WHY: Why do we need to care about mobility, management and security. WHAT: What cloud-based solutions are available from Samsung to support your mobility needs. HOW: How does this work? How can you start using the solutions?

2. SAMSUNG. CLOUD. MANAGEMENT. SECURITY WHY AND WHAT
MICHAILAS TRAUBAS SAMSUNG ELECTRONICS BALTICS
B2B SOLUTIONS PRE-SALES

3. AGENDA
•MOBILITY IN EUROPE
•THE PLAN FOR 2014
•MOBILITY IN THE BALTICS
•HOW DO WE WORK AND HOW DO WE LIVE?
•SECURITY AND MOBILITY IN THE CLOUD – SAMSUNG SOLUTIONS

4. ENTERPRISE MOBILITY IN EUROPE – 2013/14

5. ENTERPRISE MOBILITY – WHAT IT IS?

6. ENTERPRISE MOBILITY TODAY
•A set of solutions, enabling mobile technologies in the organizations
Mobile device
Horizontal enablers:
Email
Web
security
Vertical solutions

7. MOBILE DEVICES IN EUROPEAN ORGANIZATIONS
0,0
20,0
40,0
60,0
80,0
100,0
120,0
2012
2013
2014
2015
2016
Millions
Smartphones
Featurephones
Tablets
Source: Canalys European BYOD Market Landscape Analysis (April 2013)

8. IT MANAGERS ABOUT MOBILITY REQUIREMENTS
E-MAIL
CALENDAR AND CONTACTS
VPN ACCESS
IMPROVED DATA SECURITY
FASTER ACCESS TO CONTENT
MORE STABLE ACCESS TO CONTENT
WORKFLOW OPTIMIZATION
MUST HAVE
WISH LIST
Source: KAE Enterprise Mobility ITDMs Research (April 2013)
VOICE AND TEXT

9. ENTERPRISE MOBILITY 2014: TRANSITION FROM REQUIREMENTS TO SOLUTIONS
33%
33%
34%
35%
36%
36%
36%
37%
37%
40%
40%
41%
51%
MOBILE APPLICATIONS
IAM SOLUTIONS
VIRTUAL NETWORKS AND …
NETWORK BASED SECURITY
NETWORK MANAGEMENT AND …
CUSTOM APPLICATION …
BACKUP FOR VIRTUAL SERVERS
MOBILITY
BI/BA/DATA WAREHOUSING
SMARTPHONES
DR/BC
TABLET PCS
SERVER VIRTUALIZATION
•36% OF THE COMPANIES PLANNED MOBILITY BROAD INITIATIVES
•MORE THAN 25% OF RESPONDENTS WERE DOING MOBILE ENDPOINT SECURITY, MOBILE DEVICE MANAGEMENT, MOBILE SECURITY PROJECTS
•MOBILITY-RELATED PROJECTS MADE 4 OUT OF 14 HIGHEST PROFILE PROJECTS PLANNED
2014 Priorities Europe. TechTarget/Computer Weekly, 2014

10. THE BALTIC OUTLOOK

11. SAMSUNG LIVING BUSINESS
•RESEARCH COMPLETED IN AUGUST 2014
•TARGET GROUP:
•EMPLOYED PEOPLE IN THE AGE FROM 18 TO 65
•INTERNET USERS
ESTONIA: 545 RESPONDENTS
LATVIA: 559 RESPONDENTS
LITHUANIA: 565 RESPONDENTS

12. WORK WITHIN PRIVATE LIFE
EE
LV
LT
66%
78%
77%

13. WORK/LIFE BLEND
58%
48%
43%
47%
TRAVELING TO/FROM WORK
ON HOLIDAYS (FOR EXAMPLE, CHRISTMAS, EASTER)
IN THE SUPERMARKET
SPENDING TIME WITH FRIENDS
45%
ON A TRIP

14. HIGHER POSITION = MORE WORK
84%
60%
MANAGERS
SPECIALISTS
WORKERS
53%
91%
76%
71%
91%
76%
67%
EE
LV
LT

15. PERSONAL TASKS DURING WORK TIME
EE
LV
LT
88%
86%
86%
INTERNET
BANKING
NEWS
READING
NEWS
PERSONAL
E-MAILS/
MESSAGES

16. SMARTPHONE IS THE WORK/LIFE BLENDER
78%

17. ORGANIZATIONS ARE EMBRACING NEW TECHNOLOGIES SLOWER THAN CONSUMERS
EE
LV
LT
41%
31%
32%

18. ORGANIZATIONS SEEM NOT TO BE READY
FOR PERSONAL DEVICES
38% 62%
Don’t know or there
is no security policy
Know security
policy

