Over the Christmas break our team started several application packaging, conversion, and assessment projects. It’s a busy time and we are delighted with the privilege of helping our partners and their clients.

One of the questions raised in the project start-up/stand-up sessions was,

“Why are we even repackaging EXE’s (installations)?

Shouldn’t we just use the silent command lines?”

There are some clear benefits to application (re)packaging in general and they include:

  • Lower Support Costs: Repackaging creates a stable environment, allowing IT teams to address issues immediately and on a large scale, thus reducing support costs.
  • Ease of Distribution: Repackaging makes it easier to distribute software, which is particularly beneficial when dealing with hundreds or thousands of devices. Of course, some may argue that using silent install command lines and PowerShell may be part of a solution as well.
  • Standardisation and Stability: It leads to a uniform IT environment, ensuring consistent, stable, and reliable standard environment.
  • Reduced Time and Improved Problem-Solving: It saves time, improves problem-solving, and reduces the total cost of ownership. This is a big issue for Readiness as the Assurance offering includes full-support and total ownership of the application portfolio. For us, it’s so much the cost, it’s the reduced time to resolution.
  • Efficiency and Reduced Administration Costs: It increases the efficiency of software management, streamlines software deployment, and helps reduce ongoing administration and support. If you are using a simplified distribution and management tool like Microsoft Intune, then it really helps to have a standard deployment methodology.

And finally, one the most important issue facing our clients today:

  • Mitigation of Security Issues: Repackaging helps mitigate security issues and decreases risks for business disruption.

And of course there are a few downsides, that include:

  • Technical Difficulties: Repackaging applications for use with the Windows Installer setup engine can involve technical difficulties and challenges.
  • Skill Requirement: Finding candidates with the right skills and a full understanding of the end-to-end packaging process can be difficult, leading to challenges in the repackaging process.

Yes, getting your costs down is good. Sure, having a stable, consistent platform is good practice.

But today things are very different than even a few years ago – Security is now the PRIMARY concern.

And the reason? Actually, there are several:

  • Unknown/Undefined Prerequisites: Does your application download other components or 3rd party applications as part of its installation.
  • Unmanaged Dependencies: Does your application require dependencies or drivers that are not part of your managed build? What are you adding? Where are the unknown unknowns?
  • Auto-Updates: Auto-updates are generally disabled as part of the repackaging/tuning process and not always available as a silent install command line option. What are you really downloading each month?
  • 3rd Party Supply Chain Compromise: This is the biggie and keeps most of the CISO’s and security folk awake at night. Your application may depend on 3rd party components which are not fully managed by your organisation. Some good examples include the widely used: Super Putty and Wireshark. Both have dependencies on open-source projects – which is not a bad thing, but they need to be included in the overall application portfolio.

Get to know your application portfolio – find out exactly what you have and what you actually need.

Try out Assurance Unbound from Readiness for a free trial.

Greg Lambert