Samsung Knox Security Beats iOS, Android, Gartner Finds

...

Every industry analyst firm is producing research about NGES, and they all reach the same conclusi

Gartner compared 12 different platforms to find the strongest ones. The research firm also advised avoiding older mobile devices, which may have unfixed vulnerabilities or may lack management controls.

Apple's iPhone has received considerable attention for security that defied FBI investigators, but Samsung's Knox, an enterprise security layer for Android devices, scores better in a security evaluation conducted by research firm Gartner.

In a report published earlier this month, Gartner research director Patrick Hevesi compared 12 mobile device platforms -- Android 4, 5, and 6; BlackBerry 10; BlackBerry Android; iOS 8 and 9; Samsung Knox; Windows Phone 8.1 and 10 (Lumia); and Windows 8.1 and 10 (Surface). He awarded Knox more "strong" ratings than any other system.

Of all the platforms evaluated, Knox was the only one with "strong" ratings for every control in the corporate managed security section. The runner-up in terms of corporate managed security was BlackBerry 10, which received ratings of "strong" in every category except Device Firewall Management, where it was rated "average."

Knox 2.6 is the latest version of Samsung's security platform. It's available on the Galaxy S7 and S7 edge devices and can coexist with Google's managed container technology, Android for Work. A Samsung paper describes how Knox differs from Android for Work.

In a statement, Injong Rhee, EVP and head of R&D for Samsung Electronics' software and services for mobile communications business group, expressed pride that Gartner had recognized Knox's advantages.

Gartner's report examined a variety of core OS functions like biometrics, kernel security, and OS updates, as well as functions relevant to IT administration, such as encryption management, workspace isolation, and jailbreak/root protection.

The report avoids recommending a specific brand of device. Rather, it presents strengths and weaknesses, which should be considered in conjunction with the way devices will be used and business requirements. Gartner does advise organizations to avoid older mobile devices known to be exploitable or found lacking in the security or management controls available in more recent hardware.

In a phone interview Hevesi stressed that every client has different needs and that businesses should identify the risks that are relevant to them before choosing a particular platform. "There are obviously drawbacks to everything," he said. "Knox has done some really good things, but not all organizations need Knox."

Hevesi cited the Knox Warranty Fuse, a one-time programmable fuse that gets triggered if a Knox device is ever booted into an unapproved state. Once the fuse has fired, the device can no longer run Knox, and there's no IT reset switch. The feature may be more trouble than it's worth for administrators.

Hevesi also praised the BlackBerry Android's out-of-the-box experience for guiding users toward secure settings. He also gave a thumbs up to Microsoft's enterprise data protection in Windows Phone 10.

Gain insight into the latest threats and emerging best practices for managing them. Attend the Security Track at Interop Las Vegas, May 2-6. Register now!

One of the gaps in mobile operating systems, Hevesi said, is that the network stack does not force secure communication, meaning a line-of-business app might still send sensitive information without encryption.

"The developers writing these applications need to start think about encrypting everything and [about] how they store keys on these devices," said Hevesi, noting that encryption also has to be supported by default settings that promote security. For example, default data encryption isn't worth much if the device allows the user to choose a weak four-number PIN rather than strong passcode.

Categories
APPLICATIONS
0 Comment

Leave a Reply

Captcha image


RELATED BY

  • 5300c769af79e

    CyberLink PowerDVD 16 Ultra

    Though CyberLink's PowerDVD Ultra started life with just that purpose, it does a lot more now.Three levels are available for purchase: The full PowerDVD 16 Ultra ($84.
  • 5300c769af79e

    Awesome: Twitter's 140 Character Limit No Longer Counts Photos, Videos, GIFs, Polls or Quote Tweets

    Twitter didn’t abandon their 140-character limit for tweets today, but they did make it much easier for you to get your message across while tweeting and sharing other things.Starting today, photos, videos, GIFs, polls, and quote tweets no longer count towards the 140 character limit within a tweet.
  • 5300c769af79e

    LastPass 4.0 Premium

    Compare Similar ProductsCompare Dashlane 4 %displayPrice% Sticky Password Premium %displayPrice% RoboForm Everywhere 7 %displayPrice% Keeper Password Manager & Digital Vault 8 %displayPrice% LogMeOnce Password Management Suite Ultimate %displayPrice% Password Boss Premium %displayPrice% Authentic8 Silo %displayPrice% Password Genie 5.2 %displayPrice% True Key by Intel Security %displayPrice% LastPass 4.
  • 5300c769af79e

    Self-Driving Cars Coming to Boston

    The MIT spin-off will put its self-driving Renault Zoe electric vehicle on the road in the Seaport section of the city before year's end.During the road trials, nuTonomy's software is expected to learn local signage and road markings, as well as build on behavioral knowledge gained during recent trials in Singapore.