Season 2, Episode 5
This is a transcript of one episode of the Samsung Developers Podcast, hosted by and produced by Tony Morelan. A listing of all podcast transcripts can be found here.
Senior Developer Evangelist, Samsung Developers
- Knox Security
- Enterprise Advanced Features
- Developer Tools
- Machine Learning
- Customized Capabilities
- Knox SDK Toolkit
- Cloud Services
- Knox Configure
- Knox Resources
- Knox Partner Program
- Tactical Edition
- Knox Partner Program - partner.samsungknox.com/about-program
- Knox Suite - samsungknox.com/en/blog/introducing-knox-suite-2
- Knox Platform for Enterprise - docs.samsungknox.com/admin/whitepaper/kpe/samsung-knox.htm
- Knox Configure - docs.samsungknox.com/admin/knox-configure/welcome.htm
- Knox Capture - samsungknox.com/en/solutions/it-solutions/knox-capture
- Knox SDK API Reference - docs.samsungknox.com/devref/knox-sdk/reference/packages.html
- Knox Customization - docs.samsungknox.com/dev/knox-sdk/customization-overview.htm
- Knox for MTD - partner.samsungknox.com/mtd
- Knox ML Protection - docs.samsungknox.com/dev/knox-sdk/ml-protection/whitepaper/model-protection.htm
- Knox Network Platform Analytics - docs.samsungknox.com/admin/whitepaper/kpe/network-platform-analytics.htm
- Knox UCM - docs.samsungknox.com/admin/whitepaper/kpe/universal-credential-management.htm
- Knox DualDAR - docs.samsungknox.com/dev/knox-sdk/dual-dar-architecture.htm
- Knox VPN Tools - docs.samsungknox.com/dev/knox-sdk/tools/knox-vpn-android-vpn-mgmt.htm
- Bala Thinagarajan LinkedIn - linkedin.com/in/balathina/
NOTE: Transcripts are provided by an automated service and reviewed by the Samsung Developers web team. Inaccuracies from the transcription process do occur, so please refer to the audio if you are in doubt about the transcript.
Tony Morelan 00:01
Hey, I'm Tony Morelan. And this is Pow!, the Samsung Developers podcast where we chat with innovators using Samsung technologies, award winning app developers and designers, as well as insiders working on the latest Samsung tools. Welcome to season two, episode five. On today's show, I interview Bala Thinagarajan, Director of Product Management with Samsung Mobile and part of the Knox team. Knox is the security platform developed by Samsung that makes Android devices the most secured in the market. Not only do we talk about security for consumer of Samsung devices, but also the many resources available for developers building with Knox and the benefits offered to business enterprise customers. Enjoy.
So I am really excited to have with me on the podcast today Bala Thinagarajan.
Bala Thinagarajan 00:52
Hey, Tony, first of all, Thanks for the invite. And I'm really excited to be here today.
Tony Morelan 00:56
Yeah, so I'm really looking forward to our talk today to learn more about Knox. Last year, we did an episode with Morgan Parker, where we talked about the Knox partner program. But today we actually get to dive into Knox and talk about all the features and capabilities for developers. But first, let me ask who is Bala Thinagarajan.
Bala Thinagarajan 01:14
Currently, I'm a director of product management in the Samsung mobile b2b team, with a key focus on Masato portfolio. And before joining the product team, I was working as a solutions architect and build solutions for US government vertical. And that's when I got an opportunity to design the architecture for tactical edition on Galaxy S 20. And s nine. And on the personal side, I how to be kids. And I currently live in the beautiful bay area with my family.
Tony Morelan 01:43
We're pretty close to each other. I'm actually over on the other side of the bay, both of us work out of the Mountain View office after COVID. When they let us back in I'm sure we'll be bumping into each other when we're in the in the hallways there.
Bala Thinagarajan 01:55
Yeah, it's been more than a year. And I really missed those face to face interactions and looking forward to get back to the office as soon as possible.
Tony Morelan 02:01
Can you tell me how long have you been at Samsung?
Bala Thinagarajan 02:05
I'm with Samsung for more than 11 years. But it still feels like yesterday. I joined Samsung as a consultant in 2009 to validate the Device Management Protocol on the Samsung phones, and then put those on living. We created the device management framework on Samsung Android devices, which then got adopted in a nice framework. And through these years, I've been growing together with the Knox team at Samsung.
Tony Morelan 02:30
And so what was your professional journey that eventually led you to Samsung?
Bala Thinagarajan 02:34
Well, in 2004, I worked for BBQs as a software engineering their offshore team in India. Bank is a consumer electronics company, and I was part of the mobile team. That's when I got my first exposure to mobile technology. And while working for Ben Q, I got an opportunity from HCL Technologies to lead a mobile deployment in Australia. And I took the job and deployed mobile value-added services for various legacy forms in artisan Hutchison network in Sydney. And then we did a similar deployment in Belgium for Proximus. And after returning from Europe, I worked on a project to validate protocol implementation of 3g signaling gateway for Alcatel. And that's when Samsung was looking for someone with good understanding on three GPP standards and protocols. And that align well with my background. And they hired me as a consultant in 2009.
