Samsung Knox was conceived to solve a simple problem: Android was not perceived as a trusted OS for the enterprise. The same openness and flexibility that made Android an attractive proposition for developers and consumers presented enterprise security and management challenges.
From its introduction back in 2013, Knox was designed to address these concerns, creating a more secure version of Android for enterprise use, and providing enterprise customers the management and deployment features that they demanded.
To understand Knox, it’s important to separate the Knox platform — which is built into the hardware and software of all Samsung’s latest mobile devices — from the Knox software and services that can be licensed to run on top of that platform.
The Most Secure Mobile Platform
The Knox platform is not something that is purchased, downloaded, or installed: it is part of each Samsung mobile device. Effectively, the Knox platform can be thought of as Samsung’s implementation of Android.
Developed on the principles of trusted computing and with a Hardware Root of Trust to verify the integrity of the device at boot-time, the Knox platform provides a secure foundation for enterprise mobile initiatives.
What makes the Knox platform unique? First, it leverages a process architecture known as TrustZone, in which highly sensitive computations are isolated from the rest of the device’s operations. Second, it uses real-time kernel protection to constantly inspect the core of the OS during run time. Third, it encompasses Samsung’s security enhancements for Android, protecting applications and data by strictly defining what each process is allowed to do and what data it can access.
Through these measures, the Knox platform has helped reverse perceptions of Android. It’s also met certification requirements from NIAP’s Common Criteria and NIST’s FIPS 140-2, and received multiple Defense Information Systems Agency STIGs for classified use. When we say it is defense-grade security, we mean it.
The Knox Solution Set
The Knox platform does not replace the need for enterprise mobility management (EMM) tools, but rather it provides a secure foundation. In fact, we’ve collaborated closely with many of the leading mobile device management (MDM) software providers, including Airwatch, BlackBerry and MobileIron, to ensure close integration between the Knox platform and their device management tools.
At the same time, Samsung has developed its own set of software solutions to meet specific enterprise needs. This Knox solution portfolio, which can be licensed and accessed through the Knox portal, is designed to assist mobility managers throughout the life cycle of the device. Here are the key offerings:
Knox Configure: The evolution of our Knox Custom Configurator solution, Knox Configure is a tool for remotely provisioning and configuring a large fleet of mobile devices. Knox Configure is typically used at the deployment phase to create a gold master image that is pushed out to your employee’s phones or tablets. It can also be used to create single-purpose devices, such as kiosks or point-of-sale terminals, by locking down other functionalities on the device.
Knox Mobile Enrollment: A free tool, Knox Mobile Enrollment provides a quick way to enroll hundreds of devices to your EMM. Its two major benefits: Eliminating the time spent manually enrolling devices, and ensuring devices are managed from the moment the user powers up.
Knox Manage: Samsung’s cloud-based EMM solution, Knox Manage can be used to manage Android, iOS or Window 10 devices, though we, of course, recommend Samsung Galaxy. Knox Manage provides IT admins with hundreds of policies, including all the essentials such as whitelisting and blocklisting apps and websites. It also allows event-based management, device location tracking and remote wipe capabilities.
Knox Workspace: For enterprises requiring high security, Knox Workspace provides an encrypted container to isolate business applications and data. This creates a dual persona device: Work data is protected in the encrypted container, while employees can still download and use personal apps on their device.
Samsung Knox has come a long way since we introduced the platform back in 2013, but the fundamental underpinnings remain the same: securing Android mobile devices through protections built in at the hardware level. Knox has evolved further through our portfolio of licensed solutions that solve specific management needs.
Today, Knox is Samsung’s commitment to ensuring our enterprise customers’ data is safe on Galaxy mobile devices, providing IT peace of mind and users freedom to work and play the way they want.
Learn all the different ways that Samsung Knox can support your enterprise’s security efforts.