As agencies increase their smartphone use, the level of sensitive information that is either stored directly on the phone or accessible via apps on the device continues to multiply. IT administrators need to consider device security: What happens if a device is lost, stolen or otherwise compromised? Department managers can’t wait until there is a problem or breach — it’s critical to take affirmative and proactive steps to responsibly safeguard smartphone deployments.
Samsung designed Knox to specifically address these concerns, delivering defense-grade protection for today’s digitally enabled law enforcement agencies. Using Knox solutions to configure, deploy and manage a smartphone program will protect the department and the officers while conserving valuable IT resources.
To understand just how comprehensive the Knox approach is, consider a deployment of 100 smartphones to individual officers. When the new phones arrive, they remain in their boxes at the start of the enrollment process. The unique IDs of all devices will already be uploaded to the Knox cloud server by the reseller.
To set up the smartphones, IT administrators can use Knox Configure to build a device profile that includes apps, settings and policies for acceptable use. Key applications such as mobile computer aided dispatch (CAD) and resource management systems (RMS) can be preloaded. Unneeded applications can be disabled or removed. Control and customization is extensive and granular, right down to connectivity to Wi-Fi, Bluetooth utilization, implementation of Flight mode and permissions for using USB connectivity, SD cards and other ports.
Bulk configuring 100 devices (or more) before deployment brings huge time savings and ensures that a consistent level of security is in place across the agency’s mobile fleet. Updates can be performed via a push from the Knox Configure web console, avoiding the need to actually handle each device. This is of tremendous value in a 24/7 operation where personnel are assigned to field operations or specialized assignments, potentially making it difficult for them to update technology in an office setting.
Deployment is simple. IT admins can simply distribute the devices — without even taking them out of the box. When your officers first boot up their smartphones and connect to a cellular or Wi-Fi network, the devices automatically sync up with the Knox server and apply all of the profile’s settings. If a factory reset is attempted later, the device will simply reapply the profile again upon boot.
Onboarding Devices to Your MDM
Using Knox Mobile Enrollment, IT departments can efficiently add new devices to the department’s mobile device management (MDM) or enterprise mobility management (EMM) console. The IT admin simply selects the EMM client that the agency is using and then registers default IDs and passwords for the officers who will be receiving the devices.
The Knox platform integrates closely with all of the leading EMM solutions. Samsung provides developers more than 1,600 APIs and 600 policies, which allows EMM providers to achieve granular control over a Samsung Galaxy device fleet.
For agencies looking for a powerful yet affordable MDM, Samsung’s Knox Manage ticks all the boxes. Knox Manage offers more than 280 individual policy settings, including the ability to blocklist or whitelist specific applications and websites. Real-time device monitoring empowers IT admins to locate individual devices and to message individuals or groups of devices without needing specific phone numbers.
Knox Manage allows remote support tools and direct authorized device access, as well as the capability to remotely locate, reboot or wipe a phone’s content in the event of a lost or compromised device. Knox Manage is cloud-based and capable of managing any Android, iOS or Windows 10 device. However, it’s most secure and effective when used on Samsung Galaxy devices integrated with the Knox platform.
Many agencies have agency-specific applications, such as facial recognition tools, that demand a higher level of protection or security. For these situations, departments can leverage Knox Platform for Enterprise and its containerization solution to isolate their sensitive apps and data.
Keeping Devices Updated
Regular security and operating system updates are a necessity in the mobile technology environment. Using an array of devices in the field with different versions of the same OS creates major security vulnerabilities. The problem gets worse when different generations of mobile devices are in use — a situation that public safety IT professionals know is far from uncommon. Simply defaulting to an immediate update of the newest OS version may cause conflicts with existing agency software, creating new operational issues.
These challenges can be effectively addressed with the Samsung Enterprise Firmware Over the Air (E-FOTA) solution, which keeps all devices on the same OS version for improved security and operational responsiveness. Using E-FOTA, administrators can test an update in a development environment and then push the update when they’re confident it won’t cause a conflict. E-FOTA supports both selective and forced updates, while the update time control feature requires no user interaction yet ensures the users stay operational in the field.
The suite of Samsung Knox solutions delivers an enhanced level of comprehensive protection, providing operative device management and control at a level that will assist law enforcement agencies in addressing the security concerns inherent in a public safety environment.