Samsung KNOX: An Overview for Business Customers
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
CENTRIFY WHITE PAPER. SEPTEMBER 2013
Samsung KNOX: An Overview for Business Customers
Abstract
Samsung, the mobile device market leader, has introduced Samsung KNOX™ for its Android-based
mobile platforms to satisfy the device management and security needs of business and government
customers. This document provides a more detailed overview of the enterprise integration and
management features in Samsung KNOX with a focus on its capabilities for Microsoft Active Directory
integration, policy management, Enterprise Mobility Management and Single Sign-On.
Centrify Corporation PHONE: +1 (408) 542-7500 (North America & Worldwide)
785 N. Mary, Suite 200 +44 (0) 1344 317950 (EMEA)
Sunnyvale, CA 94085 (+61) 1300 795 789 (APAC)
+55-11-9999-10156 (Latin America)
WEB www.centrify.com
SAMSUNG KNOX: AN OVERVIEW FOR BUSINESS CUSTOMERS
Information in this document, including URL and other Internet Web site references, is subject to
change without notice. Unless otherwise noted, the example companies, organizations, products,
domain names, email addresses, logos, people, places and events depicted herein are fictitious, and
no association with any real company, organization, product, domain name, e-mail address, logo,
person, place or event is intended or should be inferred. Complying with all applicable copyright laws
is the responsibility of the user. Without limiting the rights under copyright, no part of this document
may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by
any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose,
without the express written permission of Centrify Corporation.
Centrify may have patents, patent applications, trademarks, copyrights, or other intellectual property
rights covering subject matter in this document. Except as expressly provided in any written license
agreement from Centrify, the furnishing of this document does not give you any license to these
patents, trademarks, copyrights, or other intellectual property.
© 2013 Centrify Corporation. All rights reserved.
Centrify, DirectAudit, DirectControl and DirectSecure are registered trademarks and DirectAuthorize
and DirectManage are trademarks of Centrify Corporation in the United States and other countries.
Other brand names used in this document are the trademarks or registered trademarks of their
respective companies.
The names of actual companies and products mentioned herein may be the trademarks of their
respective owners.
© 2013 CENTRIFY CORPORATION. ALL RIGHTS RESERVED. PAGE II
SAMSUNG KNOX: AN OVERVIEW FOR BUSINESS CUSTOMERS
Contents
Contents........................................................................................................... iii
Introduction ...................................................................................................... 1
Samsung Android overview ............................................................................... 1
What is Samsung KNOX? ................................................................................... 2
Platform Security ........................................................................................... 3
Application Security ....................................................................................... 4
Government and High Security Features ........................................................... 4
Enterprise Mobility Management ...................................................................... 5
Why IT organizations care about Enterprise Mobility Management ................... 5
Microsoft Active Directory and Group Policy Management .................................... 6
Background on Centrify ..................................................................................... 7
Overview of Centrify’s features in KNOX ........................................................... 7
Container management .................................................................................. 7
Single Sign-On for mobile and web apps ........................................................... 9
Mobile Authentication Services (MAS) Software Development Kit (SDK) .............. 10
Summary......................................................................................................... 11
Benefits for organizations and IT administrators .............................................. 11
Benefits for mobile users .............................................................................. 12
Benefits for developers ................................................................................. 12
How to Contact Centrify .................................................................................. 13
© 2013 CENTRIFY CORPORATION. ALL RIGHTS RESERVED. PAGE III
SAMSUNG KNOX: AN OVERVIEW FOR BUSINESS CUSTOMERS
Introduction
Samsung, the mobile device market leader, has introduced Samsung KNOX™ for its Android-based
mobile platforms to satisfy the device management and security needs of business and government
customers.
The purpose of this document is to provide a detailed overview of the enterprise integration and
management features in Samsung KNOX with a focus on its capabilities for Microsoft Active Directory
integration, policy management, Enterprise Mobility Management and Single Sign-On.
Readers are also encouraged to consult the following additional resources:
§ Samsung: White Paper: An Overview of Samsung KNOX™
§ Samsung: Introducing Samsung KNOX
§ Samsung: Samsung KNOX website
§ Samsung: Samsung for Enterprise (SAFE) website
§ Gartner: Strategies to Solve Challenges of BYOD in Enterprise
§ Centrify: Centrify and Samsung Partnership website
§ Centrify: "An Introduction to Samsung KNOX" YouTube video
§ Centrify: An Overview of Samsung KNOX Active Directory-based Single Sign-On
§ Centrify: All Things KNOX Resource Center
Samsung Android overview
Samsung has quickly grown in the mobile space to become the leading provider of smartphones and
tablets. Much of this growth has been fueled by its adoption of Android as a major platform for its
mobile device offerings.
