On Samsung phones you can have a container which runs a separate set of apps as though in a virtual machine. They live in a encrypted area. You can even have a separate VPN running in there, and data in the private section cannot be copied to the non private section. It's pretty good, but Samsung just backdoored it. With the previous version, Knox, you didn't need to link it to a Samsung account. Now with the new version, Secure Folder, you have to use your Samsung account as a password recovery service. So Samsung can open your Secure Folder any time they want to. Whereas with Knox they could not. It seems that all similar services are tied to corporate device manager systems that require an enterprise server. Secure Folder you can just install for yourself. I find it useful to keep my personal banking, browsing, photos, etc, in a container that is encrypted and separate from my company email, mdm agent, etc. My phone is unlocked by a fingerprint but to get to my banking apps or the personal email used to reset banking passwords you have to get into Secure Folder as well which requires swiping a pattern. I can also hand my phone to someone knowing they can't get into my private browser, email, messaging apps, including blind btw. It works well but I'm mildly annoyed that Samsung can access my stuff, including I believe remotely which they advertise as a backup service. Basically took a great product and made it intentionally insecure. It still has value in the extra security on device but it used to be much better. Anyway if I got a different phone what are my alternatives? How can I secure my stuff?