What is Security Enhancement for Android?
The following information is intended as a resource for Samsung KNOX™ end users who want to know more about the various pop-up messages that may display on their device in case of security-related notifications.
To ensure that your device always has the latest security to protect you and your data, Samsung will occasionally send security updates to the device as needed. Please follow the on-screen instructions to update your device.
Samsung recommends enabling Automatic updates. You will need to turn on this feature by following the instructions below.
NOTE:The device will display a Security policy updates notification after activation, if the Automatic updates have not been enabled.
You can manually update the latest security policy when connected to preferred networks.
Or, if the latest security policy has already been applied, you may see the Security policy update notification that latest security policy has already been applied, No further action is needed.
If updates fail, you may be one among the cases below.
• A network connection error. If this is the case, try again later when you have a good data connection
• Limited device memory. If this is the case, delete unnecessary videos, photos, or files.
• A policy file error. If this is the case, try again later.
SE for Android sends security reports to help Samsung to identify threats to your security by allowing your phone to collect and send data in encrypted form.
To activate "Send security reports", from the Home screen, select Menu > Settings > Lock screen and security > Other security settings > Turn on the right button of "Send security reports" .
If you agree to all of the terms and conditions and select Accept, SE for Android send security reports to Samsung via Wi-Fi.
If your device is connected to Wi-Fi network and security reports is more than 16KB, you may find the Send security reports notification .
Additionally, Security > Security update service > Send security reports menu will be automatically checked.
After then, your device will automatically send security reports for threat analysis.
TIMA Prevention of Unauthorized Module Loading Notification.
If an unauthorized module attempts to load, you may see the notification:
“Your phone’s security has blocked an action that is not permitted. No further action is required.”
• This notification may appear if you have installed a malicious application or a virus, which has attempted to install a Linux kernel module or modified the file system.
• Another possible cause for when this notification appears is you may have modified the file system of the device. The Linux kernel module has been blocked and there is no concern for a threat to the integrity of the kernel of your device. You still may want to check for malware or viruses on your device
TIMA Detection of Disabling SE for Android Enforcement
• The notification below will appear if you installed a malicious application or virus, which modified the Linux kernel data structures.
• Another possible cause is you may have modified the kernel of your device.
Restarting your device restores the SE for Android settings back to normal. However, it does not address the cause on why SE for Android was turned off. It is recommended that you check for malicious programs, viruses, and malware.
TIMA Detection of Unauthorized Kernel Modification
If the security system in the device has detected that the Linux kernel code has been modified after the device was turned on, you may see notifications "The device has detected an application attempting to perform actions that are not permitted. It is recommended that you restart your device."
This notification will appear for the following reasons:
• You installed a malicious application or virus, which modified the kernel code or the file system.
• You modified the file system of your device and removed or modified a system file.
Restarting your device restores the kernel code back to normal. However, note that modifications made to the file system (for example, factory settings file) cannot be restored. You may continue to see this error after the reboot.
Restarting your device does not provide a remedy for the actual reason the kernel or the file system was modified. It is recommended that you check for malicious programs, viruses, and malware.
Samsung KNOX provides the benefit of enterprise data security while keeping personal information private:
• The Samsung KNOX container delivers a distinct interface.
• Your personal apps, photos, emails, and texts are kept separate from the Samsung KNOX container. They are secure and private from enterprise IT administrators.
• IT administrators can access important corporate files and email inside the Samsung KNOX container on your device.
• Samsung KNOX Apps allows you to easily and securely download business apps to the Samsung KNOX container.
Samsung KNOX provides a layered security solution that includes the following features:
• Trusted Boot: Ensures that the device boots only from an authorized kernel, and not from a hacked or rooted kernel
• TrustZone-based Integrity Measurement Architecture (TIMA): Verifies the integrity of the kernel on a continuous basis
• Security Enhancements for Android (SE for Android): Protects device resources and data from unauthorized access
• Dual Persona: Provides a secure environment within your device. You can continue to use your usual Android environment, and still have access to a protected space.