Android is a popular open source-based operating system that is under the governance of Google.
Even though Android has only been publicly available since 2008, it has been widely adopted by
manufacturers and mobile users. In fact, by most measures, Android is the leading mobile operating
system. Samsung was one of the early adopters of Android technology and has become the leading
provider of Android-based smartphones and tablets.
While Android has been popular with consumers, enterprise and government customers have been
reluctant to endorse or deploy Android. This reluctance has been based on three major factors:
1. Since the Android operating system can be changed and the distribution of apps is not controlled
by a single source, Android has been considered less secure and more prone to malware than
other mobile platforms.
© 2013 CENTRIFY CORPORATION. ALL RIGHTS RESERVED. PAGE 1
SAMSUNG KNOX: AN OVERVIEW FOR BUSINESS CUSTOMERS
2. Most Android platforms do not have the enterprise features that business and government IT
managers require and are available on other mobile platforms, including centralized Enterprise
Mobility Management, policy-based management, encryption and other key features.
3. Android does not have a way to segregate business data and apps from personal data and apps.
This co-mingling of business and personal workspaces can lead to unprotected business data
being leaked or compromised.
In fact, until recently, many IT managers felt that Blackberry phones were the only options that
addressed security requirements and enterprise needs. But this is changing. Samsung announced its
SAFE (Samsung for Enterprise) program in 2012 to address some of these needs. Now, with the
release of Samsung KNOX for supported Samsung Android-based mobile devices, Samsung and its
partners go even further with state-of-the-art enterprise features and security enhancements that
meet or exceed even the most stringent business and government needs. In addition, Samsung
provides new technology to segregate users’ business and personal lives allowing one device to be
used for both business and personal scenarios while ensuring optimal privacy and security.
What is Samsung KNOX?
Samsung KNOX is a new Android-
based solution specifically designed
to enhance security of the current
open source Android platform. KNOX
is not a product or a single feature;
instead it is a suite of enhancements
to certain Samsung Android devices
designed to address the needs of
government and enterprise IT
managers as well as employees. It is
important to note that while many of
these features are unique to the
Samsung KNOX platform, Samsung
has maintained full compatibility
with Android and the Google
ecosystem so that existing Android
applications will continue to work on
Samsung KNOX devices.
Samsung starts with the latest
Google Android mobile operating
system platform and adds
capabilities, or addresses
shortcomings, in four key areas:
© 2013 CENTRIFY CORPORATION. ALL RIGHTS RESERVED. PAGE 2
SAMSUNG KNOX: AN OVERVIEW FOR BUSINESS CUSTOMERS
1. Platform Security: Ultra-secure operating system services.
2. Application Security: Enhanced application security and runtime features.
3. Government and High Security Features: Features for Defense and Government customers
who must comply with enhanced security, data access and data handling standards.
4. Enterprise Mobility Management: Best-in-class enterprise device management.
By implementing these features,
Samsung KNOX substantially
enhances not only the Android
user experience but also the
security and manageability of the
platform. The following section
provides a brief overview of the
core components of each of these
sets of enhancements. For more
detailed information on these
features, please refer to the
resources listed at the beginning
of the document as well as
information available on the
All Things KNOX Resource Center.
Platform Security
At the hardware and operating system security level, Samsung KNOX provides powerful, unique
platform security enhancements which prevent tampering with the device. These enhancements
include:
§ Customizable Secure Boot: Secure Boot is a procedure that prevents “unauthorized” operating
systems and software from loading during the startup process. Firmware images that are
cryptographically signed by known, trusted authorities are considered “authorized” firmware.
§ Security Enhancements for Android: Security-Enhanced Linux (SE Linux) was invented by the
NSA in 2000 and is a port of Linux that includes numerous security enhancements. Samsung R&D
teams have worked very closely with the NSA to port and integrate this technology into Android.
§ TrustZone-based Integrity Measurement Architecture: Samsung’s TrustZone-based
Integrity Measurement Architecture (TIMA) was developed as a unique feature on Samsung
mobile devices. TIMA uses ARM TrustZone hardware and runs in a secure mode that cannot be
disabled and provides continuous integrity monitoring of the Android kernel.
