1. Startseite
  2. Blog
  3. German government security approvals for solutions with Samsung Galaxy devices
Dezember 14, 2020

German government security approvals for solutions with Samsung Galaxy devices

Samsung Knox Team

One of the most important things we focus on at Samsung is security. This is true for all our devices and solutions, and it’s especially true for our government, military, and other public sector customers and partners.

Public institutions have a very pressing need for top-tier security to protect sensitive information and to avoid unauthorized access to systems, so we have set up a variety of processes to ensure that we are complying with all guidelines.

Additional challenges for public institutions are the digital transformation of work processes, the necessity to increase efficiency, and to constantly innovate – but at the same time decrease cost. Mobile devices have become a personal information hub with support for messaging, voice and video calls, but also a business tool with calendar, address books, and information access and exchange in general. So, commercial off-the-shelf devices can deliver all the necessary tools at a high innovation rate and competitive prices – but can they meet stringent security requirements?

In Germany, the BSI (Bundesamt für Sicherheit in der Informationstechnik, Federal Office for Information Security) is the public authority that defines security requirements and leads the approval process of devices and solutions for restricted government use cases. The approval most relevant for Samsung Mobile is the one for secure mobile communication solutions for classified information of the "VS-NfD" (classified material, for official use only) restriction level. Only solutions with BSI approval are allowed to be used in the VS-NfD context. While the BSI approval is an essential step, some agencies might require their own approval in addition before a solution can be used by them.

The BSI approval is not for mobile devices alone, but comprises a whole solution including the device, applications, servers, VPN, and device management. While Samsung devices, the Knox Platform for Enterprise, and most Knox solutions are under Samsung control, everything else in scope of the approval is provided by the solution partner or third parties. Our partners build their products utilizing Samsung Knox security features, and enter the approval process with the whole solution.

The BSI approval process for a solution can only be initiated by a government customer that wants to use it. Besides the BSI, the process involves the solution partner, an accredited test lab, third parties, and Samsung as device manufacturer.

Product security properties and features must be accurately documented in a formal way, and the documentation as well as the solution itself is evaluated by the security test lab. Evaluations are conducted to determine if the device meets all the requirements needed to protect against unauthorized access to sensitive information and for the integrity of the solution overall.

The most commonly evaluated modules that we see include cryptographic modules, Data-At-Rest (DAR) protection, Data-In-Transit (DIT) protection, device firmware update mechanisms, device restriction policies, kernel and system protection mechanisms, and secure boot mechanisms.

Further details of the BSI approval process are documented on their web site.

Samsung Galaxy devices are currently approved in a solution provided by our solution partner Secusmart, the SecuSUITE for Samsung Knox – with more to follow. It is referenced on BSI's web site on mobile communication solutions, and listed in their catalogue of approved products.

This allows many government agencies in Germany to deploy solutions using Samsung smartphones and tablets with security assurances to be utilized for a wide range of day-to-day and mission critical activities, for transfer and handling of information up to the secrecy level "VS-NfD".

When German government agencies consider the deployment of highly secure ultra-mobile communication solutions, they often opt for SecuSUITE for Samsung Knox (SS4SK), as one of the most comprehensive offerings in the VS-NfD-approved space.

For SecuSUITE for Samsung Knox, Secusmart has partnered with Samsung Electronics Co., Ltd. It allows government employees to exchange classified information with their colleagues, be it via an end-to-end crystal-clear encrypted phone call, or a presentation, edited on the mobile device, and sent via email across the solutions’ SecuCONNECT vpn link through the governments’ own data center. Employees are also enabled to access authority-specific IT-systems via dedicated secure apps or the SecuFOX browser.

Optional personal apps, strictly separated from the secure space, can be downloaded from the Google Play Store by the user.

As working from home and remote work become the new normal, Samsung DeX, in combination with virtual desktop infrastructure, turns a SecuSUITE for Samsung Knox device into the flexible, pocket-sized, yet full-featured mobile workstation for classified data.

SS4SK integrates with market-leading MDM/MAM solutions. It also utilizes Samsung key services such as Knox Mobile Enrollment and Knox Configure to support large scale deployments.

When the goal of approval for a specific product version is achieved, the work is not over: the approval for new versions of the partner's application and new Samsung devices needs to be prepared so that new devices can be used for "VS-NfD" soon after their market release.

Samsung's work to achieve government security approvals underlines our efforts to maintain and enhance Knox security features. Another long-term project that Samsung has undertaken since 2016 together with BSI and partners is the initiative to bring Germany’s National electronic ID onto selected Samsung Galaxy smartphones. A key device feature to support the eID is a tamper-resistant embedded Secure Element (eSE) inside the smartphone. The eSE serves as security anchor for the eID and its cryptographic keys. Its security properties have been certified according to the international Common Criteria standard.

