KNOX Contribution to Android: Accelerating Android in the Workplace
July 21st, 2014 | Published in Google Android
Srikanth Rajagopalan, PM Director and Workplace aficionado
Recently at Google I/O, we announced a comprehensive set of new features that will allow IT organizations to easily deploy and manage Android devices in enterprise environments. These features will be built into the upcoming Android L release.
Samsung, with its KNOX technology, has been a thought leader in the enterprise mobility space. In order to accelerate Android adoption in the enterprise, we have partnered with Samsung to bring key KNOX functionality into Android, for the benefit of the entire Android ecosystem. We thank Samsung for their contributions. These new capabilities will make it easy for IT organizations to allow employees to bring their own Android devices to work (BYOD) and use them on the corporate network or to simply issue new Android devices to their employees. IT administrators will be able to manage a wide range of Android devices from many manufacturers, using third-party Enterprise Mobility Management (EMM) solutions that are built on top of the new enterprise APIs launching with Android L release.
Google and Samsung together designed the new enterprise APIs around three major concepts:
- Device and data security
- Support for IT policies and restrictions
- Mobile application management
Device and data security
At the core of the expanded enterprise capabilities being introduced in Android ‘L’ lies a set of technologies that are designed to keep personal and corporate data both separate and safe. We achieve the data separation by building on the existing multi-user support in Android: personal and corporate applications will run as two separate Android users. Data is kept safe by using block-level disk encryption as well as verified boot technology. For those of you familiar with KNOX, this is analogous to KNOX Workspace. EMMs will be able to take advantage of new Android SDK APIs to enable the creation of a managed profile, which is where all corporate applications and data will reside.
Support for IT restrictions and policies
EMMs can use new Android SDK APIs , which have evolved from KNOX APIs, to allow IT admins to enforce a wide set of policies, ranging from system settings and certificate provisioning to application-specific (e.g. Chrome) configurations and restrictions.
Mobile application management
EMMs will be able to use new backend APIs, adapted from KNOX APIs and built around strong security principles for on-device app deployment, to allow IT admins to curate the corporate application catalog and to remotely deploy applications to the managed profile on the employees’ devices.
We encourage developers interested in the new Enterprise APIs to download and test the Android L Developer Preview. For developers who have already built applications using Samsung KNOX APIs, Samsung will be providing a KNOX Compatibility Library that will let such applications run on all Android L devices.
You can read more about this collaboration on the Samsung KNOX blog. Stay tuned for additional details.
+Android Developers