In February of this year, Samsung Knox was one of the most hyped mobile device management solutions entering the market. It was a major focus at Mobile World Congress (MWC 2013) in Barcelona, Spain and it had its own ad campaign associated with the launch of the Galaxy S4. Some went so far as to name Knox as a game changer, providing Samsung with a competitive advantage against Apple by allowing people to quickly switch between corporate and personal data.
Yet, as we reach the last day of 2013, Samsung Knox has proven to be a complete flop that will most likely not be adopted by the majority of organizations using Android devices. To add to these woes, I met with several leading defense contractors and government technology executives in Washington, D.C. in mid-December, who stated that they would not deploy Knox. Samsung has done so many things correctly, so how is it that they messed up Knox so badly?
First, Samsung made a cardinal mistake of software: releasing vaporware. When Samsung made their initial announcement in Barcelona, they positioned themselves as a direct competitor and alternative to Blackberry. Blackberry, for all of its faults, understands enterprise security policies and governmental concerns very well and both the Blackberry BES and Balance solutions are well understood by CIOs. By contrast, nobody was really sure what Knox could do other than provide containerization. In this, Knox seemed simply to match the functionality that Good Technology had provided for years, but sadly without Good’s Common Criteria Evaluation Assurance Level 4 security. EAL4 means that Good provides the “higher confidence that the system’s principal security features are reliably implemented, specifically the ‘Methodically Designed, Tested, and Reviewed’ parts of the Common Criteria.”
Second, Samsung Knox only worked on Samsung Galaxy devices. Although Samsung is the market leader in smartphones and tablets, it still lacks the clout that a Microsoft Windows had in the 1990s. In reality, mobile device and application management needs to be a cross-platform solution. Just as nobody wants to care about the compatibility of the landline phone or Windows PC he or she buys, nobody wants to care about what kind of smartphone or smart device they buy. For Knox to be viable, it needed to work on all Android devices at a bare minimum.
Third, Knox suffers from “Not Invented Here” (NIH) syndrome. The objection I heard repeatedly in Washington, D.C. was: “because it’s not made here in America!” For much of the past decade, Blackberry represented the best combination of mobile security, usability, and price. As a Canadian-owned company, Blackberry was trusted on a global basis as a safe harbor for corporate, government and private data. South Korea, although a trusted economic ally to many of the world’s leading economies, has not earned that same level of trust with other G20 governments that would seek an integrated and secure mobile solution.
Fourth, Samsung struggled to build support services around Knox for carriers and large enterprises. Although Samsung has done a great job in appropriating Apple’s technology and aesthetic, this skill set does not translate into the ability to fully integrate with the OSS/BSS technologies that carriers support.
Example of OSS / BSS
Fifth, Samsung charged too much. The original price for Samsung KNOX was $3.60 per month per device. This price is not competitive with the current enterprise mobility management market. Many EMM players such as Good Technology have brought their MDM price down to $5.00 per month per device. This means Samsung Knox represents a premium simply to use Samsung devices in the enterprise. Samsung Galaxy devices are popular. However, their utility and popularity are not so great that companies should throw away their iPhones and iPads to pay more to secure their Samsung devices. Especially when other leading EMM players such as AirWatch and MobileIron have solutions today to compete with Knox for their enterprise customers.
Sixth, and perhaps worst of all, Samsung KNOX has been hackable. There is a possible flaw that allows black hat hackers to grab mobile messaging sent through Galaxy devices. In light of Blue Hill’s recent blog post on the increased desire for temporary and untraceable messaging tools such as Snapchat, the idea that a “secure” messaging solution could be intercepted is a big challenge. Samsung seeks to be acknowledged as a compliant solution, but it will need to do more to win hearts and minds.
If Samsung can botch its entry into the mobile device management game, anyone can. There are some lessons for the market to learn. First, mobile management is a multi-platform game. Handling only one platform well makes you a niche solution. Second, price your solution based on what the market is demanding and be mindful that it has to be part of an EMM ecosystem. When competitors are trying to drive the cost of management to $5-$7 per device per month, compared to $3.60 per month, your price is not competitive. Third, accept that FUD is an important part of selling security. If your solution actually adds Fear, Uncertainty, and Doubt to your buyers because they want a solution that meets in-country storage and development standards, provide your buyers with that extra level of assurance.
It’s still not too late for Samsung to get into the mobile management game in earnest, if it chooses to do so. However, Samsung need to either get serious and go multi-platform or gently slide away from this business and leave it to EMM companies such as AirWatch, MobileIron, and Good Technology. Each has proven their mobile security chops with real solutions that can enable multiple, layered controls across a device security ecosystem. These vendors allow the ability to distribute, containerize, and tunnel enterprise data safely and securely well into 2014 and beyond.