F i g u r e 1. Worldwide Business Use of Smartphones 2012-2016



Similar documents
I D C M A R K E T S P O T L I G H T. T h e I m p a c t of the Consumerization of IT

The State of Mobility in the Enterprise in 2014: An IDC Survey of Devices, Platforms, Decisions, and Deployments

WHITE PAPER Secure Enterprise Data in a BYOD World IDC OPINION IN THIS WHITE PAPER. Sponsored by: Excitor. Jason Andersson January 2013

Mobile App Containers: Product Or Feature?

Business Protection. Personal Privacy. One Device. Enhanced Security for Your Network and Business Intelligence.

BUSINESS PROTECTION. PERSONAL PRIVACY. ONE DEVICE.

W H I T E P A P E R E m b r a c i n g C o n s u m e r i z a t i o n w i t h C o n f i d e n c e

I D C V E N D O R S P O T L I G H T. T a m i n g t h e C onsumerization of IT w ith C l o u d - B a s e d M obile De vi c e M a n a g e ment

The Changing Role of the CIO. An IDC InfoBrief, sponsored by Samsung Canada March 2014

I D C V E N D O R S P O T L I G H T

I D C S P O T L I G H T. Ac c e l e r a t i n g Cloud Ad o p t i o n w i t h Standard S e c u r i t y M e a s u r e s

I D C V E N D O R S P O T L I G H T

W o r l d w i d e a n d U. S. M a n a g e d M o b i l i t y F o r e c a s t : U n i t e d S t a t e s L e a d s i n A d o p t i o n

Flyer 1. Meet evolving enterprise mobility challenges with Samsung KNOX

What We Do: Simplify Enterprise Mobility

Mobile Device and Application Trends Are Mobile Applications Moving to the Cloud?

I D C T E C H N O L O G Y S P O T L I G H T T r e n d s : Why C I Os Should Rethink E n d p o i n t D a t a P r o t e c tion in the Ag e o f

White Paper : An Overview of Samsung KNOX

I D C T E C H N O L O G Y S P O T L I G H T

An Mformation Whitepaper ENTERPRISE MOBILITY SOLUTIONS FROM THE CLOUD REMOVE THE BARRIERS 1

SOLUTION BRIEF Enterprise Mobility Management. Critical Elements of an Enterprise Mobility Management Suite

Multi-OS Enterprise Mobility Management. Perfectly balancing end-user and corporate needs

T r a n s f o r m i ng Manufacturing w ith the I n t e r n e t o f Things

Addressing Cloud, Mobile, and Workflow Efficiency Demands with the Next Generation of Multifunction Peripherals

Global Headquarters: 5 Speen Street Framingham, MA USA P F

CREATING AN EFFECTIVE SUPPORT PLAN FOR BYOD: A BEST PRACTICE GUIDE

Enabling Seamless & Secure Mobility in BYOD, Corporate-Owned and Hybrid Environments

I D C T E C H N O L O G Y S P O T L I G H T. P o r t a b i lity: C h a r t i n g t h e Path T ow ard the Open Hyb r i d C l o u d

I D C A N A L Y S T C O N N E C T I O N. T h e C r i t i cal Role of I/O in Public Cloud S e r vi c e P r o vi d e r E n vi r o n m e n t s

On-Demand vs. On-Premise Customer Relationship Management: A New Hybrid Emerges

Samsung KNOX: An Overview for Business Customers

White Paper : An Overview of Samsung KNOX

Securing Enterprise Mobility for Greater Competitive Advantage

I D C M A R K E T S P O T L I G H T. T h e E vo l u t i o n of Enterprise Mobility

MOBILIZE YOUR WORKFORCE FOR GREATER PRODUCTIVITY

BEST PRACTICES IN BYOD

An Overview of Samsung KNOX Active Directory and Group Policy Features

I D C V E N D O R S P O T L I G H T

CHOOSING AN MDM PLATFORM

In-Depth Look at Capabilities: Samsung KNOX and Android for Work

How To Get A Better Desktop Management System

I D C M A R K E T S P O T L I G H T. P r i va t e a n d H yb r i d C l o u d s E n a b l e New L e ve l s o f B u s i n e s s and IT Collaboration

C l o u d - B a s e d S u p p l y C h a i n s : T r a n s f o rming M a n u f a c t u r ing Performance