Tony Morelan 03:30
Wow. So you really had quite a journey going all the way from your native country of India through Europe, and now here to the States.
Bala Thinagarajan 03:37
Yeah, it's an amazing journey. And that's what happens when you work in technology. Always keep your bags ready.
Tony Morelan 03:45
Of course, yeah. As I had mentioned, last year, we did an interview with Morgan where we talked about the next partner program, but for those that aren't really familiar, can you can you explain what exactly is NOx in when did it become a part of the Samsung
Bala Thinagarajan 03:59
be introduced NOx in 2013 to make Android more secure on Samsung devices. Because back in the days, when Google introduced Android, for initial few years, the main goal was to increase androids consumer market share, and Android was not ready for business adoption. So Samsung, being the largest manufacturer of Android phones saw this as an opportunity and created Knox to meet the needs of our customers. So just to put things in perspective, marks is a brand name that represents security platform, and advanced security features like that are required for enterprise and also the cloud services that helps deploy and manage devices.
Tony Morelan 04:42
So I'd like it if you could elaborate a bit more on Knox security. Is this only available for enterprise customers or is it also available for consumers of Samsung phones?
Bala Thinagarajan 04:51
Great question, ma. So the Mac security platform is the foundation of security that's pre-built on all Samsung devices. The security platform on the device, you know, runs and scans for security in real time, which means the security is turned on by default. So when a consumer gets a Samsung phone, they're already getting the most secure phone on the market today. Nice. On top of the security Foundation, we also built mass platform for enterprise, which includes a toolkit and resources, using which enterprise can unlock advanced features to transform a regular consumer device to a business device.
Tony Morelan 05:28
Can you talk about the advanced features supported by Knox platform for enterprise?
Bala Thinagarajan 05:33
so Android enterprise meets the most common set of requirements any customer like want to use Android enterprise, they will meet like most of their common requirements using a UI. But customers and regulated industry has more stringent security requirements that cannot be met by Android enterprise. And that's where Knox comes into picture. Marks can be used as an extension to Android enterprise. And the advanced features that are created with the marks are created with an objective to make the device more secure, productive and manageable with some examples be. For example, to access classified information using forms, government agencies must use a form that supports two layers of encryption. And Samsung is the only OEM that meets this requirement using MAC's door and VPN chaining. And also there are many other features to help increase productivity. For example, using marks customers can remap hardware key to launch a business app. This is a very helpful feature for frontline workers, they can just press the site key to quickly launch a business app. And this business app could be either a push to dock application or a barcode scanning application. Okay, so these are very few examples. There are hundreds of features in marks that can be leveraged by customers and developers when building an enterprise solution
Tony Morelan 06:50
for developers focusing on enterprise solutions, what tools are available to build these enterprise solutions,
Bala Thinagarajan 06:56
developers can leverage Knox SDK to access all the box functionalities. And depending upon what solution they develop, they might be able to leverage a subset of Knox functionalities, for example, Mobile Threat defense solution, developers can access Knox API's to get access to hundreds of data points, using which they will be able to detect and also remedy threats. What would be some examples of these data points? Sure, they can find what applications are running on the device and what resources are accessed by the app. And in case they want to find the network conditions or connection quality, they can also leverage the Moxie API to find that if there is an abnormal memory utilization, they can also detect that. And if the if a particular application is trying to access a file system, and if read write permission is granted to that app, that information can also be found using the Knox API's.
Tony Morelan 07:50
Okay, okay. So I was earlier I was reading about Knox machine learning model protection. Can you explain a little bit more about what that is?
Bala Thinagarajan 07:58
Sure. So we recently introduced this a Kox 3.7 dot one, which was introduced in March 2021. If you see, in the reason days, businesses are adopting a technology to increase the productivity in a rapid pace, and more and more businesses are leaning into this technology. So machine learning data is the brain of AI technology. So when they develop an app to include artificial intelligence, they also develop machine learning data model. And this machine learning data model can be either stored on the cloud, or on the device. When you store it on the device, you're completely eliminating the latency issue. And more and more businesses are preferring to store the machine learning data model on the device. But there is one problem. When you store it on the device. It could, you know, because you're going to store that on the plaintext. And that could potentially cause a data leak in order to solve the problem. MASSIMO offers a neural model encryption framework, using which customers can easily deploy their machine learning model on the mobile device. In addition to modern production, Marx also offers application access control. So using which you can ensure only approved application can access the data model.
