Microsoft and Samsung have announced a new agreement that will allow businesses to let their employees bring their personal Samsung Galaxy smartphones to work and use them for work, while at the same time providing those phones with the level of security that businesses and enterprise organizations require of company-owned devices.
Samsung's blog post states:
On-device, mobile hardware-backed device attestation — available on Samsung Galaxy devices and combined with protection from Microsoft Intune — now adds enhanced security and flexibility. For enterprises, this is an extra layer of protection against compromised devices falsely claiming to be known and healthy, gaining access to sensitive corporate data.
In a separate blog post, Microsoft stated:
This is a breakthrough development for highly regulated organizations that want to enable employees to bring their own devices (BYOD) for work. It opens up opportunities for Galaxy smartphone users to use their preferred device securely and privately for both work and play – while still empowering them with the flexibility and versatility to optimize their productivity.
Samsung's Galaxy smartphones already have the company's Samsung Knox security software and services installed. Microsoft says combining Knox's security software with its own Intune app protection features will allow businesses to let an employee's Galaxy smartphone be used on a company's network.
Microsoft adds that this protection keeps working even if a Galaxy smartphone is not connected to the company network:
Intune can utilize the health check performed securely on the device itself to attest to a device's health and block access to company resources if needed, even if a device is off the network.
Microsoft says these new mobile enterprise security features will go live sometime in August with the latest version of Intune. It will work with select Samsung Galaxy smartphones and tablets that have Android 10 and higher installed.