Samsung Knox Security Beats iOS, Android, Gartner Finds - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Mobile // Mobile Devices
News
4/18/2016
09:06 AM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Samsung Knox Security Beats iOS, Android, Gartner Finds

Gartner compared 12 different platforms to find the strongest ones. The research firm also advised avoiding older mobile devices, which may have unfixed vulnerabilities or may lack management controls.

iPad Pro 9.7 May Be Apple's Best Tablet Yet
iPad Pro 9.7 May Be Apple's Best Tablet Yet
(Click image for larger view and slideshow.)

Apple's iPhone has received considerable attention for security that defied FBI investigators, but Samsung's Knox, an enterprise security layer for Android devices, scores better in a security evaluation conducted by research firm Gartner.

In a report published earlier this month, Gartner research director Patrick Hevesi compared 12 mobile device platforms -- Android 4, 5, and 6; BlackBerry 10; BlackBerry Android; iOS 8 and 9; Samsung Knox; Windows Phone 8.1 and 10 (Lumia); and Windows 8.1 and 10 (Surface). He awarded Knox more "strong" ratings than any other system.

Of all the platforms evaluated, Knox was the only one with "strong" ratings for every control in the corporate managed security section. The runner-up in terms of corporate managed security was BlackBerry 10, which received ratings of "strong" in every category except Device Firewall Management, where it was rated "average."

Knox 2.6 is the latest version of Samsung's security platform. It's available on the Galaxy S7 and S7 edge devices and can coexist with Google's managed container technology, Android for Work. A Samsung paper describes how Knox differs from Android for Work.

In a statement, Injong Rhee, EVP and head of R&D for Samsung Electronics' software and services for mobile communications business group, expressed pride that Gartner had recognized Knox's advantages.

(Image: Samsung)

(Image: Samsung)

Gartner's report examined a variety of core OS functions like biometrics, kernel security, and OS updates, as well as functions relevant to IT administration, such as encryption management, workspace isolation, and jailbreak/root protection.

The report avoids recommending a specific brand of device. Rather, it presents strengths and weaknesses, which should be considered in conjunction with the way devices will be used and business requirements. Gartner does advise organizations to avoid older mobile devices known to be exploitable or found lacking in the security or management controls available in more recent hardware.

In a phone interview Hevesi stressed that every client has different needs and that businesses should identify the risks that are relevant to them before choosing a particular platform. "There are obviously drawbacks to everything," he said. "Knox has done some really good things, but not all organizations need Knox."

Hevesi cited the Knox Warranty Fuse, a one-time programmable fuse that gets triggered if a Knox device is ever booted into an unapproved state. Once the fuse has fired, the device can no longer run Knox, and there's no IT reset switch. The feature may be more trouble than it's worth for administrators.

Hevesi also praised the BlackBerry Android's out-of-the-box experience for guiding users toward secure settings. He also gave a thumbs up to Microsoft's enterprise data protection in Windows Phone 10.

Gain insight into the latest threats and emerging best practices for managing them. Attend the Security Track at Interop Las Vegas, May 2-6. Register now!

One of the gaps in mobile operating systems, Hevesi said, is that the network stack does not force secure communication, meaning a line-of-business app might still send sensitive information without encryption.

"The developers writing these applications need to start think about encrypting everything and [about] how they store keys on these devices," said Hevesi, noting that encryption also has to be supported by default settings that promote security. For example, default data encryption isn't worth much if the device allows the user to choose a weak four-number PIN rather than strong passcode.

 

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
MartinJDub
50%
50%
MartinJDub,
User Rank: Apprentice
4/23/2016 | 10:20:48 PM
Re: Does it work?
Samsung Knox has been netoriously late to market and short on uptake. Futhermore, there's no mention about the benchmarks or environments that were tested. Samsung Knox is more secure than BlackBerry 10 coupled with BES10 / BES12, seriously? 
melgross
50%
50%
melgross,
User Rank: Ninja
4/19/2016 | 7:38:59 AM
Does it work?
I'm wondering if this report actually tested all of these devices, because as of 6 months ago, Knox still wasn't working properly, with gaping security flaws.
Slideshows
IT Careers: 12 Job Skills in Demand for 2020
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/1/2019
Commentary
Enterprise Guide to Multi-Cloud Adoption
Cathleen Gagne, Managing Editor, InformationWeek,  9/27/2019
Commentary
5 Ways CIOs Can Better Compete to Recruit Top Tech Talent
Guest Commentary, Guest Commentary,  10/2/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Data Science and AI in the Fast Lane
This IT Trend Report will help you gain insight into how quickly and dramatically data science is influencing how enterprises are managed and where they will derive business success. Read the report today!
Slideshows
Flash Poll