Samsung KNOX provides security hardening from the hardware to the application layer for IT departments which implement Bring Your Own Device (BYOD) strategies. Announced in February, Samsung KNOX is expected to be available in selected Samsung GALAXY devices from Q2 2013.
At the heart of the product is the Security Enhanced (SE) Android which enforces mandatory access control (MAC) in the device. Through SE Android, business and personal use of a mobile device are separated at the application layer. Also included in the package is file system level encryption, protecting user data from data leakage and opportunistic malware attacks.
The Samsung KNOX container can be accessed through an icon on the home screen. A variety of enterprise applications are available to the user in a secure environment. This includes contacts, calendars, collaboration, CRM and email. With KNOX existing Android applications are automatically validated and integrated into the enterprise environment without changing the application source code. This means that application developers are not required to develop enterprise features such as FIPS compliant VPN, Smart Card based multi-factor authentication, on-device encryption, Active Directory support and Enterprise Single Sign On (SSO).