July 31, 2023

Samsung and Microsoft Unveil First On-Device Attestation Solution for Enterprise

Samsung Knox Team
 Top Image

Strategic partnership leads to improved enterprise mobile device security for the modern workplace

Samsung Electronics today announced the first step in a plan to reimagine mobile device security for business customers in partnership with Microsoft. This collaboration has led to the industry’s first on-device, mobile hardware-backed device attestation solution that works equally well on both company and personally owned devices.

Device attestation can help ensure a device’s identity and health, verifying that it has not been compromised. On-device, mobile hardware-backed device attestation — available on Samsung Galaxy1 devices and combined with protection from Microsoft Intune — now adds enhanced security and flexibility. For enterprises, this is an extra layer of protection against compromised devices falsely claiming to be known and healthy, gaining access to sensitive corporate data. Additionally, organizations can now enable employees to bring their own device (BYOD) to work with the confidence that they are protected with the same level of security as company owned devices. For employees, this means added flexibility for their personal Galaxy devices to safely access their work environment.

In a rapidly evolving landscape with changing work habits and increasingly sophisticated cyber threats, Zero Trust is a security model based on three principles: always assume breach, verify explicitly and provide least privilege access. Implementation of Zero Trust has become mandated by regulated industries and public sector customers, such as the United States government2. This requires a new approach for enforcing security end-to-end, from apps to the network and the device itself, regardless of device ownership and enrollment.

Together, Samsung and Microsoft are uniquely positioned to enable this. Samsung is the industry leader for global smartphones. The Samsung Knox security platform is 10 years old. In that time, Samsung Knox has been activated on more than a billion Samsung Galaxy devices. That’s more than 30,000 businesses in 110 markets relying on Samsung Knox to protect their devices from cyberattacks. Microsoft is the industry leader in unified endpoint management software market share3 and delivers end-to-end cross-cloud, cross-platform security solutions, which integrate different categories across security, compliance, identity, device management and privacy, informed by more than 65 trillion threat signals each day4. With this partnership, the first mobile hardware-backed device attestation bridges the consumer and the world of work, allowing people to safely bring their personal devices to work.

“Samsung is committed to meaningful innovations that are as secure as they are versatile and optimized,” said KC Choi, EVP and Head of Global Mobile B2B Team, MX Business at Samsung Electronics. “As work habits evolve and people are working from virtually anywhere on any device, we are paving the way for the future of enterprise device security and democratizing the means for businesses to better protect their information.”

Flexibility for Enterprises and End Users

For enterprise IT managers, mobile hardware-backed device attestation with Intune provides strong protection for corporate needs without impacting the user experience. With this integration, even highly regulated organizations can adopt a BYOD policy with this additional layer of protection on the Samsung devices widely used by consumers and professionals for work. This increases worker productivity, provides better experiences for users, and simplifies administration.

This joint Samsung-Microsoft solution works on both managed and unmanaged devices regardless of ownership5. Traditional device attestation mainly works on managed devices as it is server-based and requires network connectivity, meaning the entire device has to be enrolled into the corporate system.

With mobile hardware-backed attestation, enterprises can verify a device’s integrity and allow access to the corporate system whether it is managed or unmanaged. The user experience is also streamlined to enable employees to bring their personal devices to work and safely access the corporate system without extra security steps.

“Samsung’s industry-leading hardware and software solutions, coupled with the power of the Microsoft Cloud and Intune, uniquely position us to empower defenders with end-to-end capabilities to help stop sophisticated bad actors and improve Zero Trust security posture,” said Michael Wallent, CVP Microsoft Security — Management. “With this partnership, we are committed to continuous innovation that will ensure the most security-minded organizations have the best possible mobile device protection.”

For further details, please refer to https://aka.ms/KnoxIntuneAttestation.

 


1Supported on select Samsung Galaxy smartphones and tablets, including “Secured by Knox” devices with Android OS 10 or later. To be eligible, devices must have run Android OS 9 or later at time of launch.

2“Improving the Nation’s Cybersecurity,” Executive Order No. 14028, 86 Fed. Reg. 26633 (May 17, 2021) https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/ and Young, Shalanda D. “Moving the U.S. Government Toward Zero Trust Cybersecurity Principles,” White House, Memo No. M-22-09, January 26, 2022 https://www.whitehouse.gov/wp-content/uploads/2022/01/M-22-09.pdf

3Source: Worldwide Unified Endpoint Management Software Market Shares, 2022: A Tactical Management Tool Evolves into Strategic Data Platform – Printer-friendly – US50467223 (idc.com)

4Source: Microsoft earnings release FY22 Q2. https://www.microsoft.com/en-us/investor/earnings/FY-2022-Q2/press-release-webcast

5Mobile hardware-backed device attestation, enabled by Samsung Knox hardware and Microsoft Intune app policies, is compatible with both Mobile Device Management (MDM) and Mobile Application Management (MAM) systems, for use on company-owned devices as well as personally-owned devices.

[Icon] close

Get the right solution for your business

Join 25,000+ organizations around the world.

[Icon] suitcase
Are you a reseller or solution partner?

Get access to the Knox Partner Program for helpful partner tools, such as the Knox Deployment Program portal, Knox MSP portal, partner SDKs, and more.

[Icon] info
Unified Endpoint Management
Knox Suite
Rebranding and customization
Knox Configure
Fraud and theft protection
Knox Guard
Device protection plan
Samsung Care + for Business
Other products & services

Get started with

[Image] Knox Suite

All-in-one solution bundle for enterprise mobility.

[Icon] Check mark

Join us and get a 90-day free trial for Knox Suite and other Knox products. *Approval required

[Icon] Check mark

A complete set of tools to secure, deploy, manage, and analyze your enterprise's corporate mobile devices.

[Icon] Check mark

Try powerful features bundled with Knox Suite, such as Knox Remote Support.

Knox Suite include:

[Icon] Knox Platform for Enterprise Knox Platform for Enterprise
[Icon] Knox E-FOTA Knox E-FOTA
[Icon] Knox Mobile Enrollment Knox Mobile Enrollment
[Icon] Knox Asset Intelligence Knox Asset Intelligence
[Icon] knox manage Knox Manage
[Icon] knox capture Knox Capture

Get started with

[Image] Knox Configure Logo

Remotely configure Samsung devices in bulk and tailor them to specific needs, right out of the box.

[Icon] Check mark

After approval, you can try both the:

  • Setup edition — designed for a one-time deployment
  • Dynamic edition — deploy and update policies as many times without a factory reset.
[Icon] Check mark

Try either the Setup edition or Dynamic edition of Knox Configure on up to 30 devices.

[Icon] Check mark

Get a free Knox Suite trial upon approval to try our UEM.

Get started with

[Icon] Knox Guard Logo

Remotely control Samsung devices to reduce financial risks and protect assets.

[Icon] Check mark

After you get approved, generate your free trial license for 90 days.

check-mark

Try all the features of Knox Guard on up to 30 devices, including SIM control and device locking.

[Icon] Check mark

Get a free Knox Suite trial upon approval to try our UEM.

Get started with

[Image] Samsung Care Plus For Business Logo

Protect your business devices against accidental damage and mechanical breakdowns.

[Icon] Check mark

Are you already a Samsung Care+ for Business customer? Create an account and access the Samsung Care+ for Business console.

[Icon] Check mark

Contact the Samsung sales team and get peace of mind for your devices.

Other products & services

[Image] Others logo
[Icon] Check mark

Samsung offers additional solutions to serve the unique needs of your business. Talk to a Samsung expert today.

CONTACT SALES
Back to top