The Korean consumer electronics giant will bundle the AV into its Galaxy phones and tablets, in a gambit to take on Blackberry Enterprise Server for the hearts and minds of businesses worried about the increasingly mobile workplace. KNOX devices will include a standard anti-virus app along with cloud-based scanning of all email attachments, Web browsing and file sharing on the phone.
“Protection against mobile threats is essential in any workplace, especially a [bring-your-own-device] workplace,” said Lookout CEO John Hering, in a blog announcing the partnership. “The way that employees work on and use their devices has changed dramatically over the past few years. The mechanisms by which businesses were protected in the past don’t work in a world where employees use a personal device in business and/or a business device in a personal context.”
He added, “According to Gartner, one in three companies now allow employees to bring their own devices to work, and whether or not it’s allowed, employees are doing so and company data is being accessed outside of the corporate network, potentially putting that data at risk.”
For Lookout, it’s a move into the business space for the first time. “This growth strengthens our security platform and sets the stage for us to expand and build security offerings for businesses and enterprises,” Hering noted, adding that the company will be launching its offering for business mobile security “in the coming months.”
As it releases its latest Galaxy tablet this week, Samsung itself is looking for a bigger push into the enterprise space. It already has at least one anchor client for KNOX: Back in May the Pentagon approved KNOX devices for use in the field and in the office.
Samsung’s Android variant was developed to meet military and enterprise standards for security, and the Lookout integration is another layer in its defenses. It also has a Customizable Secure Boot that ensures only verified and authorized software can run on the device. TrustZone-based Integrity Measurement Architecture (TIMA) provides continuous integrity monitoring of the Linux kernel. When TIMA detects that the integrity of the kernel or the boot loader is violated, it takes a policy-driven action in response. One of these policy actions disables the kernel and powers down the device.
In addition, Android security enhancements provide a mechanism to enforce the separation of information based on confidentiality and integrity requirements. It isolates applications and data into different domains so that threats of tampering and bypassing of application security mechanisms are reduced, while the amount of damage that can be caused by malicious or flawed applications is minimized.