Good and Samsung Partner to Harden Android Security

Good Technology on Tuesday announced a merger of its app container and app ecosystem with the Samsung KNOX enterprise security platform for Android.

The product merger is the next step in the partnership aimed at eliminating virus and malware concerns that come with Android adoption in the enterprise. The hardened security for Android targets the OS’s deployment with U.S. government and Department of Defense (DoD) agencies.

Good Technology’s solution creates a secured domain within Samsung’s KNOX security-enhanced Android operating system. The security measure allows any Good Technology apps or custom apps to run on a secured mobile platform. Good Technology also provides comprehensive support for Samsung KNOX’s extended mobile device management (MDM) application programming interface (API) set.

The Good-Samsung partnership that combines the container and app ecosystem within the KNOX platform delivers a comprehensive, layered solution to secure Samsung Android devices in the enterprise, according to Christy Wyatt, chairman and CEO of Good Technology.

“Samsung built some additional controls at the OS level to do two key things. One is to make sure that the OS is not compromised. The other is a very rigorous integrity checking solution,” John Herrema, senior vice president of product management for Good Technology, told LinuxInsider.

Platform Security

Samsung’s KNOX platform is certified for defense-grade and government mobile security. Its system complies with U.S. government and DoD initiatives, and other standards for mobile device security.

This certification allows Android deployment in government and other highly regulated enterprise environments. The Samsung KNOX platform received Security Technical Implementation Guides (STIG) approval from the U.S. Defense Information Systems Agency to use in U.S. DoD networks in May 2013, and was upgraded to STIG version 2 in April 2014.

STIG and NSA Guides are the configuration standards for Information Appliance devices and systems. The STIGs contain technical guidance to lock down information systems software that might otherwise be vulnerable to a malicious computer attack.

Good Technology also attained DoD approvals and Authority to Operate (ATOs) across multiple defense agencies. Those approvals include certification for secure email and collaboration apps on Android devices.

How It Works

Good’s secure container platform and app ecosystem is integrated directly into the Samsung KNOX security stack. Samsung KNOX Enterprise Mobility Management (EMM) provides IT administrators with a cross-platform, cloud-based enterprise mobile management solution for managing employees’ devices.

“We are leveraging the notion of a trusted domain. Once we verify that the OS is not compromised, we build a boundary system that does not allow apps to run that are not a part of the trusted domain,” said Good Technology’s Herrema.

For example, an Android device user might download a keyboard app from a third party. An enterprise may not be comfortable with what that keyboard is doing and the potential data loss it could cause. By putting only approved business applications within that trusted domain, the untrusted keyboard would be blocked from working with those business apps running inside the trusted domain, he explained.

The product is available now, added Herrema.

Android as a Target

The two biggest issues regarding Android’s security are the size of the Android market and fragmentation of the Android ecosystem. Those issues impact all mobile platforms, not just Android, according to Charles King, principal analyst at Pund-IT.

“The former point is an issue since, as Microsoft learned to its sorrow with Windows, the bigger the market is, the more it is targeted by hackers, malware attacks and general nastiness,” King told LinuxInsider.

That problem is compounded by Android fragmentation. About two-thirds of Android devices use Jelly Bean, but that means that tens of millions of smartphones and other products are still using previous versions of the OS, all the way back to 2.2 Froyo, he explained.

“With that sort of widespread variability, it is virtually impossible to craft an effective, overarching security strategy or stack,” said King.

Not Just for Government

Good’s security approach resembles a belt and suspenders system for all enterprise use. It is a layered approach. If there is ever an issue with one layer, such as the belt, it is okay. You always have the suspenders too, noted Herrema.

“We have now reached the point that people should not think of this security approach as just being something for the Department of Defense, or just for a bank or a health care company. If you are a serious enterprise, or are dealing with customer data, or dealing with customers in multiple locations, you just have to take security seriously no matter who you are,” he said.

That makes the Samsung/Good news particularly interesting. Samsung obviously recognizes the problem and is proactively moving to address it, added King.

“Though Google is trying hard to improve Android security, effectively addressing the needs of public sector agencies like the DoD requires vendors to go the extra mile or be shut out of doing business with them. Samsung is doing just that,” he concluded.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Related Stories
More by Jack M. Germain
More in Enterprise

LinuxInsider Channels