RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

Samsung Knox

Product
Developers: Samsung Electronics
Last Release Date: 2019/02/14
Technology: Mobile Device Management (MDM),  IB - Authentication

Content

Samsung KNOX is a cloud-based enterprise solution that provides easy use of enterprise Android devices and corporate information security management. The strict KNOX EMM Single Sign-On (SSO) authentication system ensures the convenience and security of the working environment for employees. MDM administration allows you to synchronize your company's mobile infrastructure, configure it, and strictly follow corporate information security rules. KNOX is based on several technologies at once, including KNOX Container + AFW, KNOX Framework, Knox Security Enhancements, TIMA, Secure Boot/Trusted Boot and ARM TrustZone Hardware
.

2021: Integration with Headwind MDM

Samsung on July 1, 2021 announced that it officially recognized the Headwind MDM software system from Headwind Solutions as capable of managing Knox-based devices. The program system can work with use of mobile expansion Knox (Knox Mobile Enrollment). More details here.

2019

Knox Validated Partner Program

In October 2019, Samsung announced its Knox Validated program as the main component of the recently launched Samsung Knox Partner Program. As part of the program, Samsung tests its partner's solution based on a comprehensive set of criteria. Solutions that meet all mandatory requirements have been tested and approved by Samsung as having implemented all the key features of Samsung Knox products, for example, the Knox Platform for Enterprises and Knox Mobile Enrollment.

Credit Managers Mobile Workplace

  • Goal: Automate and streamline the Customer Manager workflow
  • Solution: Using Samsung mobile platform with Knox technology to access information resources.

Benefits:

  • Optimization of the manager's working time;
  • Automatic scheduling of mobile employee meetings and calls;
  • Online access to customer information
  • Remote processing of applications for bank products, working with client documents (instant capture of the form and document recognition - implemented with a partner solution);
  • Control of the employee's work and location;
  • Data protection using Knox technology;
  • Data transmission over a secure link (VPN).

Alternative solution to stationary workplace

  • Goal: An alternative solution to a desktop or laptop on a tablet with cost savings and no loss of functionality
  • Solution: using Samsung mobile platform with Knox technology to access information resources of the company

Benefits:

  • Optimization of used equipment (3 in 1);
  • Mobility of the workplace;
  • Work with office applications;
  • Remote access to information systems via a secure communication channel;
  • Availability of basic functions (Drag & Drop, Copy & Paste);
  • Possibility of connection of additional monitor (support of operation on two screens);
  • Support for various VDI solutions;
  • Data protection using Knox technology.

Information stands

  • The goal: to speed up the procedure for servicing visitors to bank branches and simplify the process of familiarization with the offered products;
  • Solution: using Samsung mobile platform with Knox technology to access information resources

Benefits:

  • Advising visitors with mobile devices - demonstration of bank products/presentations;
  • Operational access to internal systems;
  • Create a kiosk mode with access only to the required applications/resources;
  • Placement of mobile devices in "anti-vandal" racks (partner solutions) to prevent damage/theft;
  • Remotely configure and update content;
  • Data protection using Knox technology.

Mobile collectors

  • Goal: Automate the workflow of collectors with the introduction of mobile solutions
  • Implementation: use of mobile platform Samsung(including secure devices) with Knox + ON client technology

Benefits:

  • Optimization of working time and routes of collectors;
  • Application operation in "kiosk" mode;
  • Recognition; barcodes
  • Sending data over a secure channel;
  • Data protection using the capabilities of the Knox platform;
  • Track location by. GPS

Service Managers

  • Purpose: to automate the business process of the service manager when managing buildings and structures
  • Implementation: using the Samsungstechnology mobile platform Knoxand client application

Benefits:

  • Create online Trouble Recovery/Room Maintenance Request;
  • Monitoring of current applications at facilities;
  • Inspection and photo recording of the object state (by checklist);
  • Performance monitoring;
  • Determining the location of the service manager;
  • Operational fault rectification and TT closing as a result.

Integration with ALE Rainbow and Samsung DeX

On February 14, 2019, ALE (Alcatel-Lucent Enterprise brand), together with Samsung Electronics Singapore, announced a strategic partnership and the development of an integrated mobile solution that will help companies create the working environments of the future. More details here.