Mastering the Mobile Challenge

I D C V E N D O R S P O T L I G H T

I D C V E N D O R S P O T L I G H T. S t o r a g e Ar c h i t e c t u r e t o Better Manage B i g D a t a C hallenges

Global Headquarters: 5 Speen Street Framingham, MA USA P F

White Paper : An Overview of Samsung KNOX

I D C E X E C U T I V E B R I E F

What's on the Mind ??? June 2011 Sponsored by BT Benelux IDC

perspective The battle between MDM and MAM: Where MAM fills the gap? Abstract - Payal Patel, Jagdish Vasishtha (Jags)

I D C M A R K E T S P O T L I G H T

Consumerization. Managing the BYOD trend successfully. Harish Krishnan, General Manager, Wipro Mobility Solutions

Bell Mobile Device Management (MDM)

Guideline on Safe BYOD Management

W H I T E P A P E R E d u c a t i o n a t t h e C r o s s r o a d s o f B i g D a t a a n d C l o u d

I D C T E C H N O L O G Y S P O T L I G H T. E n a b l i n g Quality I n n o va t i o n w i t h Servi c e

Technical Note. ForeScout MDM Data Security

WHITE PAPER THE 7 KEY FACTORS IN CHOOSING A MOBILE DEVICE MANAGEMENT SOLUTION

I D C T E C H N O L O G Y S P O T L I G H T. B i g D a t a a n d E C M : Making Smarter Decisions

I D C T E C H N O L O G Y S P O T L I G H T

I D C S P O T L I G H T. S e r vi c e T r a n s p a r e n c y: Adopting a Standard Ap p r o a c h f o r E va l u a t i n g C l o u d S e r vi c e s

Migrating to Windows 7 - A challenge for IT Professionals

The Rise of Intelligent Systems: Connecting Enterprises and Smart Devices in Seamless Networks

Enterprise Communications Research 2013

ENTERPRISE MOBILITY USE CASES AND SOLUTIONS

Samsung Solutions for Enterprise Mobility. MichailasTraubas Samsung Electronics Baltics

Secure Mobile Solutions

Investing in an Internet of Things (IoT) Solution: Asking the Right Questions to Minimize TCO

Safely Extend the Enterprise to Personal Mobile Devices

Mobilise Your Financial Enterprise to Engage at the Edge

Choosing an MDM Platform

Five Steps to Android Readiness

BYOD Guidance: BlackBerry Secure Work Space

How To Create A Mobile Experience Virtualization For A Mining Company

Mobility in Claims Management

I D C M A R K E T S P O T L I G H T. B u i l d i n g a Cloud Practice: Reselling C l o u d S o l u t ions

A CIO s Guide To Mobility Management

5 Must-Haves for an Enterprise Mobility Management (EMM) Solution

Transformative Technology in Document Security

Embracing Android in the Enterprise

"Secure insight, anytime, anywhere."

Data Loss Prevention Whitepaper. When Mobile Device Management Isn t Enough. Your Device Here. Good supports hundreds of devices.

Enterprise mobile management a need or an option?

SECURING TODAY S MOBILE WORKFORCE

I D C M A R K E T S P O T L I G H T. T a m i n g D a t a M a n a g e m e nt Costs in a " C l o u d y" I T W o rld

I D C V E N D O R S P O T L I G H T. S e c u r i n g Cloud and Mobile W h i le Keeping E m p l o ye e s H a ppy

Symantec App Center. Mobile Application Management and Protection. Data Sheet: Mobile Security and Management

How To Protect Your Mobile Devices From Security Threats

Got Files? Get Cloud!

Kony Mobile Application Management (MAM)

McAfee Enterprise Mobility Management Versus Microsoft Exchange ActiveSync

IDC MarketScape: Worldwide Service Desk Management Software 2014 Vendor Analysis

I D C V E N D O R S P O T L I G H T. H yb r i d C l o u d Solutions for ERP

BYOD Strategies: Chapter I

IT Resource Management vs. User Empowerment

BRING YOUR OWN DEVICE

Enterprise Mobility: A Market Perspective!!

