August 21, 2019

5 ways Samsung is tackling mobile security with Knox

Shane Schick

As we hurtle toward 2020, the range of mobile security threats targeting smartphone users — zero-day attacks, advanced persistent threats and ransomware — is only getting more varied and sophisticated. Fortunately, Samsung Knox has been evolving even more quickly to help provide defense-grade protection for both devices and the data that resides on them.

Although enterprises have always valued strong data encryption, it’s never been more critical than now. That’s because, in many cases, organizations have moved their most critical business systems and workflows to the cloud, and sensitive business data can be accessed and updated anywhere from smartphones and tablets.

These mobile-powered digital transformation initiatives yield significant benefits, helping enterprises become more agile, take greater advantage of analytics and deliver an improved customer experience. However, it means the mobile devices that business professionals use are tied even more directly to critical business outcomes — and that the consequences of falling victim to malware and other mobile security issues can be devastating.

No matter how mobility fits into an organization’s priorities and strategies, Samsung Knox is designed to provide enterprise leaders with the peace of mind and the flexible solution set they need in an increasingly mobile world.

Here are five key ways that Knox can keep your mobile devices secure.


1. Device integrity from the start

Any lingering doubts about Android’s ability to work in large organizations that put a premium on security have been laid to rest by the Samsung Knox platform. Knox provides enterprises with a rock-solid foundation as they begin a mobile initiative. A multilayered security platform, Knox extends up from the chipset (which features a Trusted Execution Environment) to the operating system (the integrity of which is verified at boot and during runtime) and application permissions.

The strength of the Knox platform is validated by global research firm Gartner, which gave the Knox version 3.2 a total of 27 out of 30 “strong” ratings in its May 2019 mobile security platform comparison report.

As governments and regulated industries continue to refine the security requirements to protect data and privacy, Samsung is committed to making sure the Knox platform can help enterprises achieve compliance and mitigate risks.


2. Business and personal data can coexist

One of the ongoing challenges of deploying mobile devices in the enterprise is recognizing that employees may want to run apps and store content for personal use in addition to accessing business applications and data.

In the past, IT often instituted device use policies that prohibited or limited the use of particular apps and content. Knox Platform for Enterprise (KPE) provides a more effective alternative by introducing features to isolate and encrypt business apps and data in containers, both at rest and in motion.

By deploying a separate enterprise container on the mobile device, administrators can ensure enterprise apps and data are protected against malicious apps inadvertently downloaded from third-party marketplaces and reduce risk of data leakage. If a device is lost or the employee leaves the organization, the dual persona provided by Knox Platform for Enterprise means the remote wipe tools can be used to erase the business partition and leave personal content and apps untouched.

Knox 3.3, released earlier this year, adds Knox Dual Data-at-Rest (DAR). Enterprises can now add two layers of encryption so that, whether a device is powered off or in an unauthenticated state, it can continue to be fully protected.


3. Streamlining configuration

Every business has unique needs, and line of business leaders are constantly innovating new ways to create value through mobile devices and apps. The challenge for IT departments has been keeping up with the customization that the business demands, and then provisioning, securing and updating large fleets of mobile devices.

Knox Configure addresses this hurdle head-on by offering a cloud-based approach to setting up a profile and pushing it to thousands or even tens of thousands of devices. This can all be done remotely, reflecting the day-to-day realities of large global organizations with highly distributed workforces. This simplifies IT’s job not only when devices are first deployed, but as changes to configuration are made over time.

Advanced configuration can improve both the user experience and the security of the device. Apps and settings can be preloaded so that everything is right there for the user from the moment they power up. To enhance security, device features that aren’t necessary for the specific business use case can be disabled or locked down. In a nutshell, Knox Configure lets you transform a smartphone into a fully customized business tool.


4. Simplifying mobile device management

As mobile usage at work has increased, most enterprises have moved quickly to invest in mobile device management (MDM) tools to help monitor and secure all the new mobile endpoints tapping into their network.

For small and medium-sized businesses that haven’t addressed this yet, Samsung Knox Manage provides an easy-to-use, cost-effective solution, handling everything from event-based management and device location tracking to app allowlisting and blocklisting.

Larger organizations don’t need to replace their existing MDM or enterprise mobile management solution (EMM), however, since Samsung Knox already integrates closely with all the leading solutions, including BlackBerry, Citrix, IBM MaaS360, Microsoft Intune, MobileIron, SOTI and VMware.

Knox 3.3, meanwhile, allows enterprises to configure EMM-based network platform analytics (NPA) tools to receive network statistics while the network is active and gather analytics efficiently for long sessions.


5. Staying current with updates and patches

Outdated device firmware represents one of the biggest points of vulnerability that can lead to malware infections and exploits. Managing the constant stream of patches, however, adds an additional burden on IT departments that may already be struggling to keep up with patching their desktop fleets.

Samsung Knox Enterprise Firmware-Over-The-Air (E-FOTA) not only helps IT teams deploy all the right patches on schedule, but also lets them conduct testing first to ensure compatibility between apps and the latest versions of their mobile operating system. Best of all, E-FOTA allows this to happen without user interaction, meaning they don’t have to stop or interrupt their work in order to receive an update. Even unattended devices can be addressed so they’re ready the next time employees turn them on.

Samsung Knox is the company’s commitment to ensuring enterprise customers’ data is safe on Galaxy mobile devices, providing IT administrators peace of mind, and users the freedom to work and play in any way they want.

Find out how to safeguard your enterprise with an incident response plan by downloading this free white paper.