Share via

Deploying apps in the Enterprise

  • Article

What are the options available for deploying Universal Windows Platform apps in the Enterprise?

The best place to start is with the Windows Store for Business. With the Windows Store for Business an enterprise can choose to use all the resources of the Windows Store but focused specifically for their needs. These resources include the large selection of apps, automatically updating apps, and the Store app to let users self-serve apps.

The Windows Store is where consumers can pick apps from the large selection of apps available across many categories. Such choice is great for consumers but it may not fit the culture of a particular enterprise. Enterprises can configure their systems to only show the apps the enterprise has selected to the enterprise users to better suit any culture.

By default, Windows automatically keeps these apps up to date. As the Windows Store is a cloud based service, any user with internet access will always have the latest version of the apps they need. Since the service is internet based, your remote users app’s are always up to date without them needing to use a VPN.

How do users get apps from the Windows Store for Business?

Users can self-serve apps from the enterprise’s inventory with the Store app. Many users expect a self-service option to help tailor their device to their needs and working style. Self-service is great but for an enterprise there are some apps that simply must be on every device. To handle this, there are several management tools available that integrate with the Windows Store for Business and push apps to the enterprise’s devices.

What about enterprise only apps?

In addition to apps generally available in the Windows Store, enterprises can also have apps added by commercial app developers who provide solutions directly to enterprises. When these apps go through the Windows Store for Business they are fully Windows Store certified so the enterprise can be assured that these are Trusted Windows Apps. This can reduce some initial app verification work from IT.

What if having users connect to the Windows Store for Business is not desired?

While the Windows Store for Business is a great way to use the full power of the Windows Store, with an enterprise focus, enterprises sometimes need other options like providing and updating apps to users without internet connectivity. The Windows Store for Business supports offline distribution to provide apps to users without internet connectivity. Management tools can obtain these apps and enterprise licenses from the Windows Store for Business and deploy these apps to enterprise devices. IT Pros can obtain these for custom deployment solutions.

What if the enterprise does not want to use the Windows Store for Business for all their line of business apps?

Another option that enterprises may need is to distribute apps that corporate policy prevents from leaving the internal network. In this case, the Windows Store for Business can’t be used due to its foundation as a cloud service. Conveniently, the same management tools that work with the Windows Store for Business can be used to deploy an enterprise line of business app as a nonStore app. What is a nonStore app? It is simply any app that does not go through the Windows Store certification process, and is thus not signed by the Windows Store.

As nonStore apps are not certified by the Windows Store the enterprise is responsible to review the app and choose how the app must be signed. In addition to any custom app review process I strongly recommend using the Windows App Certification Kit (WACK) from the Windows SDK. The WACK will run a number tests covering security, performance, best practices, and use of supported APIs.  All apps must be signed with a certificate issued by a provider trusted by Windows. For an enterprise line of business app a straightforward choice is an certificate issued by the enterprise’s own certificate authority. There are several options available to build and distribute nonStore apps in an enterprise that I will cover in a future blog.

Kyle Marsh, Principal Program Manager - Windows Developer Platform