© 2013 CENTRIFY CORPORATION. ALL RIGHTS RESERVED. PAGE 3
SAMSUNG KNOX: AN OVERVIEW FOR BUSINESS CUSTOMERS
Application Security
Samsung KNOX also includes features to enhance security at the application layer. These features
include:
§ Application Containers: Samsung’s
container technology is one of the most
innovative additions to Samsung KNOX.
This is a virtual Android environment that
runs on the device and includes its own
home screen, launcher and application
environment. Applications and data in the
container are completely isolated from
applications and data outside the
container. This allows the user to securely
run business applications in the container
while still having the ability to run personal
applications outside the container in the
standard Android environment. Data
stored in one environment cannot be
accessed or shared with the other
environment.
§ On-device Data Encryption: This feature allows users and administrators to encrypt data on
the entire device, as well as any configured Samsung KNOX Container. Encryption is often
required by government and regulated industries such as healthcare and finance.
§ Virtual Private Network Support: Samsung KNOX includes support for virtual private
networking (VPN). A unique feature of this implementation is the ability to set up different VPNs
for each application. This allows secure communications to corporate networks for business
applications while consumer applications can continue to function outside the VPN structure.
Government and High Security Features
Taken together, these security enhancements enable a mobile platform that can meet the strictest
requirements of government and security-conscious enterprise customers. In addition, the KNOX
platform complies with a number of government and security standards. These features and
standards include:
§ Smartcard CAC support utilizing both software and hardware Public Key Infrastructure (PKI)
certificates.
§ FIPS 140-2 Level 1 certification for both data-at-rest (DAR) and data-in-transit (DIT).
§ Compliance with the Defense Information Systems Agency (DISA) June 2012 version of the
Security Requirements Guides (SRGs) specification.
© 2013 CENTRIFY CORPORATION. ALL RIGHTS RESERVED. PAGE 4
SAMSUNG KNOX: AN OVERVIEW FOR BUSINESS CUSTOMERS
Enterprise Mobility Management
The final set of features available with Samsung KNOX addresses securing and managing the device
by leveraging enterprise systems management solutions that are already in use in large
organizations. These features make it easier to centrally control the device and apply consistent
policies across all KNOX devices in the enterprise. Many of these features also provide users with a
better experience by allowing them to self-manage tasks such as changing enterprise passwords or
employing a single set of credentials to access all enterprise applications (also known as Single Sign-
On). The container can be centrally managed by a corporate administrator from within Microsoft
Active Directory.
Before covering these important features, it is worth reviewing why organizations need these features
and look at tools that are in use for managing users and other devices within the enterprise.
Why IT organizations care about Enterprise Mobility
Management
One of the biggest challenges for IT administrators in a large enterprise is managing and securing a
diverse range of computing devices. Over the last decade, solutions for managing personal computers
have flourished and organizations can now centrally manager computers, deploy applications to these
devices, impose policies on the use of the devices (including enforcing role-based policies) and
manage access to the device through authentication and authorization tools. Most organizations have
chosen to supply approved computers to their users which have already been setup with the
necessary tools to manage the device centrally.
More recently, users are increasingly turning to small, mobile, instant-on devices such as
smartphones and tablets instead of computers for daily computing tasks. Likewise, organizations are
seeing the benefits of using mobile devices to empower workers who are on the go. Yet, with these
positive trends, there are a number of issues which challenge enterprise IT administrators including:
§ Users who own their own mobile devices want to bring them to work and use them in their jobs.
This introduces potential security, application deployment and management challenges which
need to be solved by IT staff with the involvement of the end user before these devices can be
deployed.
§ Thousands of different mobile devices with dozens of different operating systems are now
available — each with their own challenges for deployment in enterprises. Therefore, many
organizations only allow a limited number of known, tested devices to be used within the
corporate network.
§ IT managers want to be able to centrally control and remotely wipe devices, yet corporate device
control becomes less feasible if these devices are owned by the end user and contain personal
data in addition to corporate data.
§ Mobile devices have the potential to carry sensitive enterprise data, yet with these devices
always connected to the Internet, there is the potential for unintentional or even malicious
© 2013 CENTRIFY CORPORATION. ALL RIGHTS RESERVED. PAGE 5SAMSUNG KNOX: AN OVERVIEW FOR BUSINESS CUSTOMERS
disclosure of information to outside parties. In addition, if devices are not secured with a
passcode, enterprise information could be disclosed if the device is borrowed, lost or stolen.
§ With users loading their own applications and accessing remote sites on the Internet, there is a
constant concern about the possibility of viruses or malware that could compromise corporate
data. In addition, mobile devices that organizations want to use are often not the same ones that
end users have or want to use.
