Can Samsung Make Enterprises Feel SAFE? - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile // Mobile Devices
04:31 PM
Connect Directly

Can Samsung Make Enterprises Feel SAFE?

PC management standards are mature, but mobile devices are a whole new ballgame. Companies are floundering, creating their own mobile rules on the fly. Samsung's SAFE (Samsung Approved For Enterprise) certification program hopes to help by providing a mobile standard.

Mobile devices are in the enterprise to stay, but how to manage them is an unresolved problem. IT management is concerned about a lot more than network access, too. There is the data on the devices; their applications as possible vectors for attacks on corporate resources; and the inescapable fact that mobile devices containing confidential information are easy to lose.

Add in operational issues--how do mobile devices integrate with corporate email systems, connect securely over company VPNs, and integrate into the existing business workflow--and it's easy to see why IT takes a jaundiced view. Samsung hopes to provide relief with SAFE (Samsung Approved For Enterprise) smartphones and tablets.

The Samsung Galaxy Note is a SAFE-certified device, which means it supports secure management.

Samsung is working with hardware and software vendors to provide support for both mobile device management and common corporate VPNs. Vendors can pick and choose and offer their own customized management capabilities; the options we list here come from Samsung and some of the partners who have released details about how they will be supporting SAFE.

SAFE-certified devices can be encrypted (only with Android 3.x and 4.x) and have Samsung-specific extensions to the included email, contacts, and calendaring applications. Of course, integration with mobile device management systems is the primary attraction for control-obsessed IT departments. Samsung gives IT the ability to deploy management systems that fit a very familiar desktop management model. SAFE brings a laundry list of management capabilities to certified devices. Hardware control, for instance, includes the ability to enable or disable the following features:

  • camera,
  • Bluetooth,
  • tethering,
  • USB storage,
  • access to internal and external SD cards; and
  • Wi-Fi.

The level of control can go beyond simple on/off functionality. For example, devices can be configured to force a Wi-Fi connection whenever an approved connection is available, and prevent users from modifying the centrally applied Wi-Fi settings.

IT also can silently update, install or uninstall applications. It also can:

  • control users' access to application stores,
  • limit the use of--and not just turn off--specific apps, such as Web browsers,
  • disable cut and paste,
  • track the versions of installed apps,
  • blacklist applications, and
  • automatically remove non-approved applications.

The list goes on. Controls can allow only specified versions of applications to be installed, prevent applications from updating, and even prevent carrier-pushed over-the-air updates of the phone operating system. In controlling email apps, the system can provide:

  • remote Exchange ActiveSync Configuration,
  • remote configuration of POP3/IMAP accounts,
  • enforced signatures, and
  • set sync intervals.

Primarily, the goal here seems to be to create a fully mobile Exchange client that has the functionality that the user would expect with their desktop Outlook interface. Samsung outlines a number of user capabilities with the SAFE-enhanced Exchange connectivity. Users can:

  • access a global address list,
  • create and respond to meeting requests,
  • use the Out-of-Office Assistant, assign e-mail priority status, and use follow-up flags,
  • sort emails by conversation view and other filters,
  • view, edit and create Microsoft-compatible documents, spreadsheets, and presentations, and
  • view reply status.

And, of course, there are the basics of device security. These features should warm the hearts of IT:

  • device encryption,
  • lock and wipe capabilities,
  • complex passwords,
  • password aging, and
  • login attempt management.

Connectivity is also addressed, adding explicit VPN options to fit corporate models, including IPSec, PPTp, L2TP, and Certificate Authority support.

This is only a partial list of the capabilities that are being provided with SAFE-certified hardware by Samsung's partners. Currently that partner list includes Cisco, Juniper Networks, MobleIron, Sybase Afaria, F5, SOTI MobiControl, and others not included in the initial announcement. Currently the only SAFE-certified devices from Samsung are the Galaxy Note smartphone and the Galaxy Tab 7.7 tablet. Only the Tab has a version of Android--Android 3.2 (Honeycomb)--that allows it to support SAFE on-device encryption.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Can Cloud Revolutionize Business and Software Architecture?
Joao-Pierre S. Ruth, Senior Writer,  1/15/2021
10 IT Trends to Watch for in 2021
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/22/2020
How CDOs Can Build Insight-Driven Organizations
Jessica Davis, Senior Editor, Enterprise Apps,  1/15/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you.
Flash Poll