Existing global and national approvals, certifications, and related documents for Samsung Knox can be found on our Knox certifications and guidance page.

Get in touch with Secusmart at www.secusmart.com

Secusmart GmbH
Heinrichstraße 155
40239 Düsseldorf
sales@secusmart.de

Or contact your local Samsung team using the contact form below.

Dies könnte Ihnen auch gefallen:
ZUM BLOG →
News
Making license registration easier for Knox customers
If you’re a Knox customer, the days where you have to manually enter license keys in your Knox Admin Portal have come to an end.
April 8, 2024
Knox for Business
Get to know the Knox Asset Intelligence Security Center
We are excited to announce the official launch of our Knox Asset Intelligence Security Center for all Samsung Knox customers.
April 9, 2024
Product Updates
Knox cloud service 24.04 release
Learn more about the latest features in the latest Knox cloud service release.
April 5, 2024
[Icon] schließen

Erste Schritte mit Samsung Knox

[Icon] Koffer
Sind Sie Fachhändler, Lösungsanbieter oder Serviceanbieter?

Werden Sie Knox Partner und bauen Sie Ihr Geschäft noch heute aus.

[Icon] Info

Wählen Sie ein Knox-Produkt aus, mit dem Sie beginnen möchten:

Paket-Komplettlösung
Knox Suite
Rebranding und Anpassung
Knox Configure
Schutz vor Betrug und Diebstahl
Knox Guard
Geräteschutz-Tarif
Samsung Care+ for Business
Sonstige Produkte und Leistungen

Erste Schritte mit

[Image] Knox Suite

Komplettlösung für Unternehmensmobilität.

  • Sichern Sie sich eine kostenlose 90-Tage-Testversion für bis zu 30 Geräte.
  • Eine vollständige Auswahl an Tools für die Sicherung, Bereitstellung, Verwaltung und Analyse der Geräte Ihres Unternehmens.
  • Testen Sie die leistungsstarken Funktionen der Knox Suite.

Knox Suite umfasst:

Knox Mobile Enrollment Kostenlos
Knox Manage
Knox E-FOTA
Knox Asset Intelligence
Knox Platform for Enterprise Kostenlos
Fernsupport für Knox
Knox Capture
Knox Authentication Manager

Erste Schritte mit

[Image] Knox Configure-Logo

Umbenennen und Anpassen Ihrer Samsung Geräte.

  • Sichern Sie sich eine kostenlose 90-Tage-Testversion für bis zu 30 Geräte.
  • Konfigurieren Sie mehrere Samsung Geräte gleichzeitig per Fernzugriff und passen sie die Geräte an Ihre persönlichen Bedürfnisse, damit sie sofort einsatzbereit sind.
  • Richten Sie Ihre Geräte für eine einmalige Bereitstellung ein, oder aktualisieren Sie sie so oft Sie möchten.

Erste Schritte mit

[Icon] Knox Guard-Logo

Betrugs- und Diebstahlschutz für Samsung Geräte.

  • Sichern Sie sich eine kostenlose 90-Tage-Testversion für bis zu 30 Geräte.
  • Geringere finanzielle Risiken und Schutz Ihrer Vermögenswerte durch Fernsteuerung von Samsung Geräten.
  • Testen Sie alle Funktionen von Knox Guard, einschließlich der SIM-Steuerung oder der Gerätesperrung.

Erste Schritte mit

[Image] Samsung Care Plus For Business-Logo

Geräteschutz-Tarife für Ihre Geräte von Samsung.

  • Verringern Sie Betriebsunterbrechungen mit schnellen Reparaturen und Austausch von Geräten. Wenden Sie sich zum Durchstarten an das Samsung Vertriebsteam.
  • Alle Informationen über die Abdeckung und Ihre Ansprüche an einem zentralen Ort einsehen.
  • Sie haben Samsung Care+ for Business bereits gekauft? Erstellen Sie ein Konto und aktivieren Sie einen Tarif über die Samsung Care+ for Business-Konsole.

Sonstige Produkte und Leistungen

[Image] Sonstige Logos

Moderne Lösungen für Ihre individuellen Ansprüche.

  • Profitieren Sie von effizientem technischen Support durch einen fest zugeordneten Kundenbetreuer mit Enterprise Tech Support.
  • Erstellen Sie maßgeschneiderte Geräte für Ihr Unternehmen mit dem Samsung Software Customization Service.
VERTRIEB KONTAKTIEREN