• The Samsung Galaxy devices you love come ready for work right out of the box, thanks to KNOX. Switch between the KNOX password-protected workspace and personal apps with a tap of a button. IT can be confident that company data is secure and manageable, while employees will love the freedom to customise their device with personal apps and data, worry-free.

    Samsung KNOX offers a multi-faceted security solution rooted in the tamper-resistant device hardware, through the Linux kernel and Android operating system. The first line of defence against malicious attacks, Samsung KNOX is currently approved to run on US Department of Defense networks.

    Simple Management
    KNOX is conveniently integrated with your existing MDM, VPN and Microsoft Exchange ActiveSync, enabling you to tailor a security solution that best fits the needs of your enterprise. Or you can choose to manage Samsung devices using KNOX EMM that is completely cloud-based so it doesn’t require the capital costs of on premise hardware and software. Experience complete management capabilities without adding complexity, with over 500 supported IT policies available with KNOX and over 1,000 MDM APIs with more being added every day employees will love the freedom to customise their device with personal apps and data, worry-free.

    Powerful Apps
    Only secure, tested apps make it onto the KNOX workspace. A full collection of ready to use apps are pre-loaded including Contacts, Calendar, Phone, Browser, Camera and Email. Boost productivity with full access to download the latest mobile tools and apps through Samsung KNOX Apps.

    Secure Data
    Today, business is changing. Employees are 'always on' and always vulnerable. With malware and security breaches happening daily, you need a secure mobile platform that works 24/7. Your data at rest is secured using on-device encryption and SmartCard authentication. Protect data in transit with per-app VPN, and encryption keys. In the case of theft, remotely wipe devices and take advantage of our Absolute Theft Recovery service

    Android Lockdown
    KNOX is secured from the boot up. Only the KNOX-hardened Android platform protects your infrastructure with multi-level, hardware-to-application security via Trusted Boot and TrustZone-based Integrity Measurement Architecture (TIMA) to keep your business intelligence and network safe from hacking, viruses and unauthorised access.

    Secure Boot

    Secure Boot is a security mechanism that prevents unauthorised boot loaders and kernels from being loaded during the startup process. Firmware images, such as operating systems and system components, cryptographically signed by known, trusted authorities, are considered authorised firmware. Secure Boot is a component that forms the first line of defence against malicious attacks on devices with KNOX.

    Trusted Boot

    Trusted Boot on KNOX extends Secure Boot to further ensure kernel integrity. Trusted Boot uses the TrustZone, a tamper-resistant sector of an ARM processor. During the boot process, the TrustZone saves cryptographic fingerprints (called measurements) from all boot loader and OS kernels. At system run time, TrustZone apps on KNOX constantly compares all measurements. Critical security decisions are made based on the compared results.

    TrustZone-based Integrity Measurement Architecture (TIMA)

    Samsung KNOX introduces the TrustZone-based Integrity Measurement Architecture (TIMA). TIMA uses the TrustZone a tamper-resistant sector of an ARM processor. TIMA uses two techniques to ensure that the Linux kernel has not been compromised:

    Periodically verifies that the kernel has not changed, through measurements retrieved from the kernel and comparisons against the original factory kernel

    Authenticates kernel modules as they are dynamically loaded.

    Sources etc.