Samsung SAFE Boosts Smartphone Security, but Convenience Takes a Hit

 
 
By Cameron Sturdevant  |  Posted 2012-07-25
 
 
 

Device Encryption and Management

Samsung SAFE devices can be encrypted, can be managed by a host of enterprise-class MDM platforms and showed that, on the whole, they are ready for business use.

Device Encryption and Management

Managing Complex Password Policies

My tests showed that complex password policies truly need to balance the human factors with security concerns. For example, my complex encryption password forced me to toggle back and forth between versions of the virtual keyboard in order to find all the complex characters that my security policy mandated. In the end, that could incite some justified end-user ire.

Managing Complex Password Policies

Samsung Galaxy S III Encryption

Samsung SAFE devices, including the Samsung Galaxy S III shown here that I used in my tests of the platform, can be encrypted at Advanced Encryption Standard (AES) 256-bit key length. The process can take some time to complete, but on my new test phone, it was completed in less than 10 minutes.

Samsung Galaxy S III Encryption

Samsung SAFE Enrollment Process

The first step in seeing how my Samsung SAFE phone worked in an MDM environment was to enroll it in my AirWatch MDM system. This involved downloading an agent from the Google Play Store and then following the instructions that were emailed to the test system.

Samsung SAFE Enrollment Process

Activating Device Management

Once my test phone was enrolled in the AirWatch system, I had to acknowledge all the ways that it could control the device. The list is comprehensive and should satisfy all but the most paranoid security managers.

Activating Device Management

AirWatch Agent

The AirWatch agent collected a comprehensive set of data about my test phone and accurately reported that information to the central management console.

AirWatch Agent

AirWatch Agent

The AirWatch agent collected a comprehensive set of data about my test phone and accurately reported that information to the central management console.

AirWatch Agent

Test Phone More Secure, Slightly Less Convenient

After all was said and done, using my Samsung SAFE test phone was slightly less convenient but eminently more secure.

Test Phone More Secure, Slightly Less Convenient

Device Compliance

The AirWatch console (I used a hosted instance of the MDM platform) accurately reported the state of my Samsung SAFE test phone based on my policy requirements.

Device Compliance

A Bevy of System Status Reports

In this sample report, you can see that the AirWatch agent is reporting on the battery state in my test phone. There are a bevy of reports in the system that range from phone logs to general usage statistics.

A Bevy of System Status Reports

Rocket Fuel