News Categories

Use a Samsung phone for work? Samsung Knox brings on-device attestation with Microsoft Intune

By Liu Hongzuo - on 27 Jul 2023, 10:26pm

Use a Samsung phone for work? Samsung Knox brings on-device attestation with Microsoft Intune

The newly launched Samsung Galaxy Z Fold5, which comes with Samsung Knox security platform built in.

Up to 70% of Singaporeans use personal devices for work. We can imagine how much of a nightmare that’d be for many companies working with sensitive data and valuing confidentiality. However, these firms may not be quite ready to give up on the free extra labour these employees provide on their personal devices.

There’s some good news for these companies' IT managers and cybersecurity departments, now that Microsoft and Samsung have jointly announced the first-ever on-device attestation for enterprises

Samsung and Microsoft prepared a special keynote slide to commemorate this milestone.

In short, mobile devices that carry Samsung Knox  — the proprietary security platform on virtually all modern Galaxy smartphones and tablets — will get protection from Microsoft Intune. That includes both managed and unmanaged Galaxy devices in the enterprise’s network.

Microsoft Intune is a cross-platform endpoint management platform used by IT managers and cybersecurity departments of enterprises to verify if an existing device on their network is “healthy” — not compromised by bad-acting hackers, or pretending to be healthy when it’s not. 

With Microsoft partnering with Samsung, employees using Galaxy devices with Samsung Knox — whether their own personal phone or a company-issued device — will natively get on-device attestation that tells their employers whether Galaxy devices are kosher for working with sensitive corporate data and information.

From left:  KC Choi, EVP and Head of Global Mobile B2B, Samsung, seated with Michael Wallent, CVP at Microsoft Security - Management.

In a joint closed door session with KC Choi, EVP and Head of Global Mobile B2B, Samsung, with Michael Wallent, CVP at Microsoft Security - Management (who also leads Microsoft Intune’s product management team), they explained how on-device attestation is different from cloud-based attestation, and what are some challenges that on-device attestation can alleviate in IT and mobile device management in a Zero Trust workplace.

For example, cloud-based device attestation counts on the attestation server being always available; it assumes the employee’s device always has a strong Internet connection, and each verification takes up precious bandwidth, processing power, and latency of the employee’s device too. Imagine jumping through hoops whenever you check your work emails on your phone, lagging from start to finish, all to have a secure work environment.

On-device attestation, on the other hand, relies on the onboard processing, of which Galaxy devices (like the newly released Flip5, Fold5, and Tab S9 series) are powerful enough to process that attestation on the device itself. That skips cloud latency and bandwidth issues, without sacrificing too much processor performance because of security needs. Separately, IT managers relying on attestation can save time and effort on whitelisting employee devices for work.

Samsung Galaxy’s on-device attestation with Microsoft Intune will only start rolling out after end-August 2023 to Samsung Knox devices with Android 10 or later. For more information, you can check out the official Samsung announcement here.

Join HWZ's Telegram channel here and catch all the latest tech news!
Our articles may contain affiliate links. If you buy through these links, we may earn a small commission.