I D C T E C H N O L O G Y S P O T L I G H T. F l e x i b l e Capacity: A " Z e r o C a p i t a l " Platform w ith On- P r emise Ad va n t a g e s

Transcription:

S O L U T I O N S P O T L I G H T Securing Android for the Enterprise December 2013 By Ian Song and Charles Reed Anderson Sponsored by Samsung This Solution Spotlight focuses on providing clarity to confusion and misconceptions regarding enterprise mobility and security. We also take a closer look at the role of Samsung's KNOX mobile platform in helping businesses take greater advantage of enterprise mobility to sharpen their competitive edge. Situation Overview The rise of enterprise mobility has its roots in the unending end-user desire to acquire the latest technology that eventually makes its way into the enterprise. The consumerization of IT has forced IT departments to transform core technologies, skill sets, policies and business processes to meet user requirements. The enterprise today must build secure, yet agile, software and hardware mobility platforms that enable their organizations to continually innovate and adapt to competitive business demands and success parameters. However, the harsh reality for many organizations globally is that enterprise mobility has yet to deliver on the promise of increased operational efficiency and cost reductions. In many cases, the bring your own device (BYOD) model has increased the cost burden for enterprises. IDC believes there is a severe lack of understanding, expertise and foresight to truly unlock the value that is enterprise mobility. In fact, while 2012 saw the explosive proliferation of mobile device management (MDM) software that secures, monitors and manages mobile devices 2013 has been a period for many of the same companies to take stock of their mobility projects and to rewrite their mobility strategy. This one step forward, two steps back phenomenon is likely the result of companies investing in point solutions that deal with only a small aspect of mobility in the hope of delivering a quick-and-easy answer to the ever rising number of mobile devices being brought into their organizations. The lack of understanding, strategy and planning often result in increased security risk, lower customer satisfaction, and higher capex and opex. Worldwide Consumerization Momentum Unstoppable Consumers are firmly in the driver's seat of the development of mobility adoption across the globe. By IDC's estimates, worldwide smartphone shipments will reach 1.6 billion units by 2017, up from just 722 million units in 2011. On the enterprise side, consumers are once again driving corporate adoption of the new generation of smart connected devices. Since the late 2000s, the consumerization trend has fundamentally transformed the corporate IT landscape as devices and end users have become smart enough to easily bypass the traditionally locked down enterprise IT environment. The trend of consumerization has paved the way for the rise of BYOD practices as IT departments around the world give up the fight to keep users' devices out. The momentum of consumerization of IT will continue to build. On the smartphone front, IDC has forecasted that the worldwide smartphone shipment in the consumer space will grow at a compound annual growth rate (CAGR) of 10% between 2012 and 2017. However, the CAGR for devices purchased for enterprise usage will be 34% and 36% for corporate liable and BYOD, respectively (see Figure 1). #APSS7796W

F i g u r e 1 Worldwide Business Use of Smartphones 2012-2016 Source: IDC, 2013 The tablet front tells a similar story. The CAGR for consumer tablet shipments between 2012 and 2016 will be around 11%, whereas enterprise shipments (corporate liable only) will be more than double that at 33%. The message is clear that there is still much headroom for mobile devices to grow in the enterprise space. In fact, IDC estimates that by the end of 2013, 90 million smartphone shipments, or 9.4% of all smartphone shipments, will be corporate liable. This marks a 65.5% increase from the 54.4 million corporate-liable smartphone shipments in 2012. The reason for the increase in corporate-liable smartphone shipments is the greater attention that companies are paying to maintain a firm control of their mobility strategy, including management of their employees' smartphones. IDC believes that by 2015, Android's story for enterprises will become more refined and crystallized, and could potentially mark another inflection point in the mobility landscape. BYOD will continue to dig deeper roots. IDC believes that 177.8 million smartphone shipments, or 18.5% of all smartphone shipments, will be employee liable, or under the BYOD model in 2013. This marks a 108.6% increase from the 85.2 million employee-liable smartphone shipments in 2012. Driving the increase in employee-liable smartphone shipments is the ongoing BYOD trend among end users and the expected increase in the number of solutions that offer personal and business personas on their smartphones. Android, with its widespread availability worldwide and strong acceptance by consumers to use their smartphones for work, will face challenges. The limited enterprise management capabilities of the existing stock versions of Android remain one of the biggest challenges. Android's open nature is one of the reasons why it is the most fragmented mobile ecosystem on the market today. Because of it, Android from different vendors is essentially different platforms when it comes to management in the enterprise. For organizations struggling with managing different mobile platforms like ios, Blackberry and Windows Phone, the last thing they want to deal with is to manage different Android devices from different vendors with different management platforms. The other challenge is that Google has been slow in releasing management tools for the Android OS, to date; there is only a handful of device management and APIs built into the OS itself. This means IT departments will experience a difficult time to truly secure and manage Android out of the box. And finally, being an open ecosystem, the number of malicious software in the Android ecosystem is many times of other, closed mobile ecosystems. Combining with the poor built-in security and manageability of Android, leveraging the OS in the enterprise setting is still some years away. The message is clear that there is still much headroom for mobile devices to grow in the enterprise space. Moreover, one of the OS platforms of choice for enterprises will be Android. While enterprise mobility is and will continue to be a multi-os, multi-platform environment, IDC believes Android-based devices will play a larger role by 2017. Yet, the challenge of enterprise utilization of Android is perhaps one of the best 2 2013 IDC

