1. Home
  2. Blog
  3. The role of the endpoint in Zero Trust
Febbraio 24, 2023

The role of the endpoint in Zero Trust

Samsung Knox Team
Immagine superiore

With cybercrime and hacking strategies becoming more complex, enterprises need to be able to trust their users and endpoints more than ever. As a result, the Zero Trust strategy has become an increasingly popular way of protecting enterprise data. Samsung Knox’s trusted security platform and tools are one way to use Zero Trust to protect your enterprise’s data.

How Zero Trust works

Zero Trust is a security strategy that aims to minimize implicit trust in entities that handle enterprise data. With Zero Trust, entities, such as users and endpointsi need to continuously prove their trustworthiness to an enterprise to get access to its resourcesii. For example, just because an enterprise’s VPN authenticates a device, doesn’t mean that the device will be automatically trusted. This approach allows Zero Trust to use dynamic access control.

In contrast to traditional perimeter-based security strategies such as VPNs, dynamic access control dramatically reduces the impact of a compromised endpoint. With perimeter-based approaches, if an attacker compromises a single device or user credential, they can easily breach the entire enterprise network.

Additionally, Zero Trust allows an enterprise to regulate access to its resources based on a continuous evaluation of contextual information from multiple data sources. This contextual information, or context, takes into consideration sources including user and device identity, device health, location, and frequency of access. For each resource request, a device evaluates the context and sends it to a Policy Decision and Enforcement point (PDP). The PDP then decides whether to allow the endpoint access to the requested enterprise resource. If access is allowed, the requested resource is sent back to the device.

Endpoints: Enabling Zero Trust

When endpoints are involved, there are three principles that a Zero Trust system must uphold. First, the endpoint must collect, evaluate, and protect user data with each request made to ensure that the user has the right credentials to access the system. Second, both the endpoint and system need to continuously evaluate and protect the device from attacks. Finally, the endpoint must regulate access to local and remote resources control on downloaded resources and takes remediation actions as applicable.

Samsung Knox and Zero Trust

The Samsung Knox platform provides a foundation to build an endpoint that can achieve the Zero Trust vision.

Evaluating and protecting user data — User identities are vulnerable to many data breaches. With a recent study finding that phishing and credential stealing were the top two causes of real-world data breaches in enterprises for 2022, protection against these threats has become even more integral for enterprise security.

On the user data end, Knox can detect and block phishing attempts with the Network Platform Analytics and the Domain Filter firewall. Additionally, Network Platform Analytics lets Knox identify the exact app a device is making a network request from, providing further confidence to servers that session cookies aren’t stolen and replayed. Other Knox features such as ARM TrustZone Trusted Execution Environment (TEE) and Knox Vault provide further protection by enabling password-less authentication and token binding standards. For continuous authentication, Knox’s continuous multi-factor authentication framework allows for the regular collection and interpretation of data to authenticate user identity.

Evaluating and protecting device data — Devices are vulnerable to boot-time and run-time threats such as rooted images, malicious apps, and runtime exploitation.

The Samsung Knox platform has many features that protect device health and identity. To provide verifiable guarantees that only Samsung-authorized platform software components are running on a device, all Knox devices support trusted boot and Device Health Attestation. To protect against rooting attacks, Knox deploys features such as the Real-Time Kernel Protection and has parts of its platform, like TrustZone, written in the memory-safe Rust language. Knox also provides a unique ID and signing key, called the Samsung Attestation Key, for each device. This key can be used with the Knox SDK to generate a certificate that can be used for token binding and verifying a device’s identity to servers.

Knox also enables the continuous monitoring of endpoint security by providing a variety of contextual information typically used in Zero Trust. The Knox SDK provides access to hundreds of data points spread across the device’s network, kernel, filesystem, and apps for extensive system-wide visibility. Additionally, Knox allows on-device agents to be notified of and act on changes to device or user data, allowing them to block apps or notify remote PDPs to cut off access to enterprise resources.

Regulating access to local and remote resources — Once resource access is granted, the endpoint has to regulate access to local on-device and remote resources following the Zero Trust principles of least privilege and fine-grained access control. The endpoint also needs to take protective measures if it detects suspicious user or device behavior.

