Enterprises can protect personal and enterprise data on mobile devices using a rich set of Knox features:
- User authentication:
Samsung Knox devices support not just password, PIN, and pattern authentication but also the latest biometric authentication: fingerprints, iris, face, and Intelligent Scan. Options are available for both device lockscreen authentication and separate Knox Workspace authentication. Through the Knox Platform, you can provide enforce two-factor authentication for the Knox Workspace or enterprise AD credentials to ensure stronger data protection.
- Encryption of device data:
Samsung Knox devices provide data encryption through Sensitive Data Protection that binds to the hardware-backed Root of Trust and user authentication. This encryption ensures data is decrypted only on the device where the data is stored, and only by the device owner. This Knox Platform model also ensures that any tampering of the device locks down access to sensitive data, preventing decryption and malicious access.
- Encryption of network data:
Samsung Knox devices offer the widest selection of advanced VPN features, providing the ability to configure a separate VPN for the Knox Workspace as well as for individual apps, to reinforce data isolation even further. Knox also offers always-on VPN, on-demand VPN, on-premise VPN bypass, HTTP proxy over VPN, multiple active tunnels, strict data leakage controls, and VPN chaining or cascading.
- Device tracking, locking, and erasing:
Samsung Knox devices offer the ability to track, geofence, and automatically lock devices based on events and security policies. For example, a device that leaves a specified geographic perimeter is locked, wiped of data, or reset to factory defaults.