opportunities for some Android vendors, especially those which have larger market share. These Android market leaders have the opportunity to enhance the security and manageability of the Android ecosystem, specifically for their own devices. If a vendor has a critical mass of adoption from the consumer side, adding enhanced security and management capabilities can position its devices in a favorable light with the IT department and the organization itself, both in terms of the BYOD and corporate models. Enterprise Mobility Device Utilization Models Bring Your Own Device (BYOD) When it comes to consumerization of IT, multiple usage models exist in the enterprise. The most popular and well-known model is BYOD, which leverages the user's personal smart device to perform work-related tasks, both in and out of the office. IDC also refers to BYOD as the employee liable model because the employee is essentially responsible for the physical welfare of the device(s), while the company may or may not support the device on the software level. BYOD is a popular usage model with users and employer alike across the globe because of a few reasons: Users are in charge of choosing the device they want and therefore would be more likely to use it for work. IT departments are not tasked to support the hardware of user owned devices, therefore lowering operational costs. Enterprises are not required to procure devices for mobile-qualified employees, therefore lowering capital expenses. Due to these reasons and the explosive growth of smartphones, BYOD is, and remains, the most popular way for many enterprises to address consumerization of IT today. This has also given the resurgence of MDM, in which the solutions complement BYOD by providing device-level management and security. However, BYOD in reality falls short of its promises. Despite having device-level security and management, BYOD will always pose security risks to data, and not to mention legal, content ownership and privacy issues. This is the nature of the personally owned device, in which a single device serves multiple purposes. At its core, BYOD is a compromise between users and the company; the company will reluctantly allow users to use their own devices at work, and in return users reluctantly do work on their own devices. Because of this inherent mistrust, IT will probably not ever be comfortable trusting a user's own device completely, and therefore will not fully utilize the capabilities of that device. IDC has already seen the growth momentum begin to ease in developed countries worldwide as enterprises in those countries begin to run into issues that relate to the device, data ownership and liability. The CYOD Trend Allowing IT to Regain Some Control In many enterprises, especially those in developed nations, a new trend is emerging. Eligible users are given a choice of devices that they can use for work, also referred to as the "choose your own device" (CYOD) model. CYOD is a new spin on the traditional corporate-liable mobility model in which the enterprise takes full ownership of the device. Unlike the traditional corporate-liable model, in which the organization manages only one mobile platform with very limited choice of mobile device, CYOD has IT manage multiple mobile platforms and offers a wider range of popular mobile devices users actually want to use. IDC believes that CYOD is the next evolutionary step in enterprise mobility and addresses many shortcomings of BYOD, as discussed previously. For one, under CYOD, there is no confusion of device or data ownership, and therefore IT departments can fully secure the devices under management. Second, IT departments can now deliver more services in the CYOD scenario, because much of the underlying security flaws can be addressed. Finally, organizations that already have a mobility infrastructure can continue to leverage their existing mobile capabilities like corporate cellular plans and other services, so that implementing additional enterprise mobility solutions is also less costly. However, CYOD may not be the solution for every organization. Since enterprises are liable for the device under the CYOD model, the burden of device procurement falls on the enterprise, and in today's cost-cutting corporate culture, not all organizations would want to incur another cost item. For users, while the idea of having the latest and greatest devices is certainly appealing, the fact that all their data, personal and professional, are under constant surveillance is not something users want. This is especially true for developed countries where privacy concerns are higher. Regardless of concerns about CYOD, IDC believes the model will begin to gain more traction with enterprises around the world as they start to leverage mobility more strategically, where the need for security 2013 IDC 3

