Best answer: Samsung Knox is a security layer built into the Android and Tizen on Samsung devices to add an extra layer of security to your information.
- Security at 5G speeds: Samsung Galaxy S10 5G ($1,300 at Verizon)
Bring your own device
A lot of people use their own phones for work; BYOD (Bring Your Own Device) policies are getting more and more popular as phone prices keep rising and consumer models become more secure. We’ve seen Enterprise-level programs for mobile from both Apple and Google, but perhaps one of the easiest to use — both for you and any IT manager — is Samsung Knox.
If you have a Galaxy phone that’s not more than a couple years old, you probably have Samsung Knox software on it. It’s not really something you can install because it’s part of the Android OS the way Samsung builds it and it isn’t any sort of app or support library.
Knox is part of Android if it’s installed, and people who don’t want it know how difficult it can be to erase. Knox is also built into Tizen on Samsung’s wearables. Let’s take a look at exactly what Samsung Knox is and what it does.
What is Samsung Knox?
Samsung Knox is a special security layer found in top-tier Samsung phones that can separate and isolate personal and business user data. You can almost think of it as a way to turn one phone into two because of the way it manages apps and the data those apps create, as well as any data you enter into them.
Knox has been hacked, but only by people who hack secure products for a living and then help patch any exploits they find.
You migrate between the two layers by tapping the Knox icon and entering a password. This password is unique and separate from any password you use to unlock the phone, so even if someone were able to bypass the lock screen the Knox secured data would be inaccessible without some really fancy tricks by people who try to defeat secure software as their living, then help to patch things so those tricks no longer work.
By default, once you enter the Knox-protected side of your phone you only have access to a few apps — Camera, Gallery, Email, My Files, Phone, Contacts, Samsung Internet Browser, Downloads, and S Planner. You can add other apps to the Knox-protected layer and they will be “copied” to a place where they and their data is kept separate from the same app on the “regular” layer in your phone.
Knox needs two things in order to work. You need the right device — not all Samsung phones (or watches and tablets) support Knox, and you can see the list of supported devices here. You’ll also need the right software and you can find Samsung Secure Folder in the Play Store if you use a compatible phone to search for it; it’s not going to show up if you’re using a device that can’t install it.
Knox is also software your company’s IT department can use to manage everyone’s device.
There’s also a third important component that can be used for Enterprise management — Knox Premium or an equivalent. This isn’t something you would use at home (but you could if you really wanted to) and it’s a way for an IT department to manage the Knox layer on phones that are part of the server’s group. It’s basically a cloud-based management solution built to work with Knox, and a turn-key secure platform. You can learn more about it here and if you’re an IT professional looking for a multi-device management solution you can talk to a representative from any of the four major U.S. mobile carriers for quotes.
Knox is certified for use in government installations in the following countries: Finland, France, Kazakhstan, Netherlands, Spain, The United Kingdom, and the United States. It’s also FIPS 140-2 and ISCCC complaint in certain configurations. What this means is that organizations like the U.S. Dept. of Defense think Knox is safe enough for its employees (items with clearance levels of sensitive or lower) to use. That means it’s also safe enough for you.
With Android Oreo, Knox was merged into Google’s Enterprise solution Android for Work to provide real-time protection of the Linux Kernel, malware checking and parts of the trusted boot procedure. Samsung uses and e-fuse to detect if unofficial software had been booted changing the warranty status check to 0x1 when it had been detected. This does not reset with a flash to factory software.
Do you need to use it?
You don’t have to use Samsung Knox, and unless you are the type who fiddles around inside your phone’s software you’ll never know it’s there. But if you have a phone that’s built for Knox, it’s free so you certainly can.
Chances are you don’t carry Top Secret information around and nobody is tailing you and trying to steal your data. But people and organizations that do want to steal user data are opportunistic — you might not be a target, but they will be more than happy to get everything they could should they happen to find your phone. Using Knox to handle the things you think need to be secured is easy and has a good track record when it comes to security.
Knox is free and you already have it — why not use it?
Knox is also a great way to hide certain files and folders from others who might have access to your phone from time to time, like siblings or roommates. By placing an application inside Knox you have hidden it’s data unless you know the password, and you can also use the My Files app to secure any file or folder from prying eyes.
You probably wouldn’t want to use Samsung Knox for your day-to-day things like text messaging or your contacts (though you could). But for anything you think is a little bit sensitive — think “things you would never want Mom to see” — Knox is a great way to secure them. You don’t have to be part of an Enterprise organization to value your privacy, and Samsung has given you a very good tool to do it with.
Secure on 5G
Galaxy S10 5G
$1,300 at Verizon
Fast, smooth, and cutting edge
One of the most complete feeling flagship phones only gets better with 5G support and a massive battery. With a great display and cameras, this phone is the perfect tool for anyone that gets things done on the go.