At Google I/O 2014 the company unveiled Android L, the next major update for its mobile platform. At the event Google announced that it will be incorporating parts of Samsung’s Knox enterprise security suite to improve the security of the Android platform. The end game here is to make it easier for organizations to allow employees to bring their own Android devices to work and use them on corporate networks, thus eliminating the need to carry separate devices for work and personal content. Google has now explained some of the improvements that are possible due to Knox integration.
One major improvement is the ability to keep personal and corporate data completely separate on a single Android device. The feature builds upon existing multi-user support in Android so personal and corporate apps run as separate users on one device. Data is kept safe by using verified boot technology and block-level disk encryption.
To enable enterprise grade security services Google and Samsung have developed new APIs or application programming interfaces which will only be available as part of Google services and will not be built into AOSP or Android Open Source Project. In corporate environments the APIs would allow IT admins to enforce wide set of policies that range from system settings and certificate provisioning to app specific restrictions.
Both companies have made sure to include backward compatibility so developers who have already created apps for Samsung Knox won’t have to build them again for Android L.
It was recently reported that after helping Google integrate Knox, Samsung would stop development on Knox. But the company has since confirmed that it doesn’t intend on doing that and has also detailed all of the hardware-based Knox features that will remain exclusive to Samsung devices even after Android L is released.