19. SECURITY OFTEN UNDERSTOOD AS RESTRICIONS
EST
LV
LT
20%
30%
30%

20. PERCEIVED SECURITY
62%
61%
42%
SMARTPHONE
PC
TABLET

21. MOST COMPANY DATA IS JUST A PASSWORD AWAY
*********
44%

22. SINGLE DEVICE || MULTIPLE USERS
42%
somebody else uses devices, which I
also use for work

23. EVERY 10TH EMPLOYEE IS A ‘HIRED HACKER’
10%
17%
17%
EST
LV
LT

24. KEY FINDINGS

25. MOBILE WORK – THE NEW REALITY
~70% OF RESPONDENTS CAN USE THEIR PRIVATE DEVICES FOR WORK
BYOD HAS COME TO BALTIC STATES

26. MOBILE WORK – THE NEW REALITY
~70% OF RESPONDENTS WORK DURING THEIR PERSONAL TIME EVERYDAY
THE HIGHER THE POSITION AND SALARY – THE MORE WE WORK
USUALLY THIS IS PROFILE OF THE EMPLOYEE, WORKING WITH SENSITIVE AND CONFIDENTIAL DATA – OUR RISK EXPOSURE GROUP

27. MOBILE WORK – THE NEW REALITY
45% OF RESPONDENTS STATE, THAT THEY ARE SHARING THEIR DEVICES, USED FOR WORK
ARE WE SECURED FROM UNSANCTIONED DATA ACCESS?

28. SECURITY BASICS
• 62% OF EMPLOYEES DON’T KNOW THE
SECURITY POLICY OR THERE IS NO
SECURITY POLICY AT ALL
• AND HOW MANY % ARE COMPLYING
WITH THE SECURITY POLICY?

29. MAJOR THREAT VECTORS
•STOLEN, LOST OR REPLACED DEVICE
•DE FACTO REMOTE DATA STORAGE
•FREE APPLICATIONS AND “INTERESTING” WEB PAGES
•MALWARE ON THE DEVICE
•UNSANCTIONED ACCESS
•UNCONTROLLED NETWORK ACCESS

30. SAMSUNG SOLUTIONS FOR ENTERPRISE MOBILITY

31. 2013

32. 2014

33. MOBILE DEVICE MANAGEMENT
•KNOX EMM – SAMSUNG ENTERPRISE MOBILITY MANAGEMENT SOLUTION
•USER, DEVICE AND APPLICATION MANAGEMENT
•INTEGRATION WITH ACTIVEDIRECTORY -> BY UTILIZING AD MANAGEMENT TOOLS
•ANDROID AND iOS DEVICES SUPPORTED

34. DEVICE MANAGEMENT IN THE CLOUD
KNOX EMM CLOUD PROXY SERVER
FIREWALL
ADMIN PORTAL
USER PORTAL

35. SAMSUNG KNOX EMM KEY USE CASES
•Provision
•Monitor
•Manage
•Secure

36. [1] DEVICE ASSIGNMENT AND INVENTORY
•ASSIGN DEVICE TO THE USER
•COLLECT DEVICE INVENTORY DATA AND STATUS INFORMATION
•BYTES SENT/RECEIVED
•CREATE WIFI PROFILES

37. [2] ENFORCE SECURITY “BASICS”
•REQUIRE USING SCREEN PASSWORD OF CERTAIN COMPLEXITY
•RESET PASSWORD OR FORCE PASSWORD CHANGE
•TURN ON DEVICE ENCRYPTION
•LOCK DEVICES AND WIPE DEVICE DATA FROM ADMIN CONSOLE
*********

38. [3] APPLICATION MANAGEMENT
•CENTRALIZED APP DISTRIBUTION IN ANDROID AND IOS
•REMOTE DEPLOYMENT OF APPLICATIONS TO SELECTED USERS AND USER GROUPS
•AUTOMATICALLY UPDATE APPS

39. [4*] SECURE NETWORK AND DATA
•CREATE WIFI PROFILES
•MANAGE WIFI SETTINGS
•CREATE VPN PROFILES
•MANAGE VPN SETTINGS

40. [5*] MANAGE MOBILE WORKPLACE
•APPLICATION MANAGEMENT
•FIREWALL MANAGEMENT
•ENCRYPT MICROSD
•CONFIGURE MICROSOFT EXCHANGE AND IMAP/POP EMAIL PROFILES

