Samsung has announced a slew of improvements to its KNOX enterprise security product at this year's Mobile World Congress. For starters, users can now manage two separate secure containers per device, ideal for consultants with multiple clients or people who just want to better separate work data from personal files.
The total list of changes goes much deeper.
- Two separate secure containers per device, for example, for consultants who work for several companies or doctors who work for several clinics.
- No more need to wrap apps inside a container. This means many more apps for users.
- Any app from Google Play that supports Android’s multi-user framework can be installed and used inside the secure KNOX containers; IT Admins can use app whitelists and blacklists to control what can be installed.
- A faster and easier way to activate a secure KNOX container on a device.
- Controlled sharing of data, like Contacts, Calendar events, Notifications, and Clipboard data between the personal and container spaces, configurable to meet enterprise security requirements.
- Real-time monitoring of the Linux kernel to protect against malware.
- Secure storage of encryption keys (including those for third party apps) and client certificates (including those for SSL authentication), in the tamper-proof TrustZone built into the device hardware.
- A multi-vendor VPN framework that lets enterprises choose third-party clients like SSL VPN.
- An open SmartCard framework that enables enterprises to choose from an array of SmartCard readers.
Samsung is also introducing the KNOX Marketplace, a place where enterprises can discover and purchase KNOX services and other SaaS apps. Centralized billing is available to make company payments easy to keep track of, and IT admins are empowered to determine which users get to use which apps. The latter comes thanks to the KNOX Enterprise Mobility Management initiative, Samsung's list of efforts to make its offering more compelling to small and medium-sized companies.
KNOX Enterprise Mobility Management:
- Cost savings through cloud-based services; avoiding the capital cost of on-premise labs, servers, and software
- A cloud-based admin console that provides enterprise IT Admins with control over enterprise mobile devices, user identities, user access privileges, role-based policies, and deployed apps
- Over 500 KNOX policies that can be set in areas such as containers, user passwords, apps that can be installed, licensing, Exchange ActiveSync accounts, data encryption, Attestation, TIMA, SE for Android, SSO, and VPNs
- A cloud-based user console that provides device users with the power to manage their own devices, apps, activities, and profiles
- Single Sign On (SSO), to enable device users to log in only once using their credentials; apps requiring user identification can leverage the provided user credentials
- Tight integration with KNOX Marketplace, to enable purchased licenses to be readily available in the EMM Admin console
- Cross-platform support for both iOS and Android devices (Samsung and non-Samsung)
KNOX should now do a better job of just plain making devices safer. The nitty-gritty details are available in the source links below.