Feeds

GCHQ grants security clearance to Samsung's Knox mobe security

Galaxies all round for pen-pushers... 007 will have to stick with Q's kit

Internet Security Threat Report 2014

The official containerisation solution for security on Samsung phones and tablets has passed muster with GCHQ. It’s now deemed safe enough for UK government employees to get a Galaxy Note 3, Galaxy S3 S4 or Galaxy S5 all of which run the Korean firm's KNOX software.

This is only to the OFFICIAL (PDF) level of security.

This is akin to a standard business. The typical threat profile for the OFFICIAL classification is broadly similar to that faced by a large UK private company with valuable information and services. It anticipates the need to defend UK government data or services against compromise by attackers with an average of capability and resource, such as hacktivists, single-issue pressure groups, investigative journalists, competent individual hackers and the majority of criminal individuals and groups.

It’s not considered safe against offensive cyber attacks from well-funded organised crime or foreign agencies or governments.

For SECRET levels of security, there is an approved solution which uses a special version of BlackBerry phones which show a red border in secure mode and ancient Motorola phones with Sectéra hardware encryption modules for voice. General Dynamics, which makes Sectéra, has Android solutions, but they have not been approved.

While Knox has been around for a while, it has taken until now for it to win UK government approval. This is the original version of Knox, not version 2.0 – which has been announced but is not yet shipping.

It’s worth noting that Windows Phone 8 has not passed the testing requirements.

One of the nice things about Knox is that the user can do social and domestic stuff, such as Facebook and Instagram, outside of the Knox container and revert to the secure area for their government work.

Graham Long, vice president of the Samsung UK & Ireland enterprise business team said: “Mobile device data security is a major focus for Samsung, and our KNOX technology provides a comprehensive solution for businesses and the public sector. We are pleased that our KNOX enabled devices have been cleared for use by the UK Government, and are confident given the period of intensive testing that the robust capabilities of KNOX act as a credible security solution for government agencies.

Our technology is widely used in both the UK public and private sector, and with this approval we are committed to working more closely with government departments and agencies that need to maintain high levels of security and data confidentiality on their mobile devices.”

The devices very important governmental types can now buy include the Galaxy Note 3, Galaxy S III, Galaxy S4 and the Galaxy S5.

Gaining OFFICIAL status might not be the James Bond SECRET or TOP SECRET level which would make for exciting headlines but in reality there are very many more government employees which have a daily requirement for the lowest level of security and not that many with the DV clearance of the top level. Anyone with a real concern about security is best off not using a smartphone at all. ®

Intelligent flash storage arrays

More from The Register

next story
Chipmaker FTDI bricking counterfeit kit
USB-serial imitators whacked by driver update
Xperia Z3: Crikey, Sony – ANOTHER flagship phondleslab?
The Fourth Amendment... and it IS better
DOUBLE BONK: Testy fanbois catch Apple Pay picking pockets
Users wail as tapcash transactions are duplicated
Microsoft to enter the STRUGGLE of the HUMAN WRIST
It's not just a thumb war, it's total digit war
Google Glassholes are UNDATEABLE – HP exec
You need an emotional connection, says touchy-feely MD... We can do that
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.