MDM systems are typically one-logo frameworks, with a single vendor providing mobile device management for a given environment. However, Centrify is bucking the trend by pairing its tight Active Directory integration with Samsung’s Knox security suite for Android devices.
Since it entered the MDM market early last year, Centrify has built a following based on its ability to smoothly integrate managed mobile device inventories with Active Directory back ends. Like the competition, Centrify aims to solve the BYOD conundrum by keeping corporate users out of trouble as they use their own mobile devices for work (or use work devices for personal business). But integration of Samsung’s Knox with Centrify's single sign-on security product ups the ante in MDM.
For those not familiar with Knox, it comes pre-loaded on Samsung’s latest devices, such as the Galaxy S4, and will be on Galaxy Note devices in November. It’s a security-on-steroids kind of hardware and software integration that uses Security Enhancements for Android to implement the concept of application and data isolation in a “container” that users (and bad guys) can’t defeat.
Competing devices (think iOS) typically can't be secured enough for certain organizations, regardless of the MDM product in play. For example, you can’t enforce Bluetooth or Wi-Fi SSID controls on iDevices, which could lead to data leaks. When you absolutely have to have strong security on the order of FIPS 140-2 and U.S. Department of Defense mobile requirements, that’s where Samsung devices equipped with Knox have an advantage. And when you need a single mobile management framework for both Knox and non-Knox devices, Centrify wants to be your provider.
[Read why restrictive BYOD policies will ultimately fail in "BYOD: Why You Will Lose."]
So, do you need Centrify to incorporate Knox functionality? The answer is no. But Centrify certainly integrates Knox well, and the company is going to great lengths to make that clear. Centrify has been a development partner on Knox from the start, and has no shame talking about time spent with Samsung’s developers. Centrify is also now a Knox reseller, with competitively priced per-device subscriptions.
The company has also created "All Things Knox" (allthingsknox.com), which is a repository for Knox-related resources and blogs, as well as a community discussion forum for Knox users. Given Samsung’s growing market share and the increasing need for strong security as mobile devices become the platform of choice for business and government operations, Knox stands to gain considerable traction in the MDM space.
Whether other MDM vendors like MobileIron and Zenprise will embark on a similar path as Centrify remains to be seen, but there is just too much riding on today’s business mobile devices to not expect top-level security to take deeper root in the MDM market.Lee is a Network Engineer and Wireless Technical Lead for a large private university. He also teaches classes on networking, wireless network administrtaion, and wireless security. Lee's technical background includes 10 years in the US Air Force as an Electronc Warfare ... View Full Bio