and management is higher. The CYOD model will likely pick up traction in the developed markets first before taking hold in the developing markets. Different device adoption models for enterprise mobility are heavily dependent on how the organization in question looks to utilize mobility. IDC recommends that organizations first analyze the nature of their enterprise mobility initiative before selecting a method of device adoption. In general, employees who are not mobile should not need to be issued a mobile device, or need to access much sensitive corporate resources via mobile, and if supported, a BYOD approach is usually more cost-effective. For employees who are mobile, like account managers and support engineers, and whose nature of work revolves around mobility and are in constant need of accessing key company information via mobility, it is best to adopt a CYOD model and offer a selection of corporate-liable devices that are fully secured and managed. That said, IDC recognizes that multiple types of workers exist in a corporate environment. BYOD and CYOD are not mutually exclusive solutions, and can be implemented side by side. IDC believes that organizations should have the flexibility to offer multiple adoption models based on the needs of users, but the real challenge is security. Mobility Security Poses a Challenge Understanding security requirements for enterprise mobility can be a daunting task by itself. In the following section, IDC will provide in-depth analysis of mobile security and management solutions that are available. IDC defines mobile security and management as products that are designed or optimized to provide security and management, specifically for devices within the mobile environment, including smartphones, tablets, and other devices running mobile operating systems. Mobility products positioned as security-centric solutions should include some, if not all, of the following capabilities: secure the device, secure data at rest, secure data in transit and secure applications. The enterprise mobility solutions industry is one of the fastest growing markets globally. IDC expects the worldwide market for mobile enterprise management (MEM) software, which include security and management solution for mobile device management (MDM), mobile application management (MAM) and mobile content management (MCM), to exceed US$2 billion by 2016. The high addressable size for the MEM market is because mobile management and security are foundational solutions of mobility initiatives for enterprises across the globe, and more companies are realizing that security in the mobile sense is no longer just about the devices. Mobile security touches every part of the company's infrastructure, and requires new and innovative solutions for management. There are multiple solutions and technologies to deliver mobility security, but not all of them can address the security needs of the enterprise. However, more often than not, combining these solutions will increase the addressable security capability to an acceptable level. In fact, IDC has redefined the MDM market to MEM to reflect the trend of mobility management/security. The MEM software market includes products that offer standalone MDM, standalone MAM, or combined MDM-MAM functionality. In addition, IDC has seen a growing trend in which vendors include MCM functionality within their MEM suite. Therefore, IDC will also include MCM where applicable. Mobile Enterprise Management: The growing need for enterprises to manage both mobile devices and mobile applications has led IDC to merge two previously distinct markets MDM and MAM software, and MCM where applicable into the new MEM software market. Mobile Device Management: A MDM solution includes many of the standard features in traditional management solutions but also includes additional functionality that addresses the unique needs of mobile devices such as smartphones. Some of the key features of a MDM solution include device provisioning and managing configuration settings; inventory/asset management; software distribution and updates; remote wipe/lock, remote control, policy and compliance management; authentication and certificate management; real-time device monitoring, location-based services; and device reporting and analytics. Mobile Application Management: MAM refers to a solution by which specific mobile applications can be managed, secured and distributed by IT organizations, and typically allows for enhanced policies to be applied to individual applications. MAM solutions can either supplement MDM functionality or stand alone and typically include some combination of features that ensure the management of the application life cycle, and granular security and corporate policy control of applications and content. Mobile Content Management: MCM provides IT with a secure way to provide access to files/content/data sitting in various data stores to mobile devices. Such solutions may also provide mechanisms to securely collaborate on this content. These products allow IT to manage who gets access to what information and may tie in with other back-end or mobile-specific policy systems. 4 2013 IDC

