UK public sector workers who use Samsung devices received a boost at the end of last week when the government approved the use of mobiles featuring the KNOX enterprise mobile data security container.
After months of testing, the Communications and Electronics Security Group (CESG) issued its latest End User Devices (EUD) Security Guidance, deciding that devices including the Samsung Galaxy Note 3, the Samsung Galaxy S3, the S4 and the S5 all pass muster.
However, KNOX has only been certified for the “OFFICIAL” tier – as opposed to “SECRET” or “TOP SECRET”.
OFFICIAL certification means a device must be able to withstand an attempted compromise by “attackers with bounded capabilities and resources”, according to CESG. This means it is not necessarily capable of deflecting attacks by “sophisticated and determined threat actors” including foreign spies.
The agency continues:
“The OFFICIAL tier provides for the generality of government business, public service delivery and commercial activity. This includes a diverse range of information, of varying sensitivities, and with differing consequences resulting from compromise or loss. OFFICIAL information must be secured against a threat model that is broadly similar to that faced by a large UK private company.”
It should be noted that CESG has approved the original version of KNOX rather than version 2.0, which has already been announced by Samsung.
The accreditation gives Samsung devices the edge on Windows Phone 8 handsets, which have still not passed muster for a full OFFICIAL cert.
However, they are still some way behind certain BlackBerrys, which have been accredited in the SECRET tier.
“We are pleased that our KNOX enabled devices have been cleared for use by the UK Government, and are confident given the period of intensive testing that the robust capabilities of KNOX act as a credible security solution for government agencies,” said Samsung VP of enterprise business, Graham Lond, in a statement.
“Our technology is widely used in both the UK public and private sector, and with this approval we are committed to working more closely with government departments and agencies that need to maintain high levels of security and data confidentiality on their mobile devices.”