Best answer: Samsung Knox is a security layer built into the Android and Tizen on Samsung devices to add an extra layer of protection to your information.
- Security at 5G speeds: Samsung Galaxy S20 5G ($790 at Amazon)
Bring your own device
A lot of people use their own phones for work; BYOD (Bring Your Own Device) policies are getting more and more popular as phone prices keep rising and consumer Android phones become more secure. We’ve seen Enterprise-level programs for mobile from both Apple and Google, but perhaps one of the easiest to use — both for you and any IT manager — is Samsung Knox.
If you have a fairly new Galaxy phone, like the S20 FE, you probably have Samsung Knox software on it. It’s not really something you can install because it’s part of the Android OS the way Samsung builds it and it isn’t any sort of app or support library. Knox is also built into Tizen on Samsung’s wearables.
What is Samsung Knox?
Samsung Knox is a special security layer found in top-tier Samsung phones that can separate and isolate personal and business user data. For most of us, Knox will be used for Samsung Pass and Secure Folder both of which can be accessed in the Biometrics and security section in your phone’s settings.
Samsung Pass stores sign-in information securely and allows you to access it using your phone’s biometrics. Secure Folder is a bit more complex in that it creates a new environment for files and apps on your phone. Once you set it up and open the folder you will have a fresh version of these apps that cannot be accessed by the rest of your phone.
By default, once you enter the Secure Folder you only have access to a few apps — Camera, Gallery, My Files, Contacts, Calendar, Samsung Internet Browser, and Samsung Notes. You can add other apps to the Knox-protected layer and they will be “copied” to a place where they and their data is kept separate from the same app on the “regular” layer in your phone.
You also need the right device — not all Samsung phones (or watches and tablets) support Knox, and you can see the list of supported devices here.
Knox is also software your company’s IT department can use to manage everyone’s device.
There’s also a third important component that can be used for Enterprise management — Knox Premium or an equivalent. This isn’t something you would use at home (but you could if you really wanted to) and it’s a way for an IT department to manage the Knox layer on phones that are part of the server’s group. It’s basically a cloud-based management solution built to work with Knox, and a turn-key secure platform. You can learn more about it here and if you’re an IT professional looking for a multi-device management solution you can talk to a representative from any of the four major U.S. mobile carriers for quotes.
Knox is certified for use in government installations in the following countries: Finland, France, Kazakhstan, Netherlands, Spain, The United Kingdom, and the United States. It’s also FIPS 140-2 and ISCCC compliant in certain configurations. What this means is that organizations like the U.S. Dept. of Defense think Knox is safe enough for its employees (items with clearance levels of sensitive or lower) to use. That means it’s also safe enough for you.
With Android Oreo, Knox was merged into Google’s Enterprise solution Android for Work to provide real-time protection of the Linux Kernel, malware checking, and parts of the trusted boot procedure. Samsung uses an e-fuse to detect if unofficial software had been booted, changing the warranty status check to 0x1 when it had been detected. This does not reset with a flash to factory software.
Do you need to use it?
You don’t have to use Samsung Knox, and unless you are the type who fiddles around inside your phone’s software you’ll never know it’s there. But if you have a phone that’s built for Knox, it’s free so you certainly can.
Chances are you don’t carry Top Secret information around and nobody is tailing you and trying to steal your data. But people and organizations that do want to steal user data are opportunistic — you might not be a target, but they will be more than happy to get everything they could should they happen to find your phone. Using Knox to handle the things you think need to be secured is easy and has a good track record when it comes to security.
Knox is free and you already have it — why not use it?
Knox is also a great way to hide certain files and folders from others who might have access to your phone from time to time, like siblings or roommates. By placing an application inside Knox you have hidden it’s data unless you know the password, and you can also use the My Files app to secure any file or folder from prying eyes.
You probably wouldn’t want to use Samsung Knox for your day-to-day things like text messaging or your contacts (though you could). But for anything you think is a little bit sensitive — think “things you would never want Mom to see” — Knox is a great way to secure them. You don’t have to be part of an Enterprise organization to value your privacy, and Samsung has given you a very good tool to do it with.