Samsung planning Knox 2.0 for smartphones, tablets

Samsung's upcoming Knox 2.0 will have more security features and support more devices.

After releasing the first version of Knox security software after a long testing period, Samsung is working on version 2.0.

Knox 2.0 will offer more security features and work in more devices, said Jae Shin, vice president of the Knox Business Group in Samsung's mobile communications division. Shin did not provide details of the new features in Knox 2.0, but development of features will depend on user needs.

Knox is built on Android, and taps into the OS and chipset features to secure a device. Samsung has partnered with mobile-device management software companies MobileIron, AirWatch, SAP, Citrix, Centrify and Mocana to take advantage of Knox.

"When we give [Knox] to them, we have a minimum feature guideline," Shin said, adding that the companies adapt the security layer to match their mobile-device management software.

Knox now works with the Qualcomm chipset. Support for more chipsets, including Samsung's, is being built in, Shin said. However, he couldn't say if Knox would come to Windows Phone OS, which is also used by Samsung in some handsets.

The security software is in the Galaxy Note 3 and Galaxy Note 10.1 2014 Edition tablet, which became available last week in the U.S. The security layer is also being offered with some Galaxy S4 smartphones.

Knox represents a big push by Samsung to make its tablets and smartphones relevant in the bring-your-own-device environment. Enterprises also are looking for easier mobile device management tools.

For example, Knox features allow the creation of secure boot so only authorized applications are on the device. Knox can create isolated environments to run specific applications, which will ensure Android isn't compromised. Knox can also be used to establish secure VPN (virtual private network) connections, or to prevent keylogging or hacking. Samsung takes advantage of the TrustZone hardware-based security layer to store security keys and create isolated environments.

"Knox is an attempt by Samsung to do what Google should've done with Android a year ago, which is secure it," said Jack Gold, principal analyst at J. Gold Associates.

Users also bring non-Samsung personal devices into business environments and the security features need to be on more devices for a more manageable BYOD environment, Gold said.

One of Samsung's challenges with Knox is to deal with a diversity of handsets running different versions of Android with different OS upgrade timelines, Gold said.

Samsung is pushing Knox to wireless carriers, which will offer the security layer to customers. Canadian wireless carrier Bell last week said it will sell Knox-enabled Samsung mobile devices to its customers in vertical markets.

Samsung is also trying to woo developers in an effort to push its Galaxy smartphones and tablets into the enterprise. Samsung has released programming tools for Galaxy devices to members of its Solutions Exchange, a program announced last month to help companies write and deploy mobile applications.

LG earlier this month announced Gate security technology for smartphones, and will battle with Samsung to attract enterprise adoption.

The Knox service is available worldwide, Shin said. But the BYOD trend varies in different countries, affecting which security features and mobile-device management tools are deployed.

For example, people in Germany value privacy and don't want employers to track any usage or application information, Shin said. In the U.S., users want the freedom to use social networking and other applications at work that they also use at home. In South Korea, users like to wall off personal and corporate applications.

Knox was originally announced in February at the Mobile World Congress trade show.

Agam Shah covers PCs, tablets, servers, chips and semiconductors for IDG News Service. Follow Agam on Twitter at @agamsh. Agam's e-mail address is agam_shah@idg.com

FREE Computerworld Insider Guide: IT Certification Study Tips
Join the discussion
Be the first to comment on this article. Our Commenting Policies