Smartphones have long been established in business, and the security that protects the sensitive data they handle has evolved just as dramatically as the devices over the past 15 years.
The world of smartphones started slowly as cell phone manufacturers began adding features to their mobile phones that took advantage of the newly available data networks: email and collaboration tools first, then other dedicated applications and, finally, web browsing. Convergence came from both sides. For example, Palm took their wildly popular personal organizer and added a cell phone to it. When the Palm Treo 650 came out in 2004, it was clear that you didn’t have to be Motorola to make a “smart” cellphone.
Management and security, however, were not top-of-mind.
Mobile Security’s Infancy
It wasn’t until 2006 that Symbian, Nokia’s smartphone operating system, added features such as requiring applications to be signed — combating widespread problems with viruses arriving over Bluetooth connections. That was the year Nokia shipped the Symbian-based N95, the first smartphone that combined outstanding camera, music and GPS navigation together with traditional business applications.
Unfortunately for Nokia, the Apple iPhone was released in 2007. Apple succeeded in completely turning the smartphone paradigm upside down by shifting the focus from voice calling to data, applications and connectivity. Apple brought other security innovations in the first years: address space randomization, sandboxing, code signing and hardware cryptography.
Meanwhile, security management of smartphones lagged. Microsoft broke through the management barriers with their under-the-radar Mobile Device Management (MDM) tool, Exchange Active Sync (EAS). EAS v12 was released in 2008, which gave every IT manager running Microsoft Exchange (the overwhelming choice of enterprises) the ability to easily manage smartphone security at no additional charge. In 2010, Android v2.2 jumped on the MDM bandwagon by building in support for Microsoft EAS. Android was beginning to shift from a hobbyist experiment to something mainstream enterprises could use.
Two years later, in 2012, Samsung saw the potential of smartphones in the enterprise — and the need for security. They started the Samsung Knox program to identify enterprise security requirements and push them into the Android platform and Samsung hardware. Samsung worked within the security and Android communities to drive security improvements such as Security Enhanced Linux into mainline Android.
The Most Secure Phone
The Trusted Platform Module (TPM) started as an add-on chip for laptops and desktops. Samsung took the idea of a separate, protected processor that can be used to secure critical information, such as encryption keys and identity information, and pushed it into their smartphone CPU. The TrustZone coprocessor is now a standard part of most smartphones, thanks to a 2013 collaboration between Samsung and the ARM CPU community.
Samsung’s Knox investment in Android security continued through the years, with additional features such as biometric identification standards, real-time kernel protection and separate work/home profiles.
Because Samsung is committed to securing the Android ecosystem, many of these have made their way back into the standard Android operating system — and into other vendors’ smartphone hardware. To close the loop, Samsung Knox 3.0, released in 2018, harmonized many of the security features between Samsung hardware and software and the core Android operating system.
Learn more about Samsung Knox’s mobile security influence on the Android platform by downloading this free white paper.