Hide Caption
KNOX icons on a Samsung phone demoed at Mobile World Congress.
Show Caption
Samsung dominated the news from the Mobile World Congress this week with the announcement of its KNOX platform. KNOX will ship in the second quarter of this year and is designed to set the bar for enterprise-grade mobile technology. To put it simply, KNOX is Samsung's attempt to out-BlackBerry the BlackBerry 10 along with Apple's iOS and become the dominant enterprise mobility platform.
What exactly is KNOX and how does it relate to Samsung's SAFE program?
Samsung introduced its SAFE program more than a year ago. The program is designed to offer enterprise IT groups the same kind of granular management features found in the classic BlackBerry devices and the BlackBerry Enterprise Server. Although only the recent Galaxy S III and Galaxy Note II ship with SAFE branding on the device, the program also incorporates some earlier Samsung products. In recent months, Samsung has waged an ad campaign to inform potential customers about the security features available in its SAFE-certified devices compared to other Android phones and tablets.
Surprising Legal Facts About BYOD - Searches, Seizures, And More
CITE Goes Live! Register for the CITE Conference & Expo, June 2-4, in San Francisco.
As I noted recently, the campaign positioned Samsung as a serious competitor to Apple in the enterprise market. Given that Apple almost never advertises (or even acknowledges) the enterprise chops of its platforms, I argued that the campaign could put Apple's enterprise leading position in jeopardy.
Although Samsung describes KNOX as "aligned" with SAFE, the company is making it pretty clear that KNOX and SAFE are two different entities. While SAFE is designed to offer 300+ security policies, the program is not as deeply integrated into devices or the Android OS as KNOX. In other words SAFE can be thought of as a subset of the capabilities built into KNOX.
To ensure an extreme level of device and data security, KNOX incorporates a special version of Android called SE Android that was developed by the U.S. National Security Agency (NSA). KNOX also incorporates integrity management services that ensure a device hasn't been tampered with or compromised. These are built into a device's hardware as well as implemented within the Android OS that runs on that hardware. All of this enables a level of security on Android higher than anything that has been released to the mass market to date.
That security combined with file level encryption allows KNOX to separate personal apps and content from business apps and data. The KNOX technology creating and enforcing that separation prevents files, content, or other data from being moved or copied from on container to the other. It also ensures that personal apps and malware cannot interact with business content. That security can work both ways and it ensures the privacy of personal data on a device that is managed by IT.
The KNOX container
Users can access the secure KNOX container via an icon on a device's home screen. Through IT management, access to the container can be restricted using enterprise credentials like an Active Directory user account. IT can also determine how long a user can access the KNOX container before being required to re-authenticate -- most likely after a period of inactivity.
