Samsung Electronics Co., Ltd. today announced the first step in a plan to reimagine mobile device security for business customers in partnership with Microsoft. This collaboration has led to the industry’s first on-device, mobile hardware-backed device attestation solution that works equally well on both company and personally owned devices.
Device attestation can help ensure a device’s identity and health, verifying that it has not been compromised. On-device, mobile hardware-backed device attestation — available on Samsung Galaxy devices and combined with protection from Microsoft Intune — now adds enhanced security and flexibility. For enterprises, this is an extra layer of protection against compromised devices falsely claiming to be known and healthy, gaining access to sensitive corporate data. Additionally, organizations can now enable employees to bring their own device (BYOD) to work with the confidence that they are protected with the same level of security as company owned devices. For employees, this means added flexibility for their personal Galaxy devices to safely access their work environment.
In a rapidly evolving landscape with changing work habits and increasingly sophisticated cyber threats, Zero Trust is a security model based on three principles: always assume breach, verify explicitly, and provide least privilege access. Implementation of Zero Trust has become mandated by regulated industries and public sector customers, such as the United States government. This requires a new approach for enforcing security end-to-end, from apps to the network and the device itself, regardless of device ownership and enrollment.
Together, Samsung and Microsoft are uniquely positioned to enable this. Samsung is the industry leader for global smartphones. The Samsung Knox security platform is 10 years old. In that time, Samsung Knox has been activated on more than a billion Samsung Galaxy devices. That’s more than 30,000 businesses in 110 markets relying on Samsung Knox to protect their devices from cyberattacks. Microsoft is the industry leader in unified endpoint management software market share, and delivers end-to-end cross-cloud, cross-platform security solutions, which integrate different categories across security, compliance, identity, device management, and privacy, informed by more than 65 trillion threat signals each day. With this partnership, the first mobile hardware-backed device attestation bridges the consumer and the world of work, allowing people to safely bring their personal devices to work.
For enterprise IT managers, mobile hardware-backed device attestation with Intune provides strong protection for corporate needs without impacting the user experience. With this integration, even highly regulated organizations can adopt a BYOD policy with this additional layer of protection on the Samsung devices widely used by consumers and professionals for work. This increases worker productivity, provides better experiences for users, and simplifies administration.
This joint Samsung-Microsoft solution works on both managed and unmanaged devices regardless of ownership. Traditional device attestation mainly works on managed devices as it is server-based and requires network connectivity, meaning the entire device has to be enrolled into the corporate system.
With mobile hardware-backed attestation, enterprises can verify a device’s integrity and allow access to the corporate system whether it is managed or unmanaged. The user experience is also streamlined to enable employees to bring their personal devices to work and safely access the corporate system without extra security steps.