Like all containers, My Knox lists what you can do inside it and what apps you can run. That's because apps need to support the policy restrictions used by the container's management server.
Android lets you run multiple copies of the same app, so you can have, say, Email in both your personal and business workspaces, each accessing different email accounts. Of course, that means you won't get the badge for new work emails on the Email app in your personal workspace.
But you will see all your email in the Notifications tray, with a lock icon representing those in the My Knox container -- if you enable the Quick Mode Change option in the Knox Settings app. If you tap a notification for an item in the workspace you're not currently using, you're switched to that workspace, and a password is requested if you haven't used that container in a while (you define that period in preferences).
The gotchas of using My Knox
The My Knox app runs in only a few Android devices, all from Samsung: the Galaxy S6, S6 Edge, S5, and Note 4. Even if you like the idea of My Knox, you probably can't use it.
Samsung told me that My Knox is more open to running apps than other containers because the workspace itself provides the necessary protection. The app's description in the Play Store suggests you can install any app you want in your business workspace. Neither is really true. You can install only compatible apps into the My Knox container, and there are at most a few dozen.
The good news is that most of the standard basic Android apps fall into that list, from Email to Flipboard and Twitter. But not all standard Android apps will run in it, such as Gallery.
Because My Knox is a container, it restricts what you can do in that container, not only contain IT's reach within it. For example, you can't copy or cut text to paste into your personal workspace's apps. You can't even take a screenshot of anything in the work container.
Also, there are no tools for setting the policies imposed by My Knox -- not even from the My Knox management website. (That website, by the way, isn't designed for use on smartphones, a bizarre omission for a smartphone maker.) Samsung says it has no plans to let users configure My Knox policies.
If your company uses Samsung's Knox EMM mobile management server or has an MDM server that supports Knox (very few do, though most major MDM providers have been saying since last year that they intend to do so in the future), don't plan on connecting My Knox to that IT-managed server. It very likely won't work.
Sign up for CIO Asia eNewsletters.