How the New Samsung KNOX Intends to Change the Meaning of Enterprise Mobility

* The following is  an individual opinion of editor ASyk and does not represent the official views of the company. 

‘Leaked’ was probably one of the biggest buzzwords of 2013 and it doesn’t surprise anyone that data protection was (and still is) one of the biggest issues we face. Hearing all the news about the lack of security regarding our information, especially information on mobile devices, is especially jarring. Many of us actually have nothing to hide on our online foot print, but if you are a business man, this threat is critical. However, there is a way the business owner, the IT team and employees can feel safe and secure. Let’s talk about the most recently upgraded Samsung KNOX.

If you are a man who is running a business, there are few concerns about the mobile device your business uses: cost, efficiency and security. If your business deals with a lot of sensitive information, it is very important that the information is secure. Therefore, many businesses provides business phones to their employees. While there are many affordable smartphones, when it is given out to everyone in your company, it could do some damage to the company’s pocket. Here is the thing. Most of the people in your workforce, especially younger generation workers, have smartphones. Moreover, they are very efficient with their personal smartphones; no one can use their smartphones better than themselves and, most importantly, they own it because they like it. Therefore, if everyone can simultaneously use their personal phone as well as a business phone, business owners can not only save money, but also increase efficiency. While this makes logical sense, the question is where does Samsung KNOX come in?

The KNOX container, one of Samsung KNOX features to separate business and personal data, provides secure space within the device, complete with its own home screen, launcher, apps and widgets. Basically, it is a safe inside your mobile device. Here are some of the things that KNOX container won’t allow you to do to keep work and private separately, while making the phone secure. KNOX Container:

•  Cannot copy and paste text or images from the container into the personal space

•  Cannot access container data from the personal space

•  Cannot move files from the container to the personal space.

Isn’t it pretty simple? All data inside the KNOX container is encrypted as well. The principles are logical and keep the KNOX container secure.

Therefore, as Samsung KNOX team describes, your mobile device can have a dual persona: more specifically, a business persona and a private persona. This is what it means by BYOD, Bring Your Own Device.

Although the concept of BYOD works, because the KNOX Container is secure, you would wonder how safe Samsung KNOX itself is and how it has improved from the previous version. As it was already suggested, we have one more concern of the business owner left to answer… security. Here are some of the key improvements of the new Samsung KNOX in terms of hardware and software.

•TrustZone-Protected Certificate Management: Device-wide feature that generates and maintains  client certificates inside TrustZone with additional support for industry standards such as PKCS#11; allows mobile devices to play the role of the smart card and its readers.

•KNOX Key Store: Generates and maintains encryption keys inside the TrustZone protected environment; allows third parties to utilize encryption for security sensitive applications and makes sure that encrypted data is protected if the system is compromised.

•TrustZone-Protected ODE: Encrypts the data stored in the device  through the TrustZone-protected encryption key, which can be disabled at the detection of system integrity compromise.

•Enhancements for TIMA (ARM ® TrustZone-based Integrity Measurement Architecture): TIMA performs continuous, real-time monitoring of the system from within TrustZone to prevent tampering of the Kernel and system partition. It protects against malicious modifications and injections to the kernel code.

•Enhancements for SE Android: With the security enhancements of SE for Android, Samsung KNOX supports platform security of third-party container solutions in addition to the KNOX container. This flexibility enables Samsung KNOX to provide enterprises with powerful security for leading third-party containers.

With the previous capabilities such as Trusted Boot, which is a primary component that forms the first line of defense against malicious attacks on devices, Samsung KNOX is pretty much a comprehensive protection security platform. Long story short, Samsung KNOX is secure. Business owners could utilize this to cut cost, encourage efficiency and secure company information on company mobile devices.

OK, you get it. Samsung KNOX ensures security. However, if you are a good business owner, you would ask this question.

“Is it sustainable?”

If you’re a small to medium size business owner, you probably aren’t looking for an luxurious expensive Mobile Device Management (MDM) . You are also probably looking for a simple management system that is easy to manage, as well. So, where do you find an affordable MDM solution that is simple and easy for the IT administrators to manage? Listen to this. Samsung KNOX offers a cloud-based mobile device control solution.

This means no need for on premise infrastructure. Devices can be managed through an Admin Portal, which allows the IT administrators to control and monitor employee devices and applications. When the Admin Portal is supported with a logical and ethical IT policies, IT administrators can easily implement company guidelines, such as remote wipe, password reset, remote lock, device storage encryption,  restricted use of camera, location report and more. If you think about it, this is not only easy for the IT administrators to manage company’s use of mobile devices, but it also cut costs for the business owners. If we were to describe this situation as ‘win-win’, would it be too much of an old fashion cliché?

As you can see this whole Samsung KNOX things might be using some advanced coding and technology, but it is easy for you to understand. So the point is this. If Samsung KNOX lessens your device’s vulnerability to security threats, is easy and simple to use, why not use it?