The Knox Platform's granular device management features are specifically curated, from partner feedback and industry data, to solve some of the most common frustrations enterprises face when mass deploying devices. These unique policies provide device flexibility and customization beyond any other device provider. The policies help organizations manage operations more effectively, secure confidential assets, and reduce administrative overhead. They also solve particular issues regarding industry regulation and compliance. For example, Rich Communication Services (RCS) logging is required by law in the financial industry. Samsung is the only vendor to provide this critical auditing feature.
Samsung Knox is the only mobile platform that allows an enterprise to natively change the device boot logo. In many industries, such as government or defense, this change is mandatory for compliance. Through the Knox Platform, enterprise IT admins and developers can customize the following:
Enterprises can use these capabilities to mitigate problems such as the following:
Split billing separates enterprise and personal data usage.
Split billing also works with dual SIM devices, by mapping some apps to using the data plan from one SIM, and other apps to the other SIM's data plan.
This feature allows an IT admin to remotely lock out a device, for example, when the device is out of compliance. Once the device is locked, only an IT admin can unlock it and not a device user. This functionality solves two problems:
With stock Android, an IT admin can lock a device only if it is currently unlocked. If the device is already locked, an admin can't lock it to prevent future unauthorized logins.
Roaming mobile connections can incur unexpected data costs. Multiplied across an enterprise's mobile workforce, these costs can become exorbitant.
Rather than just simply disabling all mobile roaming, the Knox Platform provides more granular controls for enterprises, letting them control which mission-critical apps are allowed to use data during mobile roaming. Enterprises could enable roaming data for:
They can also set up Split Billing, with separate roaming policies for the APNs set up for personal and enterprise billing.
Enterprises can apply granular settings to the caller app, allowing only:
The Knox Platform allows an enterprise to log RCS messages. For many industries, such as financial services, the ability to audit sent and received messages is required by law.
RCS messaging is a new messaging protocol that replaces SMS as the default messaging platform for carriers. It adds much needed features such as group messages and allows users to send more file types. Currently, enterprises that can't capture RCS messages must turn RCS off and lose the benefits of this new protocol. Knox RCS logging capabilities mean deployments can use powerful RCS abilities while staying compliant.
Knox provides many advanced SMS policies. Policies frequently used by organizations include:
Most vendors don't provide sophisticated options to manage an SD card. Typically, enterprises must choose between one of two options: allow full read and write access to the SD card or completely block it.
The Knox Platform addresses this industry pain point by giving enterprises independent control over read and write access. Knox can:
This level of control means you can provide one-way data access to sensitive data to effectively meet your security requirements.
To mitigate attacks perpetrated through Bluetooth connections, Knox provides these controls:
Knox can restrict or allow different types of USB-connected devices, more specifically, the USB device classes defined through usb.org. This feature includes access to the following USB device classes:
For example, you could block all USB devices except Smart Card readers.