Why is jailbreak detection important for your Enterprise?
The number of smartphones and tablets is on the increase and there is a decrease in traditional PC sales. This means that attacks on mobile devices are maturing (Gartner) and unfortunately IT staff are currently facing a number of challenges in maintaining and protecting these mobile devices.
What is a Jailbroken or Rooted Device?
Jailbreaking and rooting involves running a privilege escalation on your device effectively turning the user in to an administrator with full access and controls (Gartner). Jailbreaking refers to a device on an iOS (iPhones) device and Rooting to a Android device. The most common motivation for doing this are OS and application modifications and sideways loading (allowing the installation of applications from non-vendor official sources). This is particularly prevalent among iOS devices due to the strict app store regulations. When a device is jailbroken the root privileges are replaced in Apple’s factory installed iOS with custom kernel, these give fewer restrictions and allow side loading.
Android do allow users to install applications from non-app store sources, however rooting an Android device can lift other restrictions which carriers and manufactures impose.
Why Rooted Device or Jailbreak Detection is Important to Your Business
Jailbroken and rooted devices are prone to brute force attacks on passcodes which can compromise company data. Applications which have not been reviewed can have privileged access and may also drain battery life and destabilize the operating environment. Finally jailbroken iOS devices also install a secure shell server that remote attackers can exploit.
Jailbreaking a device can also void the manufactures warranty which could lead to unexpected costs if devices become damaged or break. Carriers may also stop providing services to a user who has a jailbroken device as it violates their terms of service. This is because a jailbroken device would allow a user to run a free Wi-Fi hotspot or tether an app to share 3G/4G service without added monthly fees.
How to Detect Jailbroken/Rooted Devices?
Jailbreaking or rooting a device can be very harmful to your organization and so businesses must take steps to ensure they remain protected. A good Enterprise Mobile Management (EMM) or MDM (Mobile Device Management) solution should feature rooted device or jailbreak detection functionality and should also disable jailbroken or rooted devices, enabling you to keep control.
Certero for Mobile, Certero’s EMM solution has the ability to detect rooted and jailbroken devices, coupled with automated policies which allow for routine scanning of all mobile devices to detect jailbroken devices. Alerting features also allow notifications to be automatically sent to the relevant person, who can then make the decision whether to remove this individual from the corporate network through unenrollment/ block their device/ wipe their device.
Get in touch with Certero to discuss how we can support your corporate devices with EMM and jailbreak detection.