Preventing data loss is a key goal of these products, and they do so by providing IT with a mechanism to control data flow in and out of the secured app and secure communication between apps. These solutions assist with compliance and governance by offering reporting on user activity with mobile content. Another emerging solution for mobile security and management is the approach of enhancing the security of the underlying operating system. By enhancing the security and manageability of the operating system, IT no longer needs to manage the device, application and contents separately. Since the entire operating system is security enhanced and management enabled, applications and contents within the OS benefit directly from the underlying OS security and manageability without the need to be modified to be managed. Secure OS delivers several benefits over the traditional MEM approach in that it does not require multiple solutions to deliver holistic management and security, applications do not need to be containerized, and thus can fully communicate with the rest of the OS. This also means that IT can manage a full operating environment. Presently, many organizations associate mobile security with just MDM. However, this is a misconception of mobile security as MDM only addresses a small part of mobile security. Vendors have begun to realize that simply delivering MDM is not sustainable, and have therefore been expanding the capabilities of their solutions. Other areas that vendors are expanding into are data loss prevention technology as well as application and content management solutions. Despite the development, there are few vendors in the market that can provide a platform and tie together multiple security (device, application, content) solutions and management and offer them in an integrated fashion. Samsung KNOX, the Next Secure Enterprise Mobile Platform As previously discussed, the Android platform is poised to become a key player in the enterprise mobile device space by 2015. However, Android's fragmented ecosystem and challenges in security and manageability requires attention. According to IDC's Worldwide Mobile Phone tracker, Samsung has shipped 68 million smartphones to the consumer market and 7 million smartphones to the commercial market in the second quarter of 2013, accounting for 32% and 35% of the market, respectively. Samsung also garnered a massive 63% market share in the commercial Android sector in Q2 of 2013. Samsung is in the driver's seat in the smartphone market in all categories, and this gives the company a unique opportunity to drive the development of Android security and management for its own branded devices that has the potential to reach to a very wide audience globally. Samsung is constantly innovating and is looking to address all segments of the market. Bridging the Mobility Security Gap Samsung KNOX is a holistic enterprise mobility management solution based on the underlying security needs of enterprises' mobility initiatives. KNOX is designed to address fundamental security flaws of Android-based devices. Because Samsung is the largest vendor of Android devices in the world, the likelihood of users and organizations leveraging Samsung devices are higher than other branded Android devices. By adding KNOX to Samsung branded devices, IT departments can effectively address the security and management concerns related to the fragmentation of the Android platform. KNOX also offers flexible features so that it can secure and manage devices under different provision models, be it BYOD or CYOD. Samsung KNOX is the Korean phone maker's own internally developed enterprise mobility platform based on the secure OS approach, as discussed in the previous section. KNOX separates users' personal and professional lives into two separate parts under the security enhanced Android OS. The personal side is unmanaged while the professional side is highly secure and managed, and all work-related data and applications located in the secure environment are secured and managed. In a CYOD scenario, all corporate specific resources are located in the security enhanced Android environment which IT has full control to manage and secure. Users have the freedom to conduct their personal tasks in an unmanaged portion of the device where IT does not manage. This approach solves one of the biggest challenges of the CYOD model: user privacy concerns. 2013 IDC 5

F i g u r e 2 Samsung KNOX Platform Security Source: Samsung, 2013 As illustrated in Figure 2, the Samsung KNOX platform ensures security on multiple levels: Trusted Boot Trusted Boot is a security mechanism that prevents unauthorized boot loaders and OSs from loading during the startup process. Firmware images, such as OSs and other system components that are cryptographically signed by known, trusted authorities, are considered as authorized firmware. Trust Zone-based Integrity Management Architecture (TIMA) Provides continuous integrity monitoring of the Linux kernel; when TIMA detects that the integrity of the kernel is violated, it notifies enterprise IT via MDM which can then take a policy-driven action in response. Security Enhancements for Android (SE for Android) Security Enhancements for Android addresses major security gaps in Android by applying mandatory access control (MAC) on applications and properly isolates applications and data on the OS level. With Samsung KNOX platform security, Trusted Boot, TIMA and SE for Android form the first line of defense against malicious attacks on the kernel and core boot strap processes, and enterprises can look to deliver a fully secure and managed mobile OS to the mobile device. Furthermore, KNOX application security eliminates the need to have separate application and content management solutions. In a BYOD scenario, Samsung KNOX has built-in application containerization capabilities to fully wrap mobile applications with security and management. This containerization is best suited for personal devices as the setup does not interfere with their existing application and data. A Samsung KNOX Container provides a separate Android environment within the mobile device, complete with its own home screen, launcher, applications, and widgets. Applications and data inside the container are isolated from applications outside the container, that is, applications outside the container cannot use Android inter-process communication or data-sharing methods with applications inside the container. For example, the Gallery application outside the container will not display photos taken from the camera inside the container. Likewise, applications inside the container generally do not have the ability to interact with applications or access data outside the container. However, some applications inside the container can be granted readonly access to data outside the container via a policy configuration. For example, contacts and calendar events created outside the container are viewable inside the container. Additionally, Samsung KNOX offers an on-device data encryption (ODE) feature which allows users and enterprise IT administrators to encrypt data on the entire device, as well as any configured Samsung KNOX Container. KNOX also offers a high level of comprehensive support for enterprise-grade VPN. This enables businesses to offer their employees an optimized, secure path to the enterprise intranet from their BYOD- or 6 2013 IDC

