Feeds

GCHQ grants security clearance to Samsung's Knox mobe security

Galaxies all round for pen-pushers... 007 will have to stick with Q's kit

Mobile application security vulnerability report

The official containerisation solution for security on Samsung phones and tablets has passed muster with GCHQ. It’s now deemed safe enough for UK government employees to get a Galaxy Note 3, Galaxy S3 S4 or Galaxy S5 all of which run the Korean firm's KNOX software.

This is only to the OFFICIAL (PDF) level of security.

This is akin to a standard business. The typical threat profile for the OFFICIAL classification is broadly similar to that faced by a large UK private company with valuable information and services. It anticipates the need to defend UK government data or services against compromise by attackers with an average of capability and resource, such as hacktivists, single-issue pressure groups, investigative journalists, competent individual hackers and the majority of criminal individuals and groups.

It’s not considered safe against offensive cyber attacks from well-funded organised crime or foreign agencies or governments.

For SECRET levels of security, there is an approved solution which uses a special version of BlackBerry phones which show a red border in secure mode and ancient Motorola phones with Sectéra hardware encryption modules for voice. General Dynamics, which makes Sectéra, has Android solutions, but they have not been approved.

While Knox has been around for a while, it has taken until now for it to win UK government approval. This is the original version of Knox, not version 2.0 – which has been announced but is not yet shipping.

It’s worth noting that Windows Phone 8 has not passed the testing requirements.

One of the nice things about Knox is that the user can do social and domestic stuff, such as Facebook and Instagram, outside of the Knox container and revert to the secure area for their government work.

Graham Long, vice president of the Samsung UK & Ireland enterprise business team said: “Mobile device data security is a major focus for Samsung, and our KNOX technology provides a comprehensive solution for businesses and the public sector. We are pleased that our KNOX enabled devices have been cleared for use by the UK Government, and are confident given the period of intensive testing that the robust capabilities of KNOX act as a credible security solution for government agencies.

Our technology is widely used in both the UK public and private sector, and with this approval we are committed to working more closely with government departments and agencies that need to maintain high levels of security and data confidentiality on their mobile devices.”

The devices very important governmental types can now buy include the Galaxy Note 3, Galaxy S III, Galaxy S4 and the Galaxy S5.

Gaining OFFICIAL status might not be the James Bond SECRET or TOP SECRET level which would make for exciting headlines but in reality there are very many more government employees which have a daily requirement for the lowest level of security and not that many with the DV clearance of the top level. Anyone with a real concern about security is best off not using a smartphone at all. ®

Boost IT visibility and business value

More from The Register

next story
Report: American tech firms charge Britons a thumping nationality tax
Without representation, too. Time for a Boston (Lincs) Macbook Party?
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
Apple gets patent for WRIST-PUTER: iTime for a smartwatch
It does everything a smartwatch should do ... but Apple owns it
For Lenovo US, 8-inch Windows tablets are DEAD – long live 8-inch Windows tablets
Reports it's killing off smaller slabs are greatly exaggerated
Cheer up, Nokia fans. It can start making mobes again in 18 months
The real winner of the Nokia sale is *drumroll* ... Nokia
Microsoft unsheathes cheap Android-killer: Behold, the Lumia 530
Say it with us: I'm King of the Landfill-ill-ill-ill
Seventh-gen SPARC silicon will accelerate Oracle databases
Uncle Larry's mutually-optimised stack to become clearer in August
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.