HexCon is coming to NYC. Catch the early-bird price before the time's up! Book me a spot
Connect
Ask Community
Ask the community
Ask Community
  • Home
  • Android
  • How to block personal apps from accessing work data on Knox device

How to block personal apps from accessing work data on Knox deviceSolved

Profile photo of abbi
abbi
Participant
Discussion
Hexnode UEM
2 years ago
Save Saved
Copy link
Report

Hi Hexnode Connect! I am in dire need of assistance. Our firm provides employees with cell phones for work. These devices are fully managed through Android Enterprise and enrolled as Device Owner. We are flexible with how employees use their devices. Recently, we have noticed sensitive files downloaded from the work email and shared around through personal messaging apps like WhatsApp. We want to prevent this from happening. Taking away all privileges from employees would be harsh, so is there a way to block these apps from accessing sensitive data?

0 Upvotes
766 Views

Tags

Android (268) Android Enterprise (58) Samsung Knox (16)
Reply

Replies (3)

Oldest First
Oldest First
Newest First
Most Upvoted First
Marked SolutionPending Review
Profile photo of gretchen Novice image
gretchen
Participant
2 years ago
Marked SolutionPending Review
Copy link
Report

Hi @abbi, welcome to the club! We got your back. Have you considered using work profiles to separate personal apps from work apps? That would be the best way to go about it.

Here is a guide: https://www.hexnode.com/mobile-device-management/help/how-to-enroll-a-device-in-android-in-the-enterprise-as-profile-owner-using-hexnode-mdm/

I hope that helps!

1 Upvotes
Reply
Marked SolutionPending Review
Profile photo of abbi Novice image
abbi
Participant
2 years ago
Marked SolutionPending Review
Copy link
Report

Thank you,@Gretchen, We will look into this. I am curious whether we have a middle ground where users don’t have to switch between profiles. There can be some friction when it comes to change. Btw, we use Samsung Knox devices for work. Will that be of help?

0 Upvotes
Reply
Marked SolutionPending Review
Profile photo of ethan-miller Hexnode Expert image
ethan-miller
Hexnode Expert
2 years ago
Marked SolutionPending Review
Copy link
Report

Hi @abbi,

Welcome to Hexnode Connect!

You are in luck! We have a workaround that might work for you. You can configure and deploy the Knox Service Plugin app on your Samsung Knox devices and utilize the Separate Apps configuration to sandbox third-party apps not vetted by IT admins from accessing confidential work data. Of course, it does not guarantee to be as secure as work profiles, but it sure is handy.

To deploy the Separate Apps configuration,

Knox Service Plugin
 

  • Save the configuration. Under the same policy, add Knox Service Plugin as a Mandatory app and associate the policy with target devices.

Once the policy is associated, the Knox Service Plugin app is installed on target devices. Now, The KSP app will install the listed Separated Apps to be installed in a securely separate folder.

We hope this meets your requirements. Feel free to ping us for any queries.

Regards,

Ethan Miller

0 Upvotes
Reply
Load more
Related Topics

Leaderboard

Profile photo of eugene Veteran image
eugene
309 pts
Profile photo of aaron Veteran image
aaron
287 pts
Profile photo of kipp Veteran image
kipp
285 pts
Profile photo of damaris Novice image
damaris
250 pts
Profile photo of _patricia_ Novice image
_patricia_
185 pts
View all

Popular Tags

ABM (25)
Android (268)
iOS (212)
macOS (245)
Windows (144)
Apple TV (15)
App Management (237)
Enrollment (48)
Location (19)
Kiosk (143)
Scripts (52)
DEP (28)
OS Updates (49)
Android Enterprise (58)
View all