The number of smartphones and tablets is on the increase and there is a decrease in traditional PC sales. This means that attacks on mobile devices are maturing (Gartner). IT staff have the challenge of maintaining these mobile devices.
What is a jailbroken or rooted device?
Jailbreaking and rooting involves running a privilege escalation on your device effectively turning the user in to an administrator with full access and controls (Gartner). Jailbreaking refers to a device on a iOS (iPhones) device and Rooting to a Android device. The most common motivation for doing this are OS and application modifications and sideways loading (allowing the installation of applications from non-vendor official sources). This is particularly prevalent among iOS devices due to the strict app store regulations. When a device is jailbroken the root privileges are replaced in Apple’s factory installed iOS with custom kernel, these give fewer restrictions and allow side loading.
Android do allow users to install applications from non-app store sources, however rooting an Android device can lift other restrictions which carriers and manufactures impose.
Why the detection of a jailbroken or rooted device is important for your enterprise?
Jailbroken and rooted devices are prone to brute force attacks on passcodes. This may compromise company data. Applications which have not been reviewed can have privileged access and may also drain battery life and destabilize the operating environment. Finally jailbroken iOS devices also install a secure shell server that remote attackers can exploit.
Jailbreaking a device can also void the manufactures warranty which could lead to unexpected costs if devices become damaged or break. Carriers may also stop providing services to a user who has a jailbroken device as it violates their terms of service. This is because a jailbroken device would allow a user to run a free Wi-Fi hotspot or tether an app to share 3G/4G service without added monthly fees.
How to detect jailbroken/ rooted devices?
Jailbreaking or rooting a device can be very harmful to your organization and so businesses must take steps to ensure they remain protected. A good Enterprise Mobile Management (EMM) or MDM (mobile Device Management) solution should be able to not just detect jailbroken/ rooted device and also disable jailbroken or rooted devices, enabling you to keep control. AssetStudio Vitado, Certero’s EMM solution has the ability to detect rooted and jailbroken devices, coupled with automated policies which allow for routine scanning of all mobile devices to detect jailbroken devices. Alerting features also allow notifications to be automatically sent to the relevant person who can then make the decision whether to remove this individual from the corporate network through unenrollment/ block their device/ wipe their device.
Find out more about AssetStudio Vitado’s MDM capabilities.