September 23, 2019

How is Knox Platform for Enterprise enhancing Android security?

Jim Haviland

The great news about digital transformation is that workers are now operating and conducting daily workflows from the palms of their hands. That also means they’re using their mobile devices for personal and business uses alike — which makes their data all the more susceptible to security breaches.

Your business is likely to rely on mobile for more use cases every month, quarter and year for the foreseeable future. If you have any chance of keeping all those devices secure while effectively doing the things you want them to do, you will need to employ automation and integration to configure, support and decommission them.

The greatest friction against digital transformation has been a combination of security and management concerns and the lack of suitable platforms that address them head-on. Knox Platform for Enterprise addresses these and dozens of other enterprise needs, and is doing so for many organizations already.  

If you have a mobile program that has any sort of special needs or design goals that you have compromised to work with the other platforms, it’s time to consider Knox Platform for Enterprise.

 

What is Knox Platform for Enterprise?  

Knox Platform for Enterprise (KPE) is the most comprehensive set of device technologies for securing and managing Samsung devices running Android and Tizen. Android Enterprise has adopted some of the original Knox features to make all Android devices more manageable and secure, but KPE provides significant enhancements, particularly around the integrity of the hardware, operating system and data security — features critical to risk-averse, security-minded and regulated industries like         healthcarefinancial services and government. The Knox platform is built into Samsung’s mobile devices, including smartphones, tablets and wearables.     

KPE includes additional features and controls that span a range of common enterprise wishlist items throughout the device lifecycle, extending standard Android and Android Enterprise. These features are aimed at enabling enterprise security and management practices that remove the need for IT and the business to compromise their goals to the limitations of less professionally oriented technologies.  

  • Comprehensive device management:  KPE includes application programming interfaces (APIs) that provide fine controls of all apps and settings, containerized workspaces and remote management at every step in the lifecycle        
  • Granular security controls: APIs also allow responsive security management and security postures that keep data safe, even as the device changes context       
  • Granular application controls: the most complete management control set available over the apps and settings     
  • Hardware-backed trusted environment: hardware-based protections against tampering with the kernel or certificate stores that render the device useless if tampering is detected     
  • Sensitive data protections and containerization: multiple levels of encryption and detection to protect data at rest, allowing mobile devices to be used with sensitive data  
  • Robust VPN and firewall options: on-board VPN, per app VPN and multiple third-party options that bring mobile devices into a security posture almost as hardened as the devices inside your facilities
  • Credential and certificate management: the most versatile credential and certificate management features available on a mobile device  

Each specialized use case or regulated industry use case will find one or more of the KPE features to be indispensable for supporting their digital transformation.  

 

Mobile device differentiator

KPE is built on top of Android, and is compatible with and dramatically extends Android Enterprise. A wide range of devices and form factors from Samsung integrate its security features, because those same devices are fully compatible with less enterprise-focused environments that gear towards consumer usage.

Android  

With over 24,000 device options and the overwhelming bulk of the world’s market share for smartphones, Android is the largest computing platform of all time. With each version of Android, additional layers of security have been added to the operating system and to the specifications for manufacturers. This adds security features and controls making the Android ecosystem less vulnerable. The Google Play store has added additional scanning and oversight to provide a reliable source of applications.     

Android Enterprise     

Since Android 5.0 (Lollipop), additional APIs, features and specifications have been added to Android that provide some of the original Knox attributes — offering control over encryption, connectivity configurations and over-the-air enterprise mobility management (EMM) enrollment, referred to as Android Enterprise. All the major EMM, mobile device management (MDM) and unified endpoint management (UEM) platforms support Android Enterprise. With an MDM/EMM/UEM, organizations have access to a range of enrollment and configuration options, split use, BYOD and kiosk modes. Many original equipment manufacturers now offer at least part of their device fleets that meet the minimum requirements to be certified as “enterprise recommended.” Providing a consistent EMM/UEM control set that includes many of the most necessary security controls has given enterprises all over the world the confidence to adopt Android devices, and has inspired loyalty and excitement from many IT admins.     

Knox Platform for Enterprise     

For a detailed comparison of the security and management features of Android Enterprise and KPE, including methods of configuration, refer to this chart.

 

Who benefits from KPE?  

The majority of organizations that are implementing KPE engage in the most regulated or security-focused endeavors. Government, public safety and military use cases are embracing the nearly impenetrable layered security that comes from Samsung’s implementation of hardware-backed encryption, kernel protection and certificate enrollment protocols. KPE is certified for use with the most sensitive government and military information across all the major North American and European countries and many others.  

The breathtaking pace of innovation in cyber threats, however, is making some of these features valuable to any organization with sensitive information. Social engineering attacks may be the greatest threats to your business — phishing attacks against mobile users have grown 85 percent every year for nearly a decade.

While many of these security and control features were developed for government agencies and military specifications, some of the biggest winners are highly regulated businesses, local governments and law enforcement agencies. With the range of Samsung devices enabled for KPE, regulation compliance and defense-grade security are available at nominal price points, and in form factors that make it easy to provide mobile enablement across an organization. Simple, fast and secure deployment options make management of a Knox-based mobile environment easier and more reliable than any other endpoint solution.

Whether your organization is highly regulated, has specific needs for control or oversight or you’re just looking to stay well ahead of a fast-changing cyber threat environment, KPE provides the security, control and versatility you need to move with speed and confidence through digital transformation.  

Find out more about how Knox Platform for Enterprise differentiates from Android Enterprise in our free white paper.    

[Icon] close

Get started with Samsung Knox

[Icon] suitcase
Are you a reseller, solution provider, or service provider?

Become a Knox Partner and grow your business today.

[Icon] info

Select a Knox product to start with:

All-in-one Bundle
Knox Suite
Rebranding and Customization
Knox Configure
Fraud and Theft Protection
Knox Guard
Device Protection Plan
Samsung Care+ for Business
Other products & services

Get started with

[Image] Knox Suite

All-in-one solution bundle for enterprise mobility.

  • Get a free 90-day trial for up to 30 devices.
  • A complete set of tools to secure, deploy, manage, and analyze your corporate devices.
  • Try powerful features bundled with Knox Suite.

Knox Suite includes:

Knox Mobile Enrollment Free
Knox Manage
Knox E-FOTA
Knox Asset Intelligence
Knox Platform for Enterprise Free
Knox Remote Support
Knox Capture
Knox Authentication Manager

Get started with

[Image] Knox Configure Logo

Rebrand and customize your Samsung devices.

  • Get a free 90-day trial for up to 30 devices.
  • Remotely configure Samsung devices in bulk and tailor them to specific needs, right out of the box.
  • Set up your devices for a one-time deployment, or update them as much as you want.

Get started with

[Icon] Knox Guard Logo

Fraud and theft protection for Samsung devices.

  • Get a free 90-day trial for up to 30 devices.
  • Reduce financial risks and protect assets by remotely controlling Samsung devices.
  • Try all the features of Knox Guard, including SIM control and device locking.

Get started with

[Image] Samsung Care Plus For Business Logo

Device protection plans for your Samsung devices.

  • Limit business interruptions with quick device repairs and replacements. Contact the Samsung sales team to get started.
  • See all your device coverage and claim information in one place.
  • Already purchased Samsung Care+ for Business? Create an account and activate your plan on the Samsung Care+ for Business console.

Other products & services

[Image] Others logo

Modern solutions to address your unique needs.

CONTACT SALES