samsung-knox-work-and-play

Galaxy S4 to Be the First Enterprise-Ready Samsung Phone with ‘Knox’ Security Features

March 14, 2013 - Written By Lucian Armasu

With the launch of the Galaxy S4, Samsung is going to try to attack the enterprise market that has been mainly owned by Blackberry, and increasingly by the iPhone in the past few years. Their enterprise solution is called SAFE, as in “Samsung for Enterprise”, while Knox represents a suite of security features that this solution will have.

Knox will include security features such as Security Enhanced Android, which is something that NSA and the US Army uses, too, and was modeled after SE Linux. It’s meant to close as many  security gaps as possible to limit the ways in which an attacker can exploit that OS. Knox also includes secure boot (something that has gained popularity lately with Chromebooks, Windows 8 and Linux), TrustZone-based Integrity Monitoring (a hardware feature enabled by ARM themselves) for protecting the kernel and Single Sign On (SSO) for secure logging into applications.

130311043232-samsung-knox-620xa

One more important security feature for enterprise that Blackberry has been using for a long time is the ability to separate the work environment on the phone from the personal environment. This could be done by using one of the two environments in a separate virtual machine. The international version of Galaxy S4, which comes with Cortex A15, should also support hardware virtualization, which would make the “safe” VM work a lot faster. I don’t think the S600 chip that they will use in US has that, but it should still work without it, but perhaps a little slower.

These security features are definitely impressive, and they should surpass whatever anyone else is doing right now in the enterprise market with mobile devices, including Apple, and Samsung is probably going to invest a lot of money in promoting these features to enterprise customers, because they know they can make a lot of money from it in return. One way to look at this is also that Android could finally become a major player in enterpise, with Samsung being the first serious Android company to tackle the enterprise market.

The only company that I could see doing even better than them in the future is Google. Google makes Android, they make the very secure Chromebooks (that haven’t been hacked yet) for enterprise, and of course a whole suite of Office apps and other cloud services. Google already has a foot in enterprise, just not so much with their own devices yet, but I think they will in the next couple of years, once they start crancking out high quality and secure Motorola devices.