The School Of Hard KNOX

At Mobile World Congress, Samsung announced an end-to-end secure Android solution that provides security hardening from the hardware through to the application layer called KNOX. This announcement is another indication of the evolving world of security that is being driven by the adoption of mobility and cloud computing. In the old days of the networking, we protected corporate data by placing it behind a firewall. In the new era of mobile and cloud computing, corporate data increasingly moves between mobile devices, the cloud and the corporation.

KNOX incorporates security enhanced (SE) Android developed by National Security Agency (NSA), and integrity management services implemented in both hardware and the Android framework. At the application layer, KNOX offers a container solution that separates business and personal use of a mobile device. The Samsung container and container strategies from other mobile management vendors, such as VMware and Good Technologies, are meant to provide robust security while allowing the consumer to use its personal applications as it normally would. Samsung’s container also helps IT and developers deploy applications quickly and securely because it requires zero change to the application source code.

The evolving world of security

It’s now fundamentally more difficult for corporations to protect corporate resources. The recent Sophos 2013 Security Threat Report said “Another trend we are seeing is the changing nature of the endpoint device, transforming organizations from a traditional homogeneous world of Windows systems to an environment of diverse platforms. Modern malware is effective at attacking new platforms and we are seeing rapid growth of malware targeting mobile devices. While malware for Android was just a lab example a few years ago, it has become a serious and growing threat. With this in mind, IT organizations should secure their Android devices against malware, data loss, and other threats”.

It makes sense for Samsung to take matters in its own hands and attempt to secure the Android operating system to stimulate business demand. It’s noteworthy that Samsung and Blackberry are discussing security at the device, operating system and application layer. Blackberry’s Balance and Samsung KNOX both allow IT to separate and secure corporate data from an employee’s personal data. The challenge for enterprises today is that they need to manage and secure more than Samsung and Blackberry devices. Enterprises will have a mixture of devices and will most likely select either a mobile device management or a mobile application management solution to help them support all major operating systems from a wide range of device manufacturers. However, it’s still important and necessary for all device manufacturers to directly focus on preventing security issues within mobile platforms.

What does KNOX mean for the mobile and the security industry?

My take is that the Samsung news represents the new reality of mobile security. It’s not enough for a IT to say “I’ll secure the device” and it’s not enough to say “I’ll just secure the content”. Security must be built into every layer of the communications from the device, through the cloud and into the corporation. Many customers I speak with are building Apple iOS strategies and are contemplating the future of Blackberry support. Businesses are also looking for a way to secure and manage the Android environment. KNOX provides one method for this but only if you are using Samsung devices. The reality is the device landscape will continue to be heterogenous and firms will need enterprise mobility management solutions that can handle the breadth of operating systems.

What should businesses do?

IT leaders should define what apps will be accessed on mobile devices, what kind of data will be stored on the device, as well as what regulations the business is required to support. CIOs need a comprehensive mobile-security solution that provides protection on four levels by preventing unauthorized access to:

1) The device and its data –including data on removable storage

2) Data as it transits the network,

3) The corporate network and

4) Securing the application and/or content if necessary.

IT leaders should look for mobile management solutions that support centrally defined and distributed security policies, device and removable-media encryption and two-factor authentication such as biometrics if deemed necessary. Solutions should also provide containers, app wrapping or some technique that allows IT to separate and manage corporate data on BYOD devices. While a company might choose lighter security constraints, it is important that the vendor a business selects offers a rich portfolio of security solutions in case the company’s needs change. Mobile is the new reality and mobile security solutions are evolving to meet this demand.

How are you securing mobile today and do you feel any safer? Post a comment here or send me a message on Twitter @MaribelLopez.


Maribel Lopez is the CEO and mobile market strategist for Lopez Research, a market research and strategy consulting firm that specializes in communications technologies with a heavy emphasis on the disruptive nature of mobile technologies. AT&T has sponsored this blog post.

Maribel Lopez CEO Lopez Research About Maribel