Mobile Application Strategies in Financial Services Today

By Stephen Leonard, Sr. Enterprise Solutions Manager, BlackBerry

Over the last several years, corporate mobility has diversified across device types (phones and tablets of all sizes), mobile ecosystems (Android, BlackBerry, iOS, and Windows Phone), and vendors. This diversification has opened mobility to all levels of the organization especially around email/calendar/contacts. Due to the increased enterprise enablement/management complexity, it has also limited investment in applications that truly unlock the business value of mobility. Financial services firms looking to better leverage their mobility investments, through the implementation of business critical applications, need to first examine their current mobility platform to ensure they have the foundation needed to build upon.

User Segments

As new mobile platforms and devices are introduced, many firms segment their user populations into at least two groups – regulated and non-regulated. Upon further analysis, you may find additional groups are needed especially for individuals who need higher security solutions (executives, investment bankers, etc.).

These user segments will then translate into different deployment models, including:

  • BYOD – Bring Your Own Device
  • CYOD – Choose Your Own Device
  • COPE – Corporate Owned Personally Enabled
  • COBO – Corporate Owned Business Only

An understanding of these segments, models, and associated requirements is key to implementing a successful Enterprise Mobility Management (EMM) platform, especially in financial services, and will lay the foundation of your device and application management policies.

Mobile Platforms and Devices

With the introduction of additional mobile ecosystems and a diverse set of device form factors, users and IT departments have lots of choices. The challenge for companies trying to go beyond the commodities of email/calendar/contacts is that many mobile ecosystems have roots in consumer electronics so analysis is needed to ensure appropriate levels of support for:

  • Mobile Device Management (MDM)
  • Encryption
  • VPN
  • Open Development Standards (HTML 5, C/C++, etc.)
  • Securing Data in Transit
  • Securing Data at Rest
  • Enterprise Integration
  • Secure Delivery of Notifications and Data
  • Anti-Rooting Capabilities or Rooting Detection

An inventory of your platforms and device capabilities will be very useful so you can appropriately target your application development investment to these devices. You should however also review your current inventory against your mobile policies to ensure that your current state is a good representation of the permitted devices.

Management and Infrastructure

Once you have identified your user segments, EMM models, mobile ecosystems, and supported devices you are often left with an integration challenge.

With a turbulent few years of mobility behind us, your current mobility platform likely resembles a patchwork quilt with different vendors and solutions each providing key components of the overall solution. As long as it is compliant, reliable, and manageable, you should have the necessary foundation for application development.

As regulators gain more experience with cross platform mobility, they will be asking more probing questions around management of mobile risk (device/data loss or compromise) so you will want to ensure you have a good foundation in place.

Some common areas of focus

  • Manageability – Are your devices deployed and configured correctly covering all your compliance requirements?
  • Enforcement – Have the appropriate policies been applied to users in line with their roles and responsibilities?
  • Data at Rest – How is your corporate data stored on the device?
  • Data in Motion – How do your devices connect to enterprise data sources?
  • Process – What happens when a device is lost or stolen? What steps occur, who is involved, and how are the associated risks managed?

Just like anyone who has experience with a good internal/external audit the key is asking the right questions. At stake are your corporate and client data so don’t avoid asking tough questions – bad actors, whether internal or external, won’t tap you on the shoulder letting you know you have been compromised. If you are not sure of the questions to ask find someone who can, as your firm’s reputation may just depend on your actions now.


The prior topics are foundational for a regulated enterprise. Now that you have removed the common mobile hurdles it is time to focus on your users and allow your developers to focus on the user experience of your critical business applications. For the purpose of this article I will use a broad definition of “applications” to include…

  • Platform “Built-In” Applications
  • Public “App Store” Applications
  • Web Applications
  • Corporate Applications

When assembling a mobile solution for your users, it is useful to first look at the capabilities of the built-in applications, which on some enterprise-focused platforms go well beyond the commodity capabilities.

In a regulated industry, you often need to control what public apps can be deployed on your mobile devices as well as the permissions they are granted. Having an application vetting process for public “App Store” applications to determine their function, device permissions, and what access they will have to corporate data should be considered mandatory.

Assuming your internal web applications have been built using responsive design, or you are using larger-screen devices, your users may be able to leverage your existing investments in web-based capabilities. This is a great cost-effective way for your business units to easily begin opening up their line-of-business applications to mobile solutions. Choosing mobile platforms that leverage standards-based technologies in the web browser will help assure existing web applications function as intended.

Any remaining gaps in requirements are your opportunities for investment in mobile application development. Your best path forward varies based on all the individual decisions covered in this article so there is no “one size fits all” strategy. Consideration needs to be given to the various development technologies that can be used in relation to your specific use cases as well as the devices that exist in your mobile fleet.

Stephen Leonard, Sr. Enterprise Solutions Manager, BlackBerry Inc.

Since each company’s situation is unique, feel free to contact me if you have any enterprise mobile application development challenges and I will see if I can help you unlock the true value of enterprise mobility.

About BlackBerry

A global leader in mobile communications, BlackBerry® revolutionized the mobile industry when it was introduced in 1999. Today, BlackBerry aims to inspire the success of our millions of customers around the world by continuously pushing the boundaries of mobile experiences. Founded in 1984 and based in Waterloo, Ontario, BlackBerry operates offices in North America, Europe, Asia Pacific and Latin America. The Company trades under the ticker symbols “BB” on the Toronto Stock Exchange and “BBRY” on the NASDAQ. For more information, visit


Follow Us:

Sitemap | Privacy | Copyright © © 2017, WSTA®, All Rights Reserved.