corporate-issued device. A SSO service provided by KNOX utilizes SSO-enabled applications inside the KNOX Container that supports both cloud- and Intranet-based apps to increase employee productivity. When it comes to management, Samsung KNOX is built upon a strong, secure foundation, and offers over 490 policies and over 1,090 APIs for MDM. This means that Samsung's MDM partners or the enterprises themselves can leverage Samsung's additional policies and APIs to fully utilize the capabilities offered in the Samsung KNOX. The additional Samsung-specific Android policies and APIs also means that KNOXcapable devices are more agile in the enterprise, and can be tailored to fit in almost any role for any use case without the need of dedicated applications. Industry verticals with specific needs such as healthcare, retail, manufacturing and education can all benefit directly from such flexible management capability. KNOX's MDM integration and agile policies mean that although an organization could leverage a multi-os ecosystem through one MDM solution, KNOX qualified Samsung devices are much more capable of addressing multiple needs and use cases with a single solution. In the grander scheme of enterprise mobility, having a single, capable device, security and management platform for all mobile needs is a more strategic approach. Technical benefits The immediate technical benefit for Samsung KNOX is that it combines device- and software-level security solutions into a singular package. This approach not only reduces the overall cost and complexities of enterprise mobility security, but it also addresses the fundamentally insufficient native Android security and management. Additionally, KNOX is a platform in that it combines multiple enterprise mobility solutions into one centralized, managed offering. Enterprise IT should be able to implement KNOX for their Samsung device fleet or Samsung based BYOD users relatively easily. KNOX also bypasses the complexities of implementing multiple mobility solutions to manage the devices, applications separately. Finally, KNOX ensures the highest level of security to apply to all aspects of the device, regardless of the device ownership. In addition to the ability to integrate KNOX with MDM solutions, customers who wish to bypass MDM due to cost or complexity concerns can leverage KNOX's built-in management capabilities. By working together with the customer's existing Exchange ActiveSync capabilities, organizations and their end users can ensure security and management on their Samsung devices without making additional investment in MDM. Another benefit for KNOX is the ability to enable Single Sign On (SSO) for business applications. The KNOX SSO capability delivers another level of security and efficiency for both BYOD and CYOD Samsung devices. For enterprise purpose, users can access secured applications and services without the need to repeat authentication procedures and KNOX SSO can effectively secure and manage applications and contents. Business benefits Samsung KNOX can effectively lower the overall barrier to entry for many organizations when it comes to implementing enterprise mobility, and thus lower the investment costs. Second, since overall management and security are done centrally, IT operations for mobility are more streamlined, therefore driving down operational costs. There are additional "soft" benefits for KNOX such as user goodwill that is a bit harder to measure. Additionally, KNOX does not require the organization to rip out their existing mobility solution in order to implement KNOX. Traditionally, implementing a new mobility solution means the organization has to start from zero again by completely replacing all management solutions. But since KNOX lives on top of most existing MDM solutions, organizations can continue to use their MDM for other devices with the added benefits of much more secured and manageable Samsung devices. In the BYOD model, KNOX can continue to deliver opex and capex benefits. Since KNOX is already presented in qualified Samsung devices, IT needs only to enable it and start managing, therefore reducing opex. And since BYOD means the users are liable for device procurement, the capex reduction is also quite significant. With a comprehensive set of security platform available for Samsung Android devices, KNOX presents partners and resellers opportunities to differentiate their solutions. Resellers will not only be able to help their customers quickly adopt enterprise mobility solutions, but also create opportunities for direct device sales. KNOX Challenges and Opportunities Samsung KNOX sets itself apart from other Android vendors in the enterprise space by offering distinct security and management advantages. Samsung KNOX's holistic approach to enterprise mobility allows enterprise customers flexibility in mobility adoption. There is no question that Samsung is the de-facto Android player in the enterprise space, but the real device competition for enterprise mobility will come from other mobile OS platforms. To compete with its closest rivals, Samsung will need to continue to enlarge its footprint in the enterprise. Samsung has to not only capitalize on the consumerization trend by continuing to 2013 IDC 7

