February 6, 2019

Android security in the enterprise: Fact or fiction?

Joel Snyder

Information Technology may be a fast-moving field, but reputation and rumors can live on long past their “sell by” date, and may never match up with reality. In the world of mobile devices, it took nearly five years for Android to really start firing on all cylinders when it came to enterprise-class security. IT managers are now coming around to understanding that they can trust mobile devices based on Android to be as secure as — if not more secure than — their Windows desktops and laptops.

Couple strong security with high speed multi-core CPU architectures, plenty of RAM and ample storage, and suddenly smartphones are becoming a credible replacement to laptops for mobile users (and sometimes even desktop workers). If you ask end users to choose between their smartphone and their laptop, guess what would get the boot? Yes, laptops are still extremely useful, but there’s one thing that everyone picks up in the morning and keeps with them all day — and sometimes even all night: their smartphone.

 

How did we get here?

Even if you know most of this history already, your CIO may not, so it’s worth taking a brief detour to see how we got here.


When Android first hit the streets, no one knew exactly where it would go, but it was quickly embraced by technology tinkerers and enthusiasts as an alternative to options from BlackBerry, Apple and Microsoft. The free and open-source OS option encouraged hardware vendors to explode on the market with new products to take advantage of this mobile-optimized operating system.

Enterprise IT administrators were slower to jump on the bandwagon. Knowing that Google couldn’t guarantee a path forward, even after purchasing Motorola, Android made few enterprise inroads. And, like all infant platforms, Android suffered from malware and other security problems, and so gained a problematic reputation.

Samsung, in a major “why not” moment, dove in to solving Android’s security concerns in an enterprise context with SAFE (Samsung for Enterprise), now known as Knox. Samsung pushed forward a broad-based program that eventually included hardware redesign, firmware changes, operating system and VPN security additions, as well as APIs to help the Mobile Device Management (MDM) marketplace build products to manage Android smartphones.

Fortunately, in addition to bringing considerable security expertise to the task, Samsung also embraced the open source spirit of Android along the way. That means that the security innovations out of Samsung’s Knox teams were constantly being fed back to Google and became widely available to all Android users.

Security-Enhanced Linux is a good example: first pushed into Linux by the US National Security Agency (NSA) in 2000, they were adopted into mainstream Linux in 2003. Samsung, in collaboration with the NSA, activated the mandatory access controls within SE for Android in 2012, with Google’s Android team going along with full adoption in Android 5 in 2014.

 

Android continues to strengthen

With years of accumulated development from security-conscious developers and companies like Samsung, Android users now have an enterprise-class security program surrounding their preferred smartphone, and for MDM vendors, who can deliver management of a wide variety of security features using a single API that works across multiple vendors.

The Android community continues to innovate in the field of enterprise mobile security. Developers and contributors are taking feedback from enterprise IT managers and deploying new security into Android to solve their needs.

For IT managers, the benefits are strong. Android security meets enterprise requirements and hardware manufacturers offer a broad spectrum of options — not just smartphones, but tablets, wearables, embedded devices and more. With Google’s Android Enterprise and Android Enterprise Recommended, as well as a surrounding MDM infrastructure, Android is now at a level where it’s a credible and secure platform for enterprise IT deployment.

The end result is that IT managers have a solid and manageable platform that can meet many needs. Obviously, smartphone users make up the largest fraction of Android users. With a combination of baked-in security (both hardware and software) and enterprise manageability through MDM tools, Android can be a base to widely deploy secure applications to mobile users — applications that used to be firmly glued to Windows desktops inside the corporate LAN.

In addition, the Android hardware and software base create new opportunities for embedded devices and applications that used to require specialized hardware and software. For example, rugged Android tablets in kiosk mode can be used for specialized factory floor or sales floor applications at a fraction of the cost of previous hardware/software platforms — with an even higher level of security features and management.

Android hardware and software isn’t always the answer to all questions. But for IT managers, the serious security infrastructure that has grown around the Android operating system creates an alternative platform that can simplify application deployment, reduce development and operations costs, and speed their ability to deliver mobile solutions for enterprise users.

Learn all the different ways Samsung Knox can support your enterprise’s security efforts.

[Icon] close

Get the right solution for your business

Join 25,000+ organizations around the world.

[Icon] suitcase
Are you a reseller or solution partner?

Get access to the Knox Partner Program for helpful partner tools, such as the Knox Deployment Program portal, Knox MSP portal, partner SDKs, and more.

[Icon] info
Unified Endpoint Management
Knox Suite
Rebranding and customization
Knox Configure
Fraud and theft protection
Knox Guard
Device protection plan
Samsung Care + for Business
Other products & services

Get started with

[Image] Knox Suite

All-in-one solution bundle for enterprise mobility.

[Icon] Check mark

Join us and get a 90-day free trial for Knox Suite and other Knox products. *Approval required

[Icon] Check mark

A complete set of tools to secure, deploy, manage, and analyze your enterprise's corporate mobile devices.

[Icon] Check mark

Try powerful features bundled with Knox Suite, such as Knox Remote Support.

Knox Suite include:

[Icon] Knox Platform for Enterprise Knox Platform for Enterprise
[Icon] Knox E-FOTA Knox E-FOTA
[Icon] Knox Mobile Enrollment Knox Mobile Enrollment
[Icon] Knox Asset Intelligence Knox Asset Intelligence
[Icon] knox manage Knox Manage
[Icon] knox capture Knox Capture

Get started with

[Image] Knox Configure Logo

Remotely configure Samsung devices in bulk and tailor them to specific needs, right out of the box.

[Icon] Check mark

After approval, you can try both the:

  • Setup edition — designed for a one-time deployment
  • Dynamic edition — deploy and update policies as many times without a factory reset.
[Icon] Check mark

Try either the Setup edition or Dynamic edition of Knox Configure on up to 30 devices.

[Icon] Check mark

Get a free Knox Suite trial upon approval to try our UEM.

Get started with

[Icon] Knox Guard Logo

Remotely control Samsung devices to reduce financial risks and protect assets.

[Icon] Check mark

After you get approved, generate your free trial license for 90 days.

check-mark

Try all the features of Knox Guard on up to 30 devices, including SIM control and device locking.

[Icon] Check mark

Get a free Knox Suite trial upon approval to try our UEM.

Get started with

[Image] Samsung Care Plus For Business Logo

Protect your business devices against accidental damage and mechanical breakdowns.

[Icon] Check mark

Are you already a Samsung Care+ for Business customer? Create an account and access the Samsung Care+ for Business console.

[Icon] Check mark

Contact the Samsung sales team and get peace of mind for your devices.

Other products & services

[Image] Others logo
[Icon] Check mark

Samsung offers additional solutions to serve the unique needs of your business. Talk to a Samsung expert today.

CONTACT SALES
Back to top