2017: Samsung refuses to protect information on smartphones

Samsung announced in November 2017 the abandonment of the My Knox user data protection service. From December 19, 2017, support for the service, which helped protect payment data and find a smartphone in the event of its theft, will be stopped. This is stated in the official letter that many users of the service received today.

My
Knox can be used on your mobile device until you uninstall this application. However, it will not be possible to log into the My Knox portal for remote device management (for example, to reset My Knox password or unlock My Knox), "the message says
.

The closure of My Knox indicates the refusal of the smartphone manufacturer from system protection of user data. It is possible that alternative options will be offered in return, but[1] has not yet[2].

2016: Samsung expands KNOX platform

Samsung is expanding the KNOX platform to a set of specialized business tools that go beyond a mobile phone. The updated version of Samsung KNOX will go beyond mobile devices and will become the basis for all corporate Samsung solutions and services. It adapts established mobile practices to corporate security and device management requirements and provides a set of intuitive tools for implementing enterprise policies on devices.

Reliability and compatibility with more devices

An important step in the development of Samsung KNOX was that now it can provide security on Samsung devices - from flagships to a large number of models of smartphones and tablets of an average price level. In addition, the platform has become available on wearables such as the Samsung Gear S2. This means that even more users will be able to take advantage of Samsung's security platform.

Expanding the Platform for Better Collaboration

Samsung KNOX was created for multi-platform interaction and work with existing IT assets. This strategy will now extend beyond Android, covering the Tizen operating system. Samsung KNOX also works smoothly between Internet of Things devices, open software interfaces and development kits. In addition, KNOX supports more than 120 enterprise mobility management system providers worldwide. The platform is compatible with all popular access solutions with single sign-on and virtual enterprise networks, which ensures compatibility with the deployed infrastructure and allows companies to maintain investments in IT.

Even Greater Security and Mobility

Samsung KNOX protects devices at all levels - from physical components to software and applications. The platform will become the basis for all Samsung corporate services, including solutions for healthcare, automotive, finance and other segments.

2015: KNOX integrates into HID Mobile Access

On May 14, 2015, it became known about a partnership agreement between Samsung and HID Global, the purpose of which is to provide organizations with the possibility of safe access to premises through the KNOX 2.4 mobile platform, which will be integrated into Samsung's smartphone.

Businesses will be able to deploy HID Mobile Access using the Android mobile platform.

Smartphone screen asking for KNOX system password

2014

Samsung Knox 2.0

Samsung announced in February 2014 the release of the second version of the Knox 2.0 platform, which increases the security of mobile devices in corporations, the company said in a blog post.

Technically, Samsung Knox allows you to create a secure environment in mobile devices - a "container" for running pre-selected applications and storing important data, the data of which is ensured at the system level. Information stored inside is protected from unauthorized access, malicious software and. phishing Samsung Knox allows you to use a separate chip to verify the integrity of the system and container, which does not allow you to access files stored in a protected area in the event of attempts to hack the system.

Knox 2.0 introduced new capabilities for IT departments of enterprises, as well as improved data protection: improved management of TrustZone security certificates, created the Knox Key Store encryption key store, introduced two-factor biometric authentication, according to the company.

Knox 2.0 will go on sale in the second quarter of 2014. From the previous version of Knox, users of the system will be able to upgrade with the upgrade to Android KitKat. The new flagship Samsung Galaxy S5 smartphone, announced at the MWC-2014 congress, will be delivered with a pre-installed Knox 2.0 system.

Samsung Knox 2.0 для Galaxy S5

On June 26, 2014, it became known about the release of the second version of Samsung's Knox platform. Its advantages can only be used by owners of the Galaxy S5 smartphone.

The Knox platform uses the Android version with advanced security features, creating an isolated "container" that separates data and applications used at work from personal data. To use Knox, IT services must first activate the appropriate functionality.

Among the new features are dedicated Marketplace application storage, cloud management environment and certificate management features that turn a smartphone into a smart card.

The platform is compatible with independent developer containers, in particular with the Good safe container, as well as with Fixmo SafeZone and MobileIron AppConnect containers, providing the same level of hardware protection as Samsung's own container. The ultimate goal is to provide IT services with a wider range of tools when implementing or expanding BYOD programs.

The new billing function will help operators separately calculate the cost of using a smartphone for professional and personal purposes.