Tony Morelan 09:15
Bala Thinagarajan 09:16
So what are some other important features that are available for developers, there are n number of options like that are available and Kox, I'm going to just highlight three more things. So developers can also access universal credential Management API said using which they'll be able to configure, provision and consume credentials. And they can also take a look at network platform analytics. This will help them identify or inspect the OHS behavior, and also inspect the network patterns. This is only available on a Samsung device. Okay. And the last thing I would like to highlight is about advanced customization capability. We have hundreds of customization API, using which you will be able to customize the device the way you want. Got it? Do you have any examples of some unique customization capabilities that have only been available on Samsung devices? Absolutely, as I mentioned, there are hundreds of customization API's. And for example, if you're building a solution to transform a Samsung tablet to an infotainment system in a taxi developer can leverage Mark CPA to auto power on device when the car ignition is turned on, and power off when the ignition is turned off. So if a driver is going to get out of the car, he doesn’t have to go to the backseat to turn the mobile device manually off to save the battery. He can just call the mock CPA.
Tony Morelan 10:36
Wow, that's crazy to think that the taxi can turn off their car. And that's when the device powers down. But yet when they turn on the ignition, the device actually turns back on. Exactly.
Bala Thinagarajan 10:47
Yeah, it's a great question. And like a lot, a lot of our solution developers are leveraging this API. So what would be some other examples for solutions? Similarly, to use a device as an implied data, Diamond system, sending the audio output through device speaker is not desirable,
Tony Morelan 11:04
of course, because I can see your if you're sitting next to an annoying passenger, making loud sounds out of the device. Yeah, that's not going to be nice.
Bala Thinagarajan 11:10
Exactly. So turn off device speaker and only allow audio output through headphones. So when the headphones are connected, the sound is transmitted. And in case, the headphones off, the sounds are shut off.
Tony Morelan 11:22
So they don't even have the ability to control whether the audio is on or off.
Bala Thinagarajan 11:25
Exactly. It's pre-configured and users cannot change. That's great. Yeah. And also, they can leverage few other features such as changing the branding, like in case, you know, if you want to chain the Samsung device logo during boot time, and use your own corporate image that is also possible that you'll be able to allow you to do that.
Tony Morelan 11:42
Oh, nice. It's really allows for some great customization. Yep. So is there a fee to use the Knox SDK toolkit in license.
Bala Thinagarajan 11:50
So as of today, the Kox premium capabilities require a paid license key. But the good news is, we are changing the current pricing policy. So starting July 1 2021. customers and partners can get Kox platform for enterprise key for free at no cost free. Wow. And this free key will give access to all the Kox capabilities except for dual door UCM.
Tony Morelan 12:15
Can you talk a bit about cloud services and what are the benefits for cloud services?
Bala Thinagarajan 12:20
Knox cloud services offers everything that's needed for an enterprise to deploy and manage devices. We have deployment tools such as Knox mobile enrollment, which will help you to automate your device enrollment process. And Knox manager is an enterprise mobility management tool, using which you'll be able to deploy and control the device policies remotely. And we have Knox e 41, which is an operating system management tool, using which you'll be able to schedule software updates onto the device. So Samsung normally releases monthly patches and quarterly releases, instead of like getting unexpected software updates. Now key one would although the IT administrator to manage the software updates,
Tony Morelan 13:05
definitely a much smoother process for updating the devices. Exactly.
Bala Thinagarajan 13:09
All these services are bundled in one product called Mark suite. So if customers are going to buy Mac suite, they will get access to Knox mobile enrollment marks manage and not equal to one and also a Kip license key.
Tony Morelan 13:23
So customers only need to get one product for all of these services.
Bala Thinagarajan 13:26
That's correct. Just knock sweet. That's good enough. Great.
Tony Morelan 13:29
So let's talk about Knox Configure. Can you tell me what are some of the benefits?
Bala Thinagarajan 13:34
Yep. Knox configured is also a cloud service, which will allow you to configure the device the way you want. Like for example, we talked about a lot of customization capabilities. And Kox, configure will provide you that service into him. You don't have to develop your own app. But Kox, configure will do the job for you. If your business doesn't really require ongoing device management, and if you want to use the device as a single purpose device, then you can leverage Knox Configure. So would this be like something you would see like at a shopping center where you have a kiosk? And there's a device there? Is that what you're referring to? Exactly. So if your use cases, business to business to consumer, and then you can leverage Knox configure, and it has hundreds of functionalities, which will allow you to configure the device as a single purpose device.
Tony Morelan 14:20
Okay, great. So what's the best way for developers to access these resources.
Bala Thinagarajan 14:25
So the best place to start is go and sign up as a partner, the Samsung Knox saw partner portal. Once when you sign up as a partner, you'll get access to all the development tools, you'll get access to Mark's SDK. And also the sample course if you want to start development, you can refer to a sample course. And you will get access to development and commercial licenses and direct support to continue our development from our developer forum. And in case if you get stuck during your development, you can also leverage our ticketing support system and post tickets and get response and also partners appeared in the must partner program.