To address these and other challenges, a number of vendors have emerged with non-integrated
solutions for Enterprise Mobility Management. For organizations that have existing personal
computers, especially Microsoft Windows-based computers, having a way to extend existing
enterprise user and device management practices and solutions to mobile devices is highly desirable.
With Samsung KNOX, these capabilities become a possibility on supported mobile devices.
Microsoft Active Directory and Group Policy Management
Organizations that have large numbers of Windows-based computers typically use Microsoft’s server
technologies as the underlying IT infrastructure for managing their users and devices. The foundation
of Microsoft’s infrastructure is Active Directory. Active Directory is essentially a database which stores
information about users and devices and is wrapped in services that allow users and devices to join a
secure corporate domain, authenticate users when they login, store preferences and provide other
administrative tasks. Active Directory acts as the base for many other management services such as
certificate services, rights management, domain services and group policy.
Group Policy enables policy-based administration using Microsoft Active Directory. Group Policy uses
directory services and security group membership to provide enforceable rules for users and devices
that can be set by the administrator and applied across the corporate network. Policy settings are
created using the Microsoft Management Console (MMC) snap-in for Group Policy and can be applied
to resources based on rules, membership, roles or globally to all devices and users.
While Active Directory, Group Policy and other Microsoft server-based technologies have been
traditionally used to manage Windows-based resources, the services are extensible thereby allowing
companies like Centrify Corporation to create solutions for joining non-Microsoft devices, such as
Apple Macs, Linux computers and UNIX servers to an Active Directory-based corporate IT
infrastructure. More recently, Centrify has created solutions to enable mobile devices to join and be
managed by the Active Directory system. Samsung has licensed this technology and includes it in its
KNOX offerings. Given that Active Directory is used by a majority of enterprises, these capabilities
significantly enhance the ability of enterprises to extend device and user management,
authentication, and policy-based management to all KNOX-enabled devices.
Administrators benefit by being able to centrally manage users and devices from a single console —
including the ability to allow or deny user access to corporate computing resources. Users benefit by
having a consistent experience and a single set of login credentials for all resources managed by the
enterprise.
© 2013 CENTRIFY CORPORATION. ALL RIGHTS RESERVED. PAGE 6SAMSUNG KNOX: AN OVERVIEW FOR BUSINESS CUSTOMERS
Background on Centrify
Centrify provides Unified Identity Services across data center, cloud and mobile — resulting in one
single login for users and one unified identity infrastructure for IT. Centrify's software and cloud
services let organizations securely leverage their existing identity infrastructure to centrally manage
authentication, access control, privilege management, policy enforcement and compliance across on-
premise and cloud resources. More than 5000 customers have deployed Centrify across millions of
computers, applications and mobile devices to increase agility and security. With Centrify,
organizations are reducing the costs associated with identity lifecycle management and compliance by
over 50%.
Since releasing its initial product in 2005, Centrify has expanded its portfolio from one product to a
suite of software and cloud services that span data center, cloud and mobile environments with
comprehensive support for over 450 systems and 1,500+ applications.
Overview of Centrify’s features in KNOX
Centrify technology has been licensed by Samsung to enhance KNOX in three core areas of the
platform: Active Directory-based mobile container management, Single Sign-On (or more aptly-
named “Zero Sign-On”) for enterprise apps and a software development kit for software vendors and
organizations who want to extend Zero Sign-On to their own applications.
Container management
As mentioned earlier, Samsung has developed
container technology which allows administrators
to create a secure and distinct business
environment on any KNOX-enabled mobile device.
Only approved applications can run in this
environment and data associated with these
applications can only be accessed from within the
container. Once a container is created on a
Samsung KNOX device, it can be secured through
Centrify’s integration services which tie back to
Active Directory. This means that the container
can “join” the Active Directory domain and appear
as a managed device within the Active Directory
corporate infrastructure. Administrators have full
control over the container and can control user
access to the container’s apps and data. The
administrator can also deploy and manage
applications that are secured within the container.
This gives users the freedom to carry one device for both work and play via a seamless and intuitive
dual persona experience. Both personal and business data are kept segregated and private.
