Knox, an end-to-end solution that provides security from the hardware all the way through to the application level, is Samsung’s approach to the security threats posed by BYOD.
Lookout for Knox will include real-time cloud-based scanning to protect against mobile threats from email attachments, Web browsing and file-sharing services.
The announcement is drawing mixed responses from security professionals.
“My Galaxy S Relay came with Lookout pre-installed, so this is standard fare for Samsung,” Randy Abrams, a research director at NSS Labs, told the E-Commerce Times.
“The addition of Lookout is one of those nice details — like a flower holder in a Volkswagen Beetle,” he quipped.
“Businesses need BYOD solutions that are cross-platform,” said Veracode cofounder and CTO Chris Wysopal. “They aren’t going to want one for just Android — and especially not for just Samsung Android devices.”
Samsung did not respond to our request to comment for this story, and a Lookout spokesperson was not immediately available to provide further details.
Knox 3 Times
Knox takes a three-pronged security approach: It offers customizable secure boot; Integrity Measurement Architecture based on ARM TrustZone; and a kernel with built-in Security Enhancements for Android access controls.
Knox offers a container that isolates enterprise applications and encrypts enterprise data both at rest and in motion. The container uses an encrypted file system and offers an on-demand FPS-certified VPN client that can be managed by enterprise IT.
Knox was approved by the United States Department of Defense for use in DoD networks in May.
The Fort That Fizzled
However, Samsung’s plans to debut Knox with the Galaxy S4, announced in March, were delayed, and the company rescheduled the release for no earlier than this summer. Samsung said it needed more time to test Knox internally and with carriers.
Perhaps the bundling with Lookout’s software may not be enough to get Knox off the ground.
“If businesses are truly enabling BYOD, they need a solution that will cover all major mobile devices their employees may own,” Veracode’s Wysopal told the E-Commerce Times. “A single manufacturer solution still leaves CISOs looking for a multiplatform solution.”
Better Than Zero
Still, any solution that will improve the security of Android devices will be a help. Android dominates the mobile market, with more than 75 percent of the global smartphone OS market at present, according to IDC.
Android-based malware grew by 35 percent in the second quarter of 2013, according to McAfee’s latest threat report.
“Attackers go where the market share is,” Ken Pickering, director of engineering at Core Security, told the E-Commerce Times. “Android has the user base to make it worthwhile.”
Samsung “is making a very realistic and targeted move, similar to when Microsoft released a free virus scanner,” Pickering continued.
Sting Like a Butterfly
Android needs additional security solutions on top of the core platform to be safe for business, Veracode’s Wysopal said. These will “give Android a competitive boost against Apple, Microsoft and BlackBerry, which have more secure offerings for business.”
However only a few Android users — those who turn to unvetted sources and pirated apps — run into security issues, NSS Labs’ Abrams pointed out.
Apple and Microsoft are not likely to put a security solution on their devices, Wysopal opined. Further, they have a “much better OS update process” than Android, so there are not as many old vulnerable versions of their OSes floating around that need additional protection as there are in the case of Android.
On the other hand, “if the [mobile device market] is at all like the PC market,” said Abrams, “it is simply a matter of which antivirus vendor is willing to pay the OEM the most to have their product on their device.”