Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BLOG: The truth about Samsung Knox for Android security

Galen Gruman | Nov. 6, 2013
The higher-level security technology for select Android devices isn't really available yet, despite the hype

Finally, you need to activate the Knox service on your device; otherwise, it won't work. The good news is that the MDM provider will activate the service for you. The bad news is you'll pay a monthly per-user surcharge to the MDM vendor to work with Knox, a fee charged by Samsung. The MDM vendors that will soon support Knox and be able to sell you Knox activation are Absolute, AirWatch, Centrify, Citrix Systems, MobileIron, SAP, and Soti. Fixmo already has its agreement in place and is offering activations -- for trial deployments. The Samsung-imposed fee's amount has yet to be determined, Samsung says; Fixmo's Knox offering is in trial mode so there are as yet no fees for it. Check with your MDM vendor on its expected availability and surcharge.

Today, almost no MDM vendors have an agreement in place to activate Knox, so with the one trial exception you can't actually use Knox even if you have a compatible device, the Knox software, and a compatible MDM server. Several MDM vendors tell me they expect to work out the required licensing deals with Samsung in the coming days and weeks, so you should be able to finally use Knox this year on compatible devices -- if you're willing to pay.

How Knox relates to Samsung's SAFE security technology
Samsung advertises Knox as a feature in its Samsung Approved for Enterprise (SAFE) technology suite. SAFE is essentially a supplemental set of APIs to the ones Google has in Android, allowing more security and management options to be managed by an MDM server. It also provides 256-bit encryption rather than stock Android's 128-bit.

Knox is placed in the SAFE umbrella by Samsung's marketing, but whereas most recent Samsung devices support the added SAFE APIs and higher encryption level, they do not support the Knox container or its extra management APIs. A Knox-compatible device supports all SAFE technologies, but a SAFE-compliant device does not necessarily support Knox.

Be careful when buying Samsung devices as to what security each actually supports, and decide whether you really want to pay extra for Knox, and if so for which users.


Previous Page  1  2 

Sign up for CIO Asia eNewsletters.