CIS13: Samsung’s Perspective on Mobile Identity


Published on

Sudhi Herle, VP of Enterprise Products, Samsung Telecommunications America
Samsung will discuss how the mobile ecosystem maturity is demanding more robust enterprise capabilities – especially integration of the mobile apps with existing enterprise notions of identity, authentication and authorization. Samsung will demonstrate how it is tackling this issue in their Knox platform – by using Centrify powered technologies. Learn how this will help your Enterprise IT admin to seamlessly add mobiles into their existing MS Active Directory, extend the reach of their enterprise apps to integrate with AD and understand how Samsung Knox Dual Persona is a good strategy for Enterprise IT integration.

Published in: Technology, Business
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

CIS13: Samsung’s Perspective on Mobile Identity

  1. 1. MOBILE ENTERPRISE IDENTITY 7/11/13 © Samsung 2013. All rights reserved. 1
  2. 2. State of Identity 2
  3. 3. Industry Trends §  Cloud, Mobile and Compliance requirements are the three top business and technology waves impacting enterprise IT –  BYO Servers & BYO Applications –  BYO Laptops & BYO Devices §  Identity is at the center of all three waves Samsung Confidential 3
  4. 4. Current State of Enterprise Identity D A T A   C E N T E R   DATA  CENTER   SERVERS   DATA  CENTER   APPS   Smartphones  and  Tablets   End  Users   Laptops   C L O U D   ID   ID   ID   ID   ID   ID   ID   ID   ID   ID   ID   ID   ID   ID   Samsung Confidential 4 Multiple Login for Users. Multiple Identity Infrastructure for IT.
  5. 5. State of Identity 5 But  Can  You  Con(n)  
  6. 6. SAMSUNG KNOX 7/11/13 © Samsung 2013. All rights reserved. 6
  7. 7. Introducing Samsung KNOX 7/11/13 © Samsung 2013. All rights reserved. 7
  8. 8. Multi-layered approach to OS Security 7/11/13 © Samsung 2013. All rights reserved. 8
  9. 9. •  Isolated virtual Android environment •  Activated by Enterprise Identity •  Integrated with Enterprise Active Directory •  Managed by Group Policy Manager* Enterprise Application Container 7/11/13 © Samsung 2013. All rights reserved. 9 Enterprise Application Container Personal Applications *supports  other  consoles  such  as  MDMs     Secure Android Platform
  10. 10. •  Virtual Android Environment -  home screen, launcher, apps, widgets, notifications -  Additional apps from enterprise app store •  Activated on signing with enterprise identity •  Encrypted file system with AES 256-bit encryption. •  Data sharing, apps, files, network completely isolated •  Policies to allow remote IT configuration and management. Isolated Virtual Android Environment 7/11/13 © Samsung 2013. All rights reserved. 10
  11. 11. Activate Knox Container with Enterprise Identity Samsung Confidential 11 §  Enroll to create container §  Use AD/GPM to manage container §  Use same to sign into other cloud services Centrify  SSO   (SaaS) Container SSO … KNOX Android Framework Intranet Centrify Cloud Proxy 1 Enroll  with   Enterprise   IdenBty   3 Leverage   same  for  SSO   2 Manage  with  AD/ GPM  
  12. 12. AD/GPM Knox Container Management 7/11/13© Samsung 2013. All rights reserved. 12 §  Samsung KNOX allows AD/GPM-based Container Management for enterprises that do not desire a traditional MDM system
  13. 13. §  Multi-application SSO is built into the Knox Container §  The container identifies the user to the apps §  The container can get AD attributes for the apps §  Apps can request security tokens for their web app/service SSO built in the Knox Container Samsung Confidential 13
  14. 14. §  Container policies follow the user’s account lifecycle automatically –  Ex. upon termination, employees must not be able to access company information from any device §  AD changes automatically apply to container on user devices: –  Role changes may require updated access policies –  Termination requires auto- removal of access credentials and company data Integrated Admin Follows User Lifecycle User  enrolls  their  own   devices   Update  device   security  seIngs  or   new  group   de-­‐provision   device   Lock  account  and   full  device  wipe   Delete  or  disable  account  and   de-­‐provision  device   Ac*ve   Directory   Samsung Confidential 14
  15. 15. Knox Smart Card support 7/11/13© Samsung 2013. All rights reserved. 15 §  Samsung Knox supports Smart Cards –  Requires a compatible bluetooth CAC reader such as the baiMobile™ 3000MP Bluetooth ® Smart Card Reader. §  Currently allows –  Browser, email and VPN can use credentials on the smart card –  KNOX also support two-factor authentication for the device lock screen using the CAC –  Other applications may also utilize the CAC card via PKCS 11 APIs