The Knox 2.0 platform is integrated with the Galaxy S5 fingerprint scanner, but this authentication procedure was compromised by the fingerprint.

2013

Samsung SAFE for Enterprise

The company Samsung announced in the spring of 2013 an improved version of SAFE (Samsung for Enterprise), a management and security system for its and smartphones tablets with. In Android this version, the toolkit was named KNOX, named after the famous Fort Knox repository in Kentucky, which contains most of the gold reserves. USA

Users of Samsung smartphones and tablets thanks to KNOX will soon be able to apply the principle of "dual personality," or containers, when corporate and personal data are stored in isolated sections of Android.

According to Samsung, KNOX is not a hypervisor, the software operates at the level of the basic Android I/O system, encrypting the file system and protecting against viruses and data leaks.

"Thanks to the enterprise-level one-time login system and dozens of other SAFE improvements, users get a strengthened version of Android, which eliminates all the main security gaps in the operating system," said Timothy Wagner, general manager of corporate sales at Samsung.

The company has implemented more than 700 programming interfaces through which IT departments can create their own BYOD policies for Mobile Device Management (MDM) systems offered by Mobile Iron, Juniper, AirWatch and Sybase.

The number of APIs in the previous version of SAFE was more than half as much, according to Samsung. New interfaces offer great opportunities. For example, the MDM system can be configured so that the doctor cannot access the patient's personal data on the Samsung device when, according to GPS readings, he left the hospital.

Wagner acknowledged that Android is known for its security problems and suffers from fragmentation - splitting into numerous versions offered by various device suppliers and operators.

According to him, the principle of containers implemented by KNOX will not allow the hacker to disable or disable a smartphone that is in personal mode; the system continuously monitors both containers - personal and working.

The KNOX icon will appear on the homepage of Samsung smartphones, which will be released in the second quarter. The system will require authentication to access work applications, e-mail and other enterprise tools. Sisadmins will be able to configure KNOX so that after a given period of time, re-authentication is required.

The company BlackBerry recently announced the Balance system, which also creates two "personalities" in BlackBerry 10 on the new Z10 smartphone. But added one more level of safety to BlackBerry - customers have to install in the organizations the program system of BlackBerry Enterprise Service 10 under protection of the corporate firewall.

Other MDM developers offer the ability to create containers using hypervisors. A similar system, for example, was created at Red Bend Software and is going to test it on the Samsung Galaxy S III in corporate environments.

According to Wagner, KNOX can be installed on some of the current Samsung devices.

Some analysts suggest that Balance BlackBerry provides more robust protection than SAFE.

When asked about the comparison of Samsung with BlackBerry, Wagner replied: "We offer a fairly wide choice of formats and prices, and also cooperate with a large number of MDM developers, so Samsung is confident that they are able to go ahead much faster than rivals."


In December 2014, researchers from Israel's Ben Gurion University reported the discovery of a serious defect in Knox that allows reading emails and writing negotiations, but after analyzing the problem, Samsung said that the researchers only used the well-known method of attacking through an intermediary to intercept unencrypted data transmitted over the network. There was no defect in the Knox platform, according to the company.

Samsung Knox mobile security solution approved by US Department of Defense for use in government networks

Samsung Electronics announced in May 2013 that its innovative mobile security solution Samsung Knox was approved by the US Department of Defense for use in the country's government networks. This happened immediately after the successful completion of the test, which was conducted by the Information Systems Agency of the US Department of Defense (DISA).

After approval, devices with the Samsung Knox pre-installed application will be approved for use by the US government and military officials in the networks of the US Department of Defense. Security standards for mobile operating systems and applications in government are among the highest in the world. Thanks to Samsung Knox Android devices for the first time in their history began to meet such high protection requirements, the company notes.

"The official approval of the US Department of Defense allows organizations in various industries that require security standards, such as health care and the financial sector, to also take advantage of Samsung Galaxy smartphones and tablets protected with Samsung Knox in their daily work," said J. K. Shin, president and chief executive officer of IT and mobile communications at Samsung Electronics. - Samsung Knox provides fundamental security at the platform level, while the convenience of the user interface remains at its height. "

The flagship Samsung Galaxy S4 smartphone, which recently became available worldwide, is the first mobile device with Samsung Knox pre-installed protection system. In the future, all premium smartphones and tablets of Samsung will be delivered in this configuration.