
Business reimagined: Samsung’s Virtual Experience addresses today’s tech
Coming March 4, 2021, Samsung V/X Live is a free content-rich virtual conference and networking event for businesses of all sizes.
Enterprises everywhere are recognizing how mobile technology can empower employees and enhance customer experiences, but they face two big challenges in order to fully harness its potential.
First, as mobile device use cases across an organization become more sophisticated, so too do the requirements for configuring, managing and supporting these devices. Secondly, with smartphones and tablets accessing sensitive data and apps more than ever before, mobile security becomes all the more critical.
Samsung Knox was designed to help overcome these two challenges by making Samsung Galaxy smartphones the most secure and manageable on the market. An extension of Android Enterprise (AE) architecture, the Knox platform delivers unique, granular security and management features that meet the needs of organizations’ fast-evolving mobility needs.
To understand Knox, though, it’s important to separate the Knox platform — which is built into all Samsung’s latest mobile devices — from the Knox cloud-based management tools and services that can be licensed to run on top of the Knox platform.
Built into all Galaxy smartphones, tablets and wearables, Knox is a security platform you can trust to protect your business data. Developed on the principles of trusted computing — and with a hardware root of trust to verify the device’s integrity at boot-up — Knox provides a secure foundation for enterprise mobile initiatives.
Get started with MDM so your organization can spend less and do more — securely and efficiently. Download Now
Malicious code can intrude on any single OS layer, or through several of them. Knox’s holistic approach to securing a phone’s OS and data protects against diverse security threats, which can come from a variety of sources and threat vectors. This chip-based protective architecture, also known as TrustZone, isolates highly sensitive computations from the rest of the device’s operations. Then, it uses real-time kernel protection to constantly inspect the core of the OS during runtime. Finally, Knox encompasses Samsung’s security enhancements for Android, protecting apps and data by strictly defining what each process is allowed to do and what data it can access.
Through these measures, the Knox platform has met certification requirements from NIAP’s Common Criteria and NIST’s FIPS 140-2, and received multiple Defense Information Systems Agency STIGs for classified use. Knox security is, literally, defense-grade.
On top of the core Android Enterprise platform, Knox Platform for Enterprise (KPE) provides a robust set of features to meet the security needs of government organizations, as well as in other highly regulated industries such as finance and healthcare.
This includes the National Security Agency (NSA)’s Commercial Solutions for Classified (CSfC) program, the National Information Assurance Partnership (NIAP) and the U.K.’s End User Device (EUD) guidance. Their security requirements stipulate, for example, that a phone support dual layers of encryption when data is at rest or in transit.
With Samsung DualDAR (or Dual Data-at-Rest), the data inside a Galaxy device’s work profile is encrypted twice, using two independent crypto modules. Knox DualDAR also allows third-party crypto modules for inner layer encryption. For dual-layered encryption of data in transit, Knox supports VPN chaining. These details make Samsung the only mobile phone provider to address requirements like CSfC and EUD to the letter.
KPE’s deep customization options allow businesses to streamline their device deployments, with the added flexibility of granular device management and enforceable app management capabilities, with or without Managed Google Play integration. By adding Managed Google Play, you can whitelist and blocklist specific apps for specific users. KPE also allows IT admins to set system-level feature restrictions, including Common Criteria mode, and apply unique policies to Samsung DeX, Samsung’s mobile desktop solution.
At the same time, some enterprises that have deployed Android Enterprise (AE) fully managed devices may want to separate work apps from unapproved apps. IT admins define unapproved apps as employee-needed apps that aren’t fully trusted and vetted from a cybersecurity perspective. Normally, allowing those kinds of apps isn’t an option, because enterprise IT policies based on AE require the device to be fully managed.
Samsung is offering a more flexible approach on Android 11 with a solution called Knox Separated Apps. This solution securely organizes and isolates apps on a fully managed Samsung device so that separated apps cannot access work data.
KPE also provides advanced network management capabilities, including controls over roaming and Access Point Name (APN) management.
The Knox platform doesn’t replace the need for enterprise mobility management (EMM) tools, but it provides a secure foundation. Samsung has collaborated closely with many of the leading mobile device management (MDM) software providers, including Airwatch, BlackBerry and MobileIron, to ensure close integration between the Knox platform and their device management tools.
At the same time, Samsung has developed its own set of cloud-based software solutions to meet specific enterprise needs. This Knox solution portfolio, which can be licensed and accessed through the Knox portal, is designed to assist mobility managers throughout a device’s life. Here are the Knox solution portfolio’s key offerings:
Knox has come a long way since Samsung introduced the platform back in 2013, but the fundamentals remain the same: Knox secures Android mobile devices through hard-wired protections while serving specific management needs.
Today, Knox demonstrates Samsung’s commitment to ensuring its enterprise customers’ data is always safe on Galaxy mobile devices, providing peace of mind for IT teams and giving users freedom in both work and leisure. You can fully optimize mobile deployments by purchasing the Knox Suite of solutions, which includes KME, Knox Manage, KPE and Knox E-FOTA.
Learn best practices for thwarting mobile security breaches and responding when they occur in our free guide, Building a Cyber Incident Response Plan. Or, read these eight quick tips for securing remote workforces.