Samsung Knox
| Samsung Knox | |
|---|---|
| Basic data
|
|
| developer | Samsung |
| Current version | 3.5 (February 2020) |
| operating system | Android |
| category | Mobile security solution for companies |
| German speaking | Yes |
| www.samsungknox.com | |
Samsung Knox is a mobile security solution for businesses. The name "Samsung Knox" is based on Fort Knox .
Knox solutions
Knox consists of five components that address the configuration, registration, device management, containerization and (remote) maintenance of the mobile operating system.
Knox Workspace ("Knox Platform for Enterprise")
Samsung Knox provides a security container with which business and private content can be stored in isolation from one another on the same device. With a PIN code , password or biometric authentication, the user can quickly switch from personal to business work. According to the manufacturer, Knox is fully compatible with Android , ensures reliable separation of work areas and protects against all serious security gaps in Android.
Initial setup ("Knox Mobile Enrollment")
Company-specific settings can be made automatically when the device is set up for the first time. A company's devices are recognized by the serial number.
It is also possible to configure dedicated devices for single use. Thus, for. For example, the use of the device can be restricted to certain apps for employees on call.
Mobile device management ("Knox Manage")
Knox gives IT administrators the ability to manage devices, but prevents access to personal data. With mobile device management (MDM), security policies can be activated such as password policies, positive or negative lists for apps and restrictions on data transfer.
Furthermore, Microsoft Active Directory support to existing Group Policy also apply to mobile devices.
Operating system patches ("Samsung E-FOTA")
FOTA stands for " Firmware Over-the-Air ". The "E" stands for "Enterprise". Since a current Android version including all security updates is essential for mobile security, these can be controlled by IT regardless of location and carried out at a specified time ("Forced Update").
Configuration ("Knox Configure")
Knox Configure covers the requirements of mobile application management and enables, for example, whitelists and blacklists of mobile applications. In addition, access data can be preset, software licenses can be managed and mobile phone billing can be controlled.
Access to Exchange Server
Knox supports Exchange ActiveSync for access to Microsoft Exchange Server .
safety
Encryption
The security container uses 256-bit AES encryption . Only with correct authentication on a Samsung device will the data be decrypted.
Warranty bit
When Knox detects that a different boot loader or kernel has been installed on the device, the one-time programmable "warranty bit" is changed, which is comparable to a blown fuse. After that it is no longer possible to create new containers or to retrieve existing containers.
user
- In October 2014, the US National Security Agency (NSA) endorsed the use of Samsung Galaxy devices in a program for quick installation techniques on commercial devices. The recommendation applies to the devices Galaxy S4 , Galaxy S5 , Galaxy S6 , Galaxy S7 , Galaxy Note 3 , Galaxy Note 10.1 .
- In June 2014, 5 Samsung devices were added to the Defense Information Systems Agency (DISA) list of Approved Devices for Sensitive Use . The DISA is an agency of the United States Department of Defense . This list contains commercial technologies that may be used for defense purposes.
criticism
- In October 2014, it was discovered that the original My Knox app was saving PINs as unencrypted text.
- In May 2016, Israeli researchers Uri Kanonov and Avishai Wool found three vulnerabilities in certain versions of Knox.
Web links
Individual evidence
- ↑ What's new in Knox 3.5? Samsung, accessed May 9, 2020 .
- ↑ Hubert Nguyen: Samsung KNOX Provides Privacy To BYOD Users . UberGizmo. February 25, 2013. Retrieved October 15, 2017.
- ↑ Michel Anders: Using Samsung Knox for Enterprise Mobility. Retrieved June 21, 2019 .
- ↑ Knox Workspace . Retrieved October 15, 2017.
- ^ David Goldman: Samsung targets BlackBerry with Knox . CNN Money. 12th March 2013.
- ↑ MDM integration . Retrieved October 15, 2017.
- ↑ Data encryption on the device . Retrieved October 15, 2017.
- ^ John Ribeiro: NSA approves Samsung Knox devices for government use . computerworld. October 21, 2014. Retrieved October 15, 2017.
- ^ John Ribeiro: NSA approves Samsung Knox devices for government use . pcworld. October 21, 2014. Retrieved October 15, 2017.
- ↑ Samsung Knox isn't as secure as you think it is . TechRepublic. May 31, 2016. Retrieved October 15, 2017.