Samsung Launches KNOX 2.0

Samsung Launches KNOX 2.0

Samsung today announced the worldwide commercial availability of its updated Enterprise Security and Management suite for Android – KNOX 2.0 – which is available first on the Galaxy S5, and with other Galaxy devices to follow via OS updates.

The original version of KNOX was first launched with the Galaxy Note 3 in late 2013, and offers additional controls and policies for IT Admins wishing to allow Android phones into the enterprise. KNOX brings a level of control to the enterprise by incorporating a secure boot chain and enterprise-controlled containers which allow both consumer and enterprise data to exist on the same device.

KNOX 2.0 evolves the feature set and branding, with the core platform and app container being re-branded to KNOX Workspace. The entire KNOX brand now includes KNOX Workspace, EMM, Marketplace, and Customization. The original KNOX 1.0 MDM is fully compatible with KNOX 2.0.

Changes to KNOX Workspace include:

  • TrustZone-Protected Certificate Management
  • KNOX Key Store
  • Real-Time Protection
  • TrustZone-Protected ODE
  • Two factor authentication support with Biometric Authentication
  • Enhanced Framework
  • Enhanced features for the KNOX container allowing support for all Android apps from the Google Play Store, eliminating the need to perform app wrapping for third party apps
  • Third party container support
  • Universal MDM Client and Samsung Enterprise Gateway to simplify user enrollment
  • Split-Billing
  • A multi-vendor VPN framework that allows a variety of 3rd party clients including SSL VPN
  • An open SmartCard framework that allows enterprises to choose from an array of smartcard readers

Most of these changes are to make the IT Admin’s job a lot easier, which in theory should increase adoption rate, but there is one change that is aimed squarely at the consumer – Split-billing.

Split-billing works with the SIM provider to allow separate billing for personal apps and company apps. Whether this is a good thing or a bad thing likely depends on whether your company pays your cell bill in full, or if they expect you to pay for it. It opens the door to allowing companies to only pay for their portion of the bill without using a dual SIM phone. It’s an interesting idea but I don’t think it comes with any sort of arbitration in the event there is a billing dispute between the employer and employee.

The other components of KNOX are:

  • KNOX EMM – a cloud-based MDM and directory service with single sign-on (SSO) including a set of policies for companies to implement
  • KNOX Marketplace – a marketplace for SMBs to find and purchase enterprise cloud apps
  • KNOX Customization – a way to create customized business to business solutions using off the shelf hardware

Clearly, Samsung has gotten a taste of the enterprise market, which is certainly a higher margin environment than the consumer market. Enterprises will pay well for a quality product with a decent return on investment, and of course Samsung would love to take some of the MDM management market share away from the likes of Blackberry and others, as well as get a hold in the BYOD market that Apple has done well with.

If you’d like to learn more, Samsung has released a white paper outlining KNOX here.