Five Things IT Managers Should Look For In A Web-based App

By Special Guest
Mark Sulzen, Vice President of Information Technology SmartDraw Software, LLC
  |  May 05, 2016

Keeping the network free of unauthorized software has always been a challenge. Software inventory and management tools are often helpful in holding back the tide of software that saps the time and attention of the IT staff.  However, the emerging world of apps that run in a web browser makes it even more difficult to be aware of, let alone manage, the software the company employees are running. The only practical way to get ahead of the curve on this trend is to understand and embrace it in a way that lets you overcome the risks and problems. How? Look for web-based apps that are optimized for enterprise management and provide them to your users. Here are the enterprise-friendly features to look for in a web-based app:

1.Enterprise Document Control

Perhaps the most important feature of all to look for in a web app your company uses and pays for is the ability to maintain control of the documents or content created using the app.

This is often not the case. Users sign up to use a typical web app with an email address and password. If this email address is not under a domain you control, or the user can change it at any time, you have no ability to retain documents created under this account. If the user leaves the company and keeps the account under a private email address, the documents go with them.

Enterprise-friendly web apps provide licenses that give control of user accounts to the company as the purchaser and owner. This allows company administrators to control who has access to documents created with any enterprise accounts. This may be done by permitting only the license owner to change the email address that accesses the account. An even better solution is for the app to support single-sign on, so the user signs on with his or her domain user name and password. This eliminates problems with employee confusion with multiple accounts and lost passwords.


Transferring company data to a third party server sounds scary but needn’t be if the app provider follows sound protocols to ensure the security and privacy of your data.

  1. Make sure that the app provider is SOC 2 certified. They should have passed a Type II audit which means they maintain the standards over a period of time instead of just a onetime Type I audit. This ensures that they are taking the right steps to manage and protect your data.
  2. Verify that the provider uses HTTPS for all website interaction. Although SSL security is not required for non-logged in web browsing, a site which has already changed over to all HTTPS shows they are ahead of new requirements and able to handle increased security changes.
  3. Make sure that the provider encrypts all user data being stored so that a casual employee at the provider cannot access this information. This has the added benefit that in case of a security breach, your data could still be protected if the encryption is not compromised.


Ask the app provider how they host their app if you want to be confident that it will be available with 99.99% uptime. Just hosting it using Amazon Web Services (News - Alert) may not be good enough. AWS (and other third party cloud services) have all had recent significant downtime. Hosting should be designed with redundancy in mind, and able to handle outages and major system failures. One app provider recently was down for several days because someone accidentally deleted their database. This leads us to item number 4.

4.Organizational Maturity

Let’s face it; many web apps are launched by a handful of smart guys who are underfunded and short on experience. Even those that appear to have a solid foundation can shut down with little warning.

Nirvanix in September 2013 surprised its customers by unexpectedly announcing it was shutting down its cloud storage service, and gave them just two weeks to migrate their data somewhere else. This after the six-year-old company raised more than $70 million in venture capital funding, including a $25 million Series C round earlier that year.

Look for an app that is supported by an organization that has been around for quite a while and is staffed by people who have a good understanding of the enterprise and what they need in a vendor. That does not mean these companies never experience service outages. But they will also be able to fix any problems and keep you up-to-date on their progress.

In January 2016, both Google and Twitter experienced severe disruptions. Google’s worldwide outage blocked customers from accessing Gmail, Google Drive and Google Docs, among others. Twitter (News - Alert) needed more than 10 hours to fix an outage that prevented its 300 million business and consumer users from even logging onto the social network.

These are just two of the more recent high-profile examples. And while the outages created embarrassing headlines, both had the resources and procedures in place to fix the problems and regularly update customers via their blogs and online support forums. 

5.Data Migration/Extraction

OK, you do all this and your app provider still goes down hard, gets bought, or shutters the business. What happens to your data? You need a Plan B. A way to capture your data in a manner that allows you to use if off-line without the app provider in the picture. There are several possibilities:

  1. Export - There may be a way to export data from the web app into a standard useable file format. This data can then be imported into a database or reformatted for a completely different app.
  2. Conversion - The provider may have a legacy desktop app that reads the same file format.
  3. Integration - The app might be able to connect to another application which can pull in the data in a similar format.
  4. Extraction - Have a plan to export this data on a regular basis or you won’t be able to get to it if the service goes down.

Always ask yourself this question and have a plan in case of a temporary or permanent failure.

If you do nothing about the “bring your own app” revolution, your company can be left high and dry with no recourse. Find out what your users are bringing into your enterprise, find the most reliable solution, and encourage them to use it by making it easy and integrated with the existing systems. It will save your company time and expense in the long run. Handling the oncoming wave of web apps with finesse will be the mark of a wise IT manager.

Edited by Stefania Viscusi
Get stories like this delivered straight to your inbox. [Free eNews Subscription]