As agencies increase their smartphone use, the level of sensitive information that is either stored directly on the phone or accessible via apps on the device continues to multiply. Administrators need to consider device security: What happens if a device is lost, stolen or otherwise compromised? Department managers cannot wait until there is a problem or breach — it’s critical to take affirmative and proactive steps to responsibly safeguard smartphone deployments.
Samsung designed Knox to specifically address these concerns, delivering defense-grade protection for today’s digitally enabled law enforcement agencies. Using Knox solutions to configure, deploy and manage a smartphone program will protect the department and the officers while conserving valuable IT resources.
To understand just how comprehensive the Knox approach is, consider a deployment of 100 smartphones to individual officers. When the phones arrive, they remain in their boxes at the start of the enrollment process. By using the Knox Deployment Program, agencies can work with the device reseller so that individual device IDs are already uploaded to the Knox Cloud Server.
To set up smartphones, IT administrators can use Knox Configure to build a device profile that includes settings and policies for acceptable use. Control and customization is extensive to a granular level and includes connectivity to Wi-Fi, Bluetooth utilization, implementation of Flight mode and permissions for using USB connectivity, flash cards and other ports.
Configuring 100 devices (or more) before deployment brings huge times saving and ensures that a consistent level of security is in place across the agency’s mobile network. Updates can be done via a push notification from a web console, avoiding the need to actually handle each device. This is of tremendous value in a 24/7 operation where personnel are assigned to field operations or specialized assignments, potentially making it difficult for them to update technology in an office setting.
Using Knox Mobile Enrollment, IT departments can efficiently add new devices to the department’s network. The IT admin simply selects the enterprise mobile management (EMM) application that the agency is using and then registers default IDs and passwords for the officers who will be receiving the devices. Registered phones can be issued to officers who just need to turn them on and connect to Wi-Fi, 3G or 4G networks. Once enrolled, devices will remain secure. If a factory reset is attempted, the EMM software will be automatically reinstalled and the user will be re-enrolled.
With Knox Manage, the IT administrator can create any profile — complete with agency-specific IT policies and a secure data container — which can then be pushed to the 100 new devices. Knox Manage allows administrators to restrict how devices are used to ensure compliance with agency policy or security restrictions. Knox Manage offers more than 280 individual policy settings, including the ability to blacklist or whitelist specific applications and websites. Real-time device monitoring empowers IT admins to locate individual devices and to message individuals or groups of devices without needing specific phone numbers.
Knox Manage allows remote support tools and direct authorized device access, as well as the capability to remotely locate, reboot or wipe a phone’s content in the event of a lost or compromised device. Knox Manage is cloud-based and capable of managing any Android, iOS or Windows 10 device. However, it’s most secure and effective when used on Samsung Galaxy Devices integrated with the Knox platform. In addition, the protection afforded by Knox Manage will soon be available for wearables like the Samsung Gear S3.
Keeping Devices Updated
Regular operating system updates are the reality in any mobile technology environment. Using an array of devices in the field with different versions of the same OS creates major security vulnerabilities. The problem gets worse when different generations of mobile devices are in use — a situation that public safety IT professionals know is far from uncommon. Simply defaulting to an immediate update of the newest OS version may cause conflicts with existing agency software, creating new operational issues.
These challenges can be effectively addressed with the Samsung Enterprise Firmware Over the Air (E-FOTA) solution, which keeps all devices on the same OS version for improved security and operational responsiveness. Using E-FOTA, administrators can test an update in a development environment and then push the update when they’re confident it won’t cause a conflict. E-FOTA supports both selective and forced updates, while the update time control feature requires no user interaction yet ensures the users stay operational in the field.
Many agencies have agency-specific applications, such as facial recognition tools, that demand a higher level of protection or security. For these situations, departments can partner with Samsung to use Knox Enabled App, a solution that provides a hidden, isolated container that automatically encrypts data-at-rest and protects the Android system from external threats.
The suite of Samsung Knox solutions delivers an enhanced level of comprehensive protection, providing operative device management and control at a level that will assist law enforcement agencies in addressing the security concerns inherent in a public safety environment.
See what ways smartphones can help improve officer safety and information access.