Today Appthority is announcing an integration with managed Google Play that will make it easier to vet public apps before distributing them to Android enterprise devices. It may seem like just a simple console integration, but there are several interesting things happening, plus it’s indicative of the rise of Android enterprise.
Managed Google Play is the Android enterprise way of distributing both public and in-house apps to devices. Appthority is a mobile threat defense vendor that we’ve followed for a long time, and one of the first ones provide what’s now commonly known a mobile app reputation service (MARS). (Learn more about mobile threat defense and MARS here.)
Google Play is already checking apps for malware and making sure they abide by the Play Developer Guidelines, so in that sense, MARS products act like a backstop. But as you can imagine, there are a lot of app behaviors that are perfectly fine in consumer apps but are data security threats to the enterprise. MARS products like Appthority check for things like data exfiltration or geolocation, and then EMM admins can use this information to vet apps for corporate use.
Appthority and managed Google Play integration
Appthority has now integrated with managed Google Play via their EMM API. I caught up with Domingo Guerra, president and co-founder of Appthority, to dig in.
From the Appthority console, admins can search for apps in Google Play, then check them against whatever app reputation policies the company has in place. Admins can then make these apps available to uses in managed Google Play, or do a silent installation. For in-house apps, admins can upload .APK files into Appthority, and once inspected, Appthority can push them on into managed Google Play.
Previously, these processes involved switching back and forth between the two consoles. The integration makes this part more convenient, but there are a couple of other things going on.
First, there have been plenty of EMM and mobile threat defense integrations, and plenty of EMM and managed Google Play integrations, but this is the first mobile threat defense and managed Google Play integration. Google worked with Appthority to add some new APIs for the app review process.
Second, integrating the two products enables some automated scenarios. When a public app in Play is updated, Appthority is notified and automatically re-inspects the app. If any new changes are against a customer’s policy, it will be removed from managed Google Play for their users. (Existing installed versions on devices stay in place, though.) Managed Google Play has a similar feature, but only for Android permissions. Again, most enterprises will want deeper MARS data when they make their decisions.
Third, while approving apps is currently an admin-initiated process, Appthority is envisioning that customers will grow comfortable with automating it. In this scenario, a user could search for any app in managed Google play, the app would be checked against Appthority policies automatically, and if it passes, the user is free to download it.
Just about everyone that I speak to agrees that Android enterprise has a lot going for it. As it spreads, we’re going to see more of these integrations. On another note, MARS functionality can be compared to some CASB functionality, so there’s another effect we’ll have to keep an eye on.