packaging creates a custom app at a time, there is often no support from first-party vendors. Apps are not available in native app stores and must be downloaded through another method.
There is no standard implementation. There is no app wrapping standard. Each app packaging vendor may use different methods and APIs to implement its controls. Each app may work differently and may not have a unified feature set.
How to create app packaging
App packaging is often offered as a service. The service handles all back-end implementation and control of app packaging. Some major app wrapping providers are IBM MaaS360, Microsoft Intune and VMware Workspace One.
Every business should request developer app signing keys from Apple and Google. It is used to authenticate repackaged apps and allow them to be installed on iOS and Android devices.
The desired app can be repackaged. For some providers this is all done online; the app and the signing key are uploaded by the vendor and the packaged app can be downloaded. For other vendors, a program is used to repack and sign on a local computer.
The repackaged app should be sent to employees. This can be done using a web portal, corporate app store, or through EMM/UEM providers.
See how mobile application management software is evaluated and how service and cost balance mobile application management tools. Learn about the differences between mobile device management vs. mobile application management and where they overlap.