© 2013 CENTRIFY CORPORATION. ALL RIGHTS RESERVED. PAGE 7SAMSUNG KNOX: AN OVERVIEW FOR BUSINESS CUSTOMERS
Active Directory-based authentication and mobile device / container management
Active Directory is deployed to manage users within an organization and for authenticating users
when they log in to a device. The user’s profile — as well as group memberships — is stored in Active
Directory which can be used to control access to different IT resources. For example, if Mary Smith
just joined your organization’s sales team, the IT administrator would add her to Active Directory,
setup up her profile information and provide her with a login password. The administrator would also
add her to various sales-related security and distribution groups which would allow her to securely
access the sales resources of the organization. In addition, computers that Mary uses at work could
be joined to Active Directory ensuring that her devices are authenticated on the corporate network
and are managed based on the organization’s IT policies.
With Samsung KNOX, Centrify extends Active Directory to Android-based containers. This means that
the container is joined and secured through Active Directory.
This benefits administrators since they can centrally control all of their users’ devices from a single
console. If a user leaves an organization, administrators can not only turn off access to the corporate
container on the KNOX device — they can delete the container and remove all corporate applications
and data. All this happens without impacting the user’s personal applications and data that reside
outside the corporate container.
Group Policy-based management
In addition to creating and
removing containers,
administrators also have
access to fine-grained
management of the KNOX
device using Group Policy. As
mentioned earlier, Group
Policy works within the Active
Directory infrastructure to
allow managers to create IT
policies such as password
complexity requirements and
have those policies enforced
throughout the enterprise.
Most IT administrators use Group Policy to manage their computers within the corporate network.
Now with Centrify’s technology in KNOX, administrators can manage KNOX containers, control access
to containers and enforce corporate or mobile-specific policies within containers. All this happens from
within the standard Group Policy console, which means administrators do not have to install different
costly tools or learn different techniques for managing their mobile devices. For example, the
administrator can view all end-user devices and drill down to see specific details related to the end-
user’s KNOX device. Policies such as allowing VPN or Wi-Fi access or configuring a firewall can also be
pushed to the mobile device. Or the administrator can send a command to the KNOX device to create
© 2013 CENTRIFY CORPORATION. ALL RIGHTS RESERVED. PAGE 8SAMSUNG KNOX: AN OVERVIEW FOR BUSINESS CUSTOMERS
a secure corporate container and pre-populate that container with approved corporate applications or
setup an email account. Policies can also be related to roles. For example, a policy could be set up to
grant all sales employees access to the corporate sales portal.
There are over 470 policies that can be used with KNOX which leverage over a thousand management
APIs.
Single Sign-On for mobile and web apps
Single Sign-On is a concept that allows users to log in to the corporate network one time and from
there have full access to approved corporate resources, applications and data without having to re-
enter their credentials for each action. By extending applications using standards-based SAML and
Kerberos technology, secure tokens can be used across a wide range of popular business applications.
For example, a user could log in to his or her computer using his or her Active Directory username
and password and then be able to launch local and web-based applications by just clicking on an icon
without having to enter credentials for each application. Access to these applications is managed
centrally meaning that access can be turned on or off for each user or groups of users from a central
administrative console. Another benefit of Single Sign-On is instead of having to remember complex
conforming passwords for each site or application, authentication is handled by the Single Sign-On
system. In addition, users will be less temped to use insecure passwords or the same password
across multiple sessions.
Centrify has taken these
concepts and extended
them to Samsung KNOX
and beyond. Now,
administrators can setup
a worker’s environment
for both web
applications and native
mobile apps on
supported mobile
devices. This includes
setting up access and
the Single Sign-On
attributes for each
application. Applications
could include native
apps such as Box or
web-based SaaS
(Software as a Service) applications such as Salesforce.com. These applications are then run from
within the user’s secure KNOX container on his or her KNOX device.
In addition, Centrify provides a secure web-based user portal for running SaaS applications from any
device that has a web browser. Administrators can also manage access from a browser-based
console. Both these classes of web-based applications connect to authentication and access services
© 2013 CENTRIFY CORPORATION. ALL RIGHTS RESERVED. PAGE 9SAMSUNG KNOX: AN OVERVIEW FOR BUSINESS CUSTOMERS
through the Centrify Cloud Service and the Centrify Proxy Server which interfaces with the
organization’s Active Directory infrastructure. Once users provide their password to access the
container on their KNOX devices, they are taken to a Zero Sign-On experience and given direct access
to their applications.
Administrators benefit by having central control over IT apps and data while users benefit by having a
simple, seamless experience moving from one app to the next without having to remember and enter
complex passwords for each action.
