SAMSUNG KNOX – Gear up for Enterprise Security with Samsung Phones

Helo Audience, this is a great news for people who have high end smart phones – ANDROID. Many of us (Including me) must have felt that we should be equally treated with people having IPHONE or a Blackberry when it comes to using Enterprise Applications in Mobile Phones for ex: GOOD application which is used in IPHONE as an Email App.

Now, Samsung has come up with a unique security style which help keeps the enterprise data more secure in Samsung Smart Phones and the Good news is that SAMSUNG Galaxy S4 might have this feature soon. But for this security style to be part of mobile phone it needs a Special Hardware inbuilt.


Samsung Knox

KNOX creates a container on an Android handset with its own calendar, email, web browser and applications, entirely separated and protected from the user’s own personal data. The corporate container is under control of the enterprise’s sysadmins, allowing employees to take their handsets to work and use them in confidence as long as they all come from Samsung.

KNOX needs additional hardware to provide proper separation and encryption, so it’s not going to work on just any Android phone but it will work on forthcoming Galaxy devices. So that’s the brand companies will be able to recommend to employees who want to subsidise the corporate IT budget by providing their own hardware.

The system is part of SAFE – Samsung For Enterprise – which is itself a component of the company’s ongoing campaign to ensure there’s no part of the mobile world without a Samsung logo on it.

While the containers used by KNOX are based on the “Security Enhanced” spin of Android, developed by the US National Security Agency, much of the usability comes from Centrify, which has provided single-sign-on and device management tech for a while. Centrify integrates with Microsoft’s Active Directory, and Samsung’s KNOX platform incorporates the single-sign-on API from Centrify.

Apps developers just need to get approval from Samsung and the enterprise that decides to deploy their software in order to run in KNOX containers; Centrify’s API smooths the user experience.

Features of Samsung Knox

Platform Security

Samsung KNOX™ addresses platform security with a comprehensive three-pronged strategy to secure the system: Customizable Secure Boot; ARM TrustZone-based Integrity Measurement Architecture (TIMA), and a kernel with built-in Security Enhanced Android (SE Android) access controls.


Application Security

In addition to securing the platform, Samsung KNOX™ addresses enterprise application and data security require-ments. The Samsung KNOX™ container provides security for enterprise data by isolating enterprise applications and encrypting enterprise data both at-rest and in motion.



Mobile Device Management

Samsung KNOX™ works with enterprise-preferred MDM vendor solutions and provides industry-leading security and management controls.


Samsung KNOX™ for Enterprise


Samsung KNOX™ Container The Samsung KNOX™ Container is an isolated and secure environment within the mobile device. Complete with its own home screen, launcher, applica-tions, and widgets, applications and data inside the container are separated from applications outside the container. This provides a powerful solution for the “data leakage problem” associated with the BYOD model.
Encrypted File System The Samsung KNOX™ container uses a separate encrypted file system completely isolated from applications outside the container. The data is encrypted using an Advanced Encryption Standard (AES) cipher algorithm with a 256-bit key (AES-256).
Virtual Private Network The Samsung KNOX™ container offers an on-demand FIPS-certified VPN client called per-app VPN. Per-app VPN provides enterprise IT administrators the ability to configure, provision, and manage the use of VPN on a per-application basis. The Samsung KNOX™ container VPN offers support for strong IPSec VPN encryption for most sensitive government agencies, including support for Suite B cryptography.
Posted By

Leave a Reply

Your email address will not be published. Required fields are marked *