Introduction to Samsung Knox
When I went searching for information about Samsung KNOX, I found some useful information mixed in with a heavy dose of marketing speak. From Samsung’s website, their one sentence summary of KNOX is “Samsung KNOX is a comprehensive enterprise platform based on continuously innovative mobile security technology.” What does that mean to the uninitiated person? Simply put, KNOX enhances the security found in standard Android, as delivered from Google. The next question to answer, then, is how. How does KNOX enhance Android’s security? Samsung divides the KNOX enhancements into 3 major categories: device security, management, and additional services. In this article, I will summarize these areas of enhancement. and provide links for more information.
Samsung refers to its device-level security features as the KNOX Workspace. KNOX Workspace provides both hardware and software features to enhance device security. For example, newer Samsung Android products have biometric fingerprint scanners, used for unlocking the device or making payments. On the software front, KNOX adds enterprise-level VPNs, bootloader and kernel enhancements, and encryption capabilities. The KNOX Workspace also adds the KNOX Container. Creating a workspace container allows a business to separate personal data from corporate data. Finally, KNOX Workspace supports Microsoft Workplace Join, which provides employee-initiated access to corporate resources using Active Directory authentication. More information on device security can be found on Samsung’s KNOX Device Security page.
KNOX management is centered around the KNOX EMM (enterprise mobility management) portal. To say that KNOX adds only mobile device management (MDM) is incomplete. In addition to device management, KNOX EMM includes identity and security management. KNOX EMM provides an administrative portal to manage employee’s apps, containers and devices. It also allows the IT administrator to implement company policies. Some of the functionality includes remote wipe, password reset, device storage encryption, and enabling or limiting the use of device features such as USB or Camera. KNOX MDM does not have all of the features that MDM-focused companies have, so you will need to shop around if the KNOX MDM features do not meet your needs.
Through Identity and Access Management (IAM), KNOX EMM provides a single sign-on (SSO) mechanism for convenient access to authorized business apps. IT managers can grant access to KNOX features, giving users authorization through SSO. For more information about the Management features of KNOX, please see the Samsung KNOX Management page.
Samsung also offers a Marketplace. This “app store” features consolidated billing, centralized administration and license management. KNOX-enhanced applications will be added over time, offering functionality not provided in standard Android applications. Additional information about the app Marketplace may be found here.
Samsung spends a lot of time in its literature talking about KNOX Workspace and EMM, but just as interesting are the features that are available to the application developers. The developer can utilize the KNOX Standard or Premium SDKs to build enhanced applications. Applications can be built to support geofencing, kiosk mode, CAC card readers, multiple users, security features and much more. Information on the Samsung developer program can be found at the Samsung KNOX app developer page.
Samsung is adding the functionality that an enterprise organization requires through KNOX. The administrator obtains the EMM console for managing devices and users; the developer has new options for functionality and security; and the end user gains device security for personal and corporate data.
As an organization that has been focusing on Android in the Enterprise since 2009, SDG Systems takes general interest in topics of concern to the business manager and user. SDG Systems offers software engineering services to implement KNOX-specific features, including KNOX customization. Please contact us for more information about our professional development services. In future articles, we will provide additional information on KNOX and Android in the Enterprise.