The beginner’s guide to MDM

Learn how to protect and manage your mobile devices with this step-by-step guide covering everything from planning groups and creating policies, to reporting.

Download Now
Device Management

5 Ways Samsung Knox Helps Secure and Manage Mobile Devices

As businesses increasingly rely on smartphones as core workforce productivity tools, securing and managing all those mobile devices, apps and data has become a growing challenge for IT teams.

On the security front, mobile devices by their very nature pose unique challenges — including greater risk of being lost or stolen — while the threat of mobile malware continues to increase in complexity and scope. On the device management front, IT teams have been stretched thin by the mounting workload of supporting smartphones and tablets in addition to traditional PCs and infrastructure. Even in organizations that have opted for a Bring Your Own Device (BYOD) approach to mobility, the responsibility has fallen on IT managers to ensure workers can safely access business apps and data on personal devices.

How Samsung Knox Helps

Samsung has invested considerable resources over the past six years in building out a full enterprise mobile security and management stack. Introduced first on the Galaxy S4 in 2013, the Samsung Knox platform has set the standard for mobile security, receiving top ratings from industry analysts and certifications from multiple government agencies, including the U.S. Department of Defense.

Less well-known are the device enrollment, management and customization tools rolled out under the Knox banner. Integrating closely with Knox’s platform-level security, licensed solutions like Knox Manage and Knox Configure provide IT departments powerful capabilities that can save time and avoid headaches associated with new mobile initiatives.

Whether you are looking at Samsung’s next-gen Galaxy S10 or the affordable Galaxy A series phones, here’s a rundown of how Knox will help you secure and manage your enterprise mobile deployment.

1. Hardware-Based Security

Samsung mobile devices are designed with security at the core. From the moment the phone or tablet first powers up, boot-time protections are verifying the integrity of the device. The Knox platform leverages processor architecture known as TrustZone to isolate sensitive computations and security certificates. If malware attempts to alter the kernel of the device’s operating system, real-time checks will detect the change and immediately block access to sensitive data. This is the firm foundation on which the Knox security and management stack is built.

2. Data Separation

Enterprises in regulated industries with stringent security requirements can go above and beyond this foundation with Knox Platform for Enterprise, an on-device containerization solution. Knox Platform for Enterprise allows IT to deploy a container to separate and protect work data and apps. All keys to these secure containers are encrypted and secured within the TrustZone. IT admins can remotely lock the container if tampering is detected or permanently lock down access if the device is lost.

Why You Need an Incident Response Playbook

icon of a documentWhite Paper

Get this free guide on how to respond to mobile security breaches — or thwart them altogether. Download Now

Knox Platform for Enterprise customers also gain advanced logging and analytics features, tools for managing corporate virtual private network (VPN) connections and access to hundreds of IT policies that integrate into many of the industry’s leading enterprise mobility management (EMM) tools.

3. Cloud-Based Management

In addition to close integration of Knox with third-party EMM solutions, Samsung offers its own affordable cloud-based EMM called Knox Manage.

Knox Manage is a full-featured mobile device management (MDM) tool that allows:

  • Bulk enrollment

  • Remote device and application management

  • Content management

  • Set access and action restrictions

  • Remote wipe in the event of a lost or stolen device

While Knox Manage is a Samsung-created solution, it can also manage non-Samsung mobile devices running Android, iOS or Windows 10 operating systems. Businesses can take advantage of a free trial to test these capabilities.

Another free solution to streamline device management is Knox Mobile Enrollment, a fast way to bulk enroll devices into your EMM solution. You can also use the Samsung Enterprise Firmware Over-The-Air (E-FOTA) service within your EMM solution to manage firmware updates — whether postponing updates until app compatibility testing is complete, or forcing updates to ensure all devices are running on the same OS version.

4. Custom Configuration

As businesses look to use mobile devices to streamline specific business processes or perform specific functions, the need for custom configuration has grown. Knox Configure is a cloud-based solution developed to meet this need, enabling businesses to remotely configure any number of Samsung devices and tailor them to specific enterprise requirements. Configuration can include anything from custom branding of the booting UX, to preloading applications or shortcuts, to restricting access to certain features or creating a fully locked down experience limited to a single app.

Knox Configure lets you deploy the custom profile or “gold master image” right out of the box, so the device will automatically update to the latest configuration when the user first powers up.

5. Advanced Biometrics

Relying solely on passwords or patterns to secure your mobile devices leaves them open to attack, which is why, for a complete smartphone security stack, enterprises should leverage biometric authentication to protect sensitive data. Samsung has been a leader in introducing highly secure biometric authentication options, including facial recognition, iris scanning and now the in-display Ultrasonic Fingerprint ID on the new Galaxy S10 and S10+. Each of these biometric methods offers different advantages and levels of security, and should be evaluated based on your security and user requirements.

In addition to using biometrics to unlock the device itself, Samsung allows enterprises to leverage biometrics to protect secure on-device containers, as well as to replace credentials in other apps and websites using Samsung Pass.

Defense-Grade Security for the Enterprise

Today’s mobile-empowered workforce needs security that doesn’t get in the way of productivity. The Knox platform is engineered into Samsung devices at the manufacturing stage to enhance the Android platform for the enterprise. Knox keeps working to secure your device and data at all times, with security features to safeguard against risks when smartphones, tablets or wearables are powered off, during run time and during the boot-up stage.

The Samsung Knox platform is the backbone for a full range of software and solutions for IT administrators and developers to customize, create, deploy and manage purpose-built security at scale in the enterprise.

Learn more about how enterprise mobility solutions can help with your next mobile deployment.

Jasmine Henry

Posts By

Jasmine Henry

Jasmine Henry (formerly Jasmine W. Gordon) is a Seattle-based commentator and freelance journalist specializing in analytics, information security and other emerging tech trends. Henry holds an MS in Informatics & Analytics from Lipscomb University in Nashville, where she also completed a graduate certificate in Health Care Informatics. Her work has appeared in Forbes, Time, Reuters, HR Professionals Magazine, ADP Spark, HP Tektonika, Mimecast and dozens of other publications.

View more posts by Jasmine Henry