innovate and deliver devices which appeal to consumers, but also communicate to enterprises that its devices and solutions can provide the level of security, manageability and flexibility that they are looking for. In fact, with most organizations today tending to "follow the innovator" in terms of adoption, Samsung should proactively showcase best practices from its enterprise mobility customers. Another challenge for Samsung KNOX is that the solution itself targets the enterprise customers in developed countries. The mobile maturity level of enterprise customers in developing/emerging countries remains low. This becomes a challenge for Samsung as these customers tend to focus more on the cost of the solution rather on the problems they solve. To date, only a handful of countries have the mobile maturity level to require significant investment and focus on security. While these advanced countries represent the bulk of the enterprise mobility markets today, it will be the developing and emerging countries driving mobility growth in the future. Samsung needs to plan for tomorrow's core customers by engaging its partners in these markets today, laying the groundwork through customer education and engagement. Android is already a dominating mobile platform in developing markets, and Samsung needs to make sure those are Samsung Android devices. Conclusion It should be clear to companies that consumerization and BYOD are not just a trend or fad, but the new normal in corporate IT. There is no better time than the present for decision makers to start planning for this eventuality. Despite IDC's forecasts related to the increased business use of smart devices, enterprises will experience difficulties in fully utilizing the capabilities of these devices in their respective corporate environments. One of the key contributors to such difficulty is the fact that enterprises today are looking at enterprise mobility solely from a single angle. While no one argues that smartphones and tablets are the catalysts for the enterprise mobility movement, the reality is that applications, contents and services are the engines that drive value for enterprise mobility. The challenge for enterprises and their IT departments is no longer just about securing and managing mobile devices, but rather the entire consumer-based mobility ecosystem. Enterprises must realize the value they can harness from a properly secured and managed mobility ecosystem that mimics the usability and experience of the consumer counterpart in order to truly harness the power of today's mobile devices. Organizations today must look to the consumer space when addressing enterprise mobility. The consumerization of IT means whatever the consumers are using will appear in the enterprise. However, the reality of the consumer space is that only two to three vendors will account for more than 50-70% of the market depending on the region. Enterprises should focus on these key vendors as they are most likely to be the devices that users bring to the office, or want to use for work. There are even fewer hardware vendors with a sharp focus on addressing the needs of the enterprise from security and management aspects. There is no question that Android will be a major player in enterprise mobile device arena in the future, and Samsung is strategically positioned to play a key role in driving the enterprise space forward. A B O U T T H I S P U B L I C A T I ON This publication was produced by IDC Go-to-Market Services. The opinion, analysis, and research results presented herein are drawn from more detailed research and analysis independently conducted and published by IDC, unless specific vendor sponsorship is noted. IDC Go-to-Market Services makes IDC content available in a wide range of formats for distribution by various companies. A license to distribute IDC content does not imply endorsement of or opinion about the licensee. C O P Y R I G H T A N D R E S T R I C T I O N S Any IDC information or reference to IDC that is to be used in advertising, press releases, or promotional materials requires prior written approval from IDC. For permission requests contact the GMS team at gmsap@idc.com. Translation and/or localization of this document requires an additional license from IDC. For more information on IDC, visit www.idc.com.sg. For more information on IDC GMS, visit www.idc.com/gms. Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com Copyright 2013 IDC. Reproduction without written permission is completely forbidden. 8 2013 IDC

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information