41. [6*] DEVICE SETUP
•CONFIGURE DEVICE SETTINGS REMOTELY, FOCUS ON SECURITY
•PREVENT 3RD PARTY APP INSTALLATION
•STOP WIFI TETHERING
•DISABLE USB STORAGE AND MICROSD
•DISABLE FACTORY RESET
•PREVENT CHANGING SETTINGS
•SET ROAMING RULES
•MANAGE BLUETOOTH

42. [7*] DEDICATED DEVICES
•KIOSK-MODE DEVICES = SINGLE-PURPOSE DEVICES

43. DATA SECURITY

44. DATA SECURITY
•KNOX WORKSPACE – CORPORATE DATA SECURITY SOLUTION
•YOUR SOLUTION FOR PRIVATE DEVICE USAGE AND DEVICE SHARING CHALLENGES

45. THE MOST SECURE SOLUTION FOR ANDROID
DISA MOS SRG Compliance
FIPS 140-2 Certification
Common Criteria Certification
CESG End User Devices Security Guidance
DISA MOS SRG Compliance
CESG End User Devices Security Guidance
Australian Signals Directorate

46. KNOX WORKSPACE – WHAT IS IT?
PRIVATE ENVIRONMENT
CORPORATE ENVIRONMENT

47. 3 KEY FEATURES
•SECURE PLATFORM
•APPLICATION SECURITY
•MOBILE DEVICE MANAGEMENT

48. SECURE PLATFORM
ARM TrustZone Hardware
Trusted Boot / Secure Boot
TIMA
SE for Android
SE for Android Management Service
KNOXTM Android Framework
KNOXTM Workspace

49. PLATFORM SECURITY: ARM TRUSTZONE®
•KNOX USES ARM TRUSTZONE® HARDWARE THAT ENABLES HARDWARE ENFORCED ISOLATION.
•ARM CORTEX-A PROCESSOR LINEUP REQUIRED

50. PLATFORM SECURITY: TRUSTED BOOT

51. PLATFORM SECURITY: SE FOR ANDROID
•SE FOR ANDROID CAN ISOLATE ATTACKS, HOWEVER, IT RELIES ON THE OS KERNEL INTEGRITY

52. TIMA REAL-TIME KERNEL PROTECTION
•INTERCEPTS CRITICAL EVENTS HAPPENING INSIDE THE KERNEL, WHICH ARE INSPECTED IN TRUSTZONE.

53. PLATFORM SECURITY: TIMA REAL-TIME PROTECTION

54. PLATFORM SECURITY: TIMA PERIODIC PROTECTION

55. KEY FEATURES OF KNOX WORKSPACE
PRIVATE ENVIRONMENT
CORPORATE ENVIRONMENT

56. DATA PROTECTION
PRIVATE ENVIRONMENT
CORPORATE ENVIRONMENT
•AUTOENFORCED DATA ENCRYPTION
•AREA INACCESSIBLE BY THE ROOT

57. SAME BUT DIFFERENT APPS
ASMENINĖ ERDVĖ
•ISOLATED APPS WITHIN CONTAINER
•MANAGED USAGE OF CUSTOM APPS, GOOGLE PLAY AND APPS FROM PRIVATE ENVIRONMENT

58. CONTROLLED DATA EXCHANGE
ASMENINĖ ERDVĖ
•DATA EXCHANGE BETWEEN PRIVATE AND CORPORATE ENVIRONMENT FULLY MANAGED BY ADMINISTRATOR

59. RESTRICTED WORKING ENVIRONMENT
ASMENINĖ ERDVĖ
•APPLICATION RULES
•FIREWALL
•SETTINGS MANAGEMENT
•MAIL ACCOUNT RESTRICTIONS

60. SECURING DATA IN-TRANSIT: VPN
•GRANULAR VPN CONTROL
•DEVICE-LEVEL VPN
•CONTAINER-LEVEL VPN SETTINGS
•PER-APPLICATION VPN INSIDE CONTAINER

61. MANAGEMENT VIA MDM

62. KNOX WORKSPACE AVAILABILITY
S5, S5 MINI S4, S4 MINI NOTE 4, NOTE 3, NOTE 3 NEO GALAXY ACE 4
TAB S
TAB 4
TAB 4 ACTIVE
NOTE 10.1 2014 EDITION
TAB PRO
NOTE PRO

63. DEVICE FOR LIVING BUSINESS

64. SHOCK RESISTANCE
IP67
WATER AND DUST RESISTANCE
LONG BATTERY LIFE
+ 60°C
- 20°C
WORK IN COLD AND HEAT
DISPLAY FOR BUSINESS NEEDS

65. SECURITY
SIZE AND WEIGHT
NFC AND BARCODE
PEN
SPECIAL 3RD YEAR WARRANTY

66. BY