Tony Morelan 15:02
Can you share the URL for the partner portal?
Bala Thinagarajan 15:05
The URL to access the partner portal is partner.Samsungknox.com.
Tony Morelan 15:11
So tell me what is the goal of the Knox partner program?
Bala Thinagarajan 15:15
The main goal of Samsung Knox partner program is to support partners to create better solutions to address the needs of our customers and also like support sales and marketing activities to increase the overall sales volumes. That's the main goal.
Tony Morelan 15:29
Can you tell me if there's a fee to join the Knox partner program?
Bala Thinagarajan 15:33
No, there is no charge to join marks partner program. All you need is you know, you need to be a registered business with a DUNS number and sign up using your corporate email address. That's all.
Tony Morelan 15:45
So the DUNS number you're talking about Dun and Bradstreet, correct?
Bala Thinagarajan 15:49
That's correct. Yep.
Tony Morelan 15:49
So I know that there are different tiers to the Knox partner program. Can you tell me what are the benefits for each tier? Absolutely.
Bala Thinagarajan 15:57
So the basic tier like within the Knox partner program is bronze, which includes access to development tools, development and commercial license, and access to online developer forum, ticketing system, and access to market resources. All those information’s are available in the box partner program. And when they upgrade from bronze to silver, they get all the benefits of bronze. But in addition to that they get direct relationship with a Partner Manager in your region. And you will be eligible to participate in the Knox validated program. And also you will get a partner program to logo okay. In addition to that, you'll also be eligible to get internal promotions to Samsung teams and co-marketing opportunities. And when you move from silver to gold, you'll get all the benefits that I mentioned and silver in addition to that promotion on Samsung online properties in Samsung Knox calm and access to latest devices for testing in case if there is a new Samsung device, you can get it from our loaner program nice and you'll also be eligible for invitations to Samsung global events on the topmost here is our platinum. So for Platinum tier partners, they'll get all the benefits of gold plus preferential license pricing, dedicated global account manager one to one execute or sponsor and eligibility for event sponsorship funding.
Tony Morelan 17:21
So earlier in the interview, you had mentioned tactical edition. Can you tell me what exactly is tactical addition? And what is the target audience?
Bala Thinagarajan 17:29
Yeah. So we create a tactical addition, specifically to address the needs of Department of Defense. Sure, for example, the Department of Defense personnel can be anywhere in the world on a mission they could be in the middle of ocean are they're in a desert. So regardless of where they are access to situational awareness information is very critical. They should know where they are, and what's happening around them. course that's very important. So back in the days for situational awareness, you might have seen in some Hollywood movies, people might be using Toughbook.
Tony Morelan 18:01
Yeah, those giant like case almost for their device.
Bala Thinagarajan 18:06
Sure, exactly. And they use a Toughbook. They connect that to a tactical radio through a wired connection. And they will be communicating with their command center on the Toughbook, they will see the map data, what's happening around the world. Exactly they are all that information can be accessed. Now, the main goal of tactical edition was to replace the 20-pound Toughbook with a few 100 grams of Samsung smartphone. That's the main goal. Sure, and how we are able to achieve that as we work with Department of Defense, we understood the requirement and we enable special drivers and protocols on the device and made the device interoperable with tactical radio, okay, so that the device can communicate and receive the data from the tactical radio and provide that information in the graphical user interface on the mobile phone. So that's what we did on tactical edition. So just to simplify, tactical edition is nothing but a military smartphone.
Tony Morelan 19:02
So when you're not working with developers on Knox, what is it that you do for fun?
Bala Thinagarajan 19:06
I'm an outdoor person, and I like to hike. So there are hundreds of trials here in the Bay Area. If someone want to find me during weekend, probably they will find me on all those trails.
Tony Morelan 19:16
Nice. I do a ton of hiking as well. And I've hiked many of the hills on your side of the bay. One of these days, you got to come over to my side of the bay now and head up towards Mount Diablo. That's where I do most of my hiking now. Yeah,
Bala Thinagarajan 19:28
that's one of the blessing like to live in the Bay Area.
Tony Morelan 19:30
Yeah, lots of wonderful, outdoor and then also we have the opportunity to hopefully get indoors soon and get back into the office. It'll be nice. Exactly. Hey, Bala, thank you very much for joining me on the podcast today. It was great to chat with you and get to learn much more about Knox and its capabilities. Thank you, Tony.
Looking to start creating for Samsung. Download the latest tools to code your next app, or get software for designing apps without coding at all. Sell your apps to the world on the Samsung Galaxy store, checkout. developer.samsung.com today and start your journey with Samsung.
The Pow! podcast is brought to you by the Samsung Developer Program and produced by Tony Morelan.