Samsung Knox supports fine-grained access control to regulate access to local and remote resources. With the Global proxy feature, Knox provides mechanisms to intercept network flows. To provide fine-grained access control, the Knox Platform for Enterprise (KPE) provides strong local isolation and control over enterprise apps and data. KPE, along with Knox Guard, also provide multiple remediation controls to instantly cut off enterprise resource access.

In summary, through features like continuous authentication, device health and hardware protections, and fine-grained access control, the Samsung Knox platform provides a foundation to build an endpoint that can achieve the Zero Trust vision and provide better security for your enterprise.

Learn more about Samsung’s position on the Zero Trust strategy: Browse the White PaperWhite Paper

i Endpoints are user-facing devices that request access to enterprise resources. Endpoints include laptops, desktops, mobile phones, and tablets. In this article, we use the terms “device” and “endpoint” interchangeably.

ii Enterprise resources include enterprise data, apps, and services such as printers.

Potrebbe anche interessarti:
VAI AL BLOG →
Knox for Business
Get to know the Knox Asset Intelligence Security Center
We are excited to announce the official launch of our Knox Asset Intelligence Security Center for all Samsung Knox customers.
Aprile 9, 2024
News
Making license registration easier for Knox customers
If you’re a Knox customer, the days where you have to manually enter license keys in your Knox Admin Portal have come to an end.
Aprile 8, 2024
Product Updates
Knox cloud service 24.04 release
Learn more about the latest features in the latest Knox cloud service release.
Aprile 5, 2024
[Icon] chiudi

Comincia a utilizzare Samsung Knox

[Icona] valigia
Sei un rivenditore, un provider di soluzioni o un provider di servizi?

Diventa un partner Knox e fai crescere la tua azienda oggi.

[Icon] info

Seleziona un prodotto Knox per iniziare:

Soluzione completa
Knox Suite
Rebranding e personalizzazione
Knox Configure
Protezione da frodi e furti
Knox Guard
Piano di protezione dei dispositivi
Samsung Care+ for Business
Altri prodotti e servizi

Inizia a utilizzare

[Image] Knox Suite

Una soluzione completa in bundle, appositamente concepita per la mobilità aziendale.

  • Ottieni una prova gratuira di 90 giorni per un massimo di 30 dispositivi.
  • Un set di strumenti completo per proteggere, distribuire, gestire e analizzare i dispositivi della tua azienda.
  • Prova le straordinarie funzionalità di Knox Suite

Knox Suite comprende:

Knox Mobile Enrollment Gratuito
Knox Manage
Knox E-FOTA
Knox Asset Intelligence
Knox Platform for Enterprise Gratuito
Supporto remoto Knox
Knox Capture
Knox Authentication Manager

Inizia a utilizzare

[Image] Logo Knox Configure

Consenti il rebranding e la personalizzazione dei tuoi dispositivi Samsung.

  • Ottieni una prova gratuira di 90 giorni per un massimo di 30 dispositivi.
  • Configura da remoto i dispositivi Samsung in blocco e personalizzali in base alle tue esigenze specifiche per un uso immediato.
  • Configura i tuoi dispositivi per la singola distribuzione o aggiornali tutte le volte che vuoi.

Inizia a utilizzare

[Icon] Logo Knox Guard

Protezione da frodi e furti per i dispositivi Samsung.

  • Ottieni una prova gratuira di 90 giorni per un massimo di 30 dispositivi.
  • Riduci i rischi finanziari e proteggi gli asset controllando in remoto i dispositivi Samsung.
  • Prova tutte le funzionalità di Knox Guard, inclusi controllo della SIM e blocco del dispositivo.

Inizia a utilizzare

[Image] Logo Samsung Care Plus For Business

Piano di protezione per i dispositivi Samsung.

  • Limita le interruzioni delle attività con riparazioni e sostituzioni rapide dei dispositivi. Contatta l'ufficio vendite Samsung per iniziare.
  • Visualizza tutte le informazioni sulla copertura del tuo dispositivo e sul reclamo in un unico luogo.
  • Hai già acquistato Samsung Care+ for Business? Crea un account e attiva il piano nella console Samsung Care+ for Business.

Altri prodotti e servizi

[Image] Logo di altri prodotti

Soluzioni moderne per soddisfare le tue esigenze specifiche.

  • Ricevi supporto tecnico efficiente da parte di un account manager dedicato con Enterprise Tech Support.
  • Crea dispositivi su misura per la tua azienda utilizzando Samsung Software Customization Service.
CONTATTA L'UFFICIO VENDITE