Introduction:
Separated Apps, a specialized solution within the Samsung Knox platform, enables enterprises to securely isolate corporate applications from third-party or personal apps on fully managed devices. Designed for IT administrators, this tool ensures sensitive work data remains protected within a controlled environment. By creating a distinct, secure area for business-critical apps like Microsoft Office and Samsung Gallery, Separated Apps mitigates risks of data leaks or unauthorized access. Companies adopt this system to enforce compliance, streamline device management, and maintain productivity without compromising security—a necessity in industries handling confidential information.
Unified Endpoint Management (UEM) Integration
IT administrators deploy Separated Apps by integrating it with a UEM solution. After enrolling devices into the UEM portal, admins push corporate apps like Samsung Calendar or Chrome to the managed devices. They then activate Separated Apps via Knox policies, designating which applications operate within the secure partition. This workflow ensures work apps remain siloed from personal tools, simplifying centralized updates and access controls.
Default Corporate Application Suite
Separated Apps preloads essential productivity tools into its secure zone, including Samsung Camera, My Files, and Microsoft Office (device-dependent). IT teams can expand this suite via the UEM, but default apps reduce setup time. Employees interact exclusively with approved tools in the corporate zone, preventing accidental data sharing through unauthorized apps.
Secure Work Environment Configuration
Admins configure the secure environment through the Knox dashboard, selecting apps to isolate and assigning access policies. For example, Samsung Gallery in the corporate zone can be restricted to internal storage only. Users toggle between the regular and secured zones via a dedicated launcher, ensuring work tasks stay compartmentalized.
Granular App Permissions and Controls
Separated Apps allows admins to customize permissions for each app in the secure zone. Notifications, for instance, can be disabled for non-critical tools. Optional permissions are denied by default, reducing vulnerabilities. This granularity ensures employees only interact with features required for their roles, aligning with zero-trust security models.
Compliance and Data Leak Prevention
By isolating corporate apps, Separated Apps enforces strict compliance with data governance policies. Activities within the secure zone—such as file transfers or screenshot attempts—are monitored and restricted. If a device is compromised, remote wipes via the UEM only affect the corporate partition, preserving personal data while eliminating business risks.
Key Features
- Isolates corporate apps (e.g., Samsung Camera, Microsoft Office) in a secure, UEM-managed partition
- Integrates seamlessly with Samsung Knox and Unified Endpoint Management systems
- Preconfigured default apps minimize deployment complexity
- Granular permission controls for notifications and device functions
- Remote wipe capabilities limited to corporate data
- Complies with enterprise data protection regulations