Mobile Authentication Services (MAS) Software Development Kit (SDK)
In order to extend Single Sign-On capabilities to as many developers as possible, Centrify has built
the Mobile Authentication Services (MAS) Software Development Kit (SDK), which is available from
both Centrify and Samsung. This SDK includes the tools and libraries to allow corporate and ISV
Android app developers to add Single Sign-On capabilities to their own mobile apps. In addition,
developers have access to hundreds of KNOX and SAFE APIs which enable better security and
management functionality for mobile applications. ISVs such as Box and Onvelop are part of a
growing list of ecosystem partners which have used this SDK to enable Single Sign-On for their apps
running on KNOX devices.
© 2013 CENTRIFY CORPORATION. ALL RIGHTS RESERVED. PAGE 10SAMSUNG KNOX: AN OVERVIEW FOR BUSINESS CUSTOMERS
Summary
In summary, Samsung and Centrify have delivered a powerful set of solutions for extending
enterprise mobile management and Single Sign-On to Samsung KNOX devices.
Benefits for organizations and IT administrators
With Centrify’s contributions to Samsung KNOX, organizations and administrators can leverage their
existing Active Directory infrastructure and skills and easily and safely add Samsung KNOX devices
into their enterprise. With the enhanced security features of KNOX, organizations can allow users to
bring their own KNOX-capable devices to work, yet have full control over sensitive corporate data,
applications and network access. Additional benefits include:
§ Central device and policy management of devices, applications, data and users.
§ Standardization on a range of popular Samsung devices which can be supplied at work or brought
to work by the user.
§ Unified mobile device security and app management, including support for all SAFE v4 and KNOX
controls.
§ Rapid deployment of Cloud-based services.
§ Automated role-based mobile application management.
§ Compatibility with existing Enterprise Mobility Management products.
§ Remote administration or removal of corporate data and applications — even for Samsung
devices owned by users.
§ Creation of a secure corporate container for data and applications which is isolated from potential
malware that might infect non-business applications.
§ Limiting container applications to a pre-approved set and automatically deploying the applications
to users’ devices.
§ Prevention of corporate data from being shared with non-authorized applications.
§ Elimination of the need for complex or insecure passwords for corporate applications through
SAML-based authentication
§ Workforce productivity — users gain true multi-application Zero Sign-On when accessing apps
from a Samsung KNOX device.
© 2013 CENTRIFY CORPORATION. ALL RIGHTS RESERVED. PAGE 11SAMSUNG KNOX: AN OVERVIEW FOR BUSINESS CUSTOMERS
Benefits for mobile users
Users get the assurance that their personal data
remains segregated on their devices while having
the convenience of one-click access to their
business applications, not only from the KNOX
container, but from an easy-to-use web portal as
well. Other benefits include:
§ Safe enablement of workers’ personal
Samsung devices when used in the
workplace.
§ Separation of users’ personal and business
lives and data.
§ User access to a portal for device and app management and location services
§ Self-service management of passwords, passcode reset, device lock and wipe and other functions
§ Multi-app Zero Sign-On for thousands of rich mobile apps and web apps in the KNOX container
Benefits for developers
Both corporate and commercial application developers now have an easy way to add secure Single
Sign-On features to their own Android-based applications. This makes their applications easier to use
within a secure corporate environment since users don’t need to remember complex passwords every
time they use the application and easier to administer. Additional benefits include:
§ Centrify providing the backend authentication services for the Single Sign-On environment which
means app developers don’t need to develop these services themselves.
§ Developer expansion into the enterprise by providing Single Sign-On applications on devices
made by the largest supplier of mobile devices.
By enabling Active Directory-based centralized user and container management and Single Sign-On
for enterprise mobile and web applications, both enterprise administrators and users gain essential
capabilities and benefits that are unique to the Samsung KNOX platform. With Samsung KNOX, IT
obtains the security and control they require and employees get the privacy they expect for their
personal data.
For more information on Samsung KNOX visit the All Things KNOX Resource Center at:
www.AllThingsKNOX.com.
© 2013 CENTRIFY CORPORATION. ALL RIGHTS RESERVED. PAGE 12SAMSUNG KNOX: AN OVERVIEW FOR BUSINESS CUSTOMERS
How to Contact Centrify
Worldwide Headquarters Product & Sales Information
Centrify Corporation North America: +1 (408) 542-7500
785 N. Mary, Suite 200 EMEA: +44 (0) 1344 317950
Sunnyvale, CA 94085 APAC +61 1300 795 789
United States Latin America: +55-11-9999-10156
Phone: +1 (408) 542-7500
Online: www.centrify.com/contact
© 2013 CENTRIFY CORPORATION. ALL RIGHTS RESERVED. PAGE 13You can also read
