fbpx

What is Jailbreak Detection and why is it critical for your organization?

Feb 23, 2016

Home / Expert Advice / What is Jailbreak Detection and why is it critical for your organization?

It is estimated that 9% of all iPhones are Jailbroken, with similar numbers for Rooted Android devices which can open organizations up for security risks, but few organizations have Jailbreak Detection to protect IT infrastructure.

 

So, what is a Jailbroken iPhone or Rooted android device?

‘Jailbreaking’ refers to iOS devices and ‘Rooting’ to Android devices. In short, Jailbreaking and Rooting involves running a privilege escalation on your device. In laymen’s terms, this is an app that turns the user into an administrator with full access and controls on the operating system.

With the ability to download and run almost any app you want, why would someone want to do this to their devices? Well, the most common motivation for Jailbreaking or Rooting a device is OS and application modifications and sideways loading. What this means is the user can install applications from non-vendor official sources – some of which may be malicious or illegal (e.g. accessing online streaming services, without subscription).

The problem is particularly prevalent among iOS devices due to Apple’s strict app store regulations. When a device is Jailbroken, the root privileges in Apple’s factory installed iOS are replaced with custom kernel. These give fewer restrictions to the user and allows sideways loading. Android do allow users to install applications from non-app store sources. However, Rooting an Android device can lift other restrictions that carriers and manufactures impose.

 

What is the risk to your organization?

The sale of mobile devices is increasing year-on-year, with laptops and PCs in relative decline. Why is this significant? It means malicious agents, who previously targeted laptops and PCs, are refocusing on mobile devices because this presents the greatest opportunity for them to successfully carry out their objectives. As a result, cyber-attacks on mobile devices are on the rise, with the frequency and severity increasing.

75% of popular free apps for iOS have been hacked at some point, exposing the user’s data to malicious operators. Similarly, 87% the top 100 paid apps for iOS have also been hacked at some point. However, 98% of all malware attacks on mobile devices target the Android OS.

Users who have Jailbroken or Rooted devices are exposing themselves to potentially harmful malware from a wide range of untrusted or unverified publishers. Not only does this risk catastrophic security breaches for the user and their data, it also enables malicious agents to attack the networks these devices connect to – such as your organization.

As your organization is likely to have allocated mobile devices to your employees, or allowed employees to connect to your network, your data and systems may be at risk. For example, Jailbroken iOS devices often install a secure shell server that remote attackers can exploit, which is difficult to detect and secure. Jailbroken and Rooted devices are also prone to brute force attacks on passcodes, and applications that have not been reviewed can gain privileged access to destabilize your operating environment.

In addition, Jailbreaking a device can void the manufactures warranty, which can lead to unexpected costs if your mobile devices become damaged or broken. Carriers may also stop providing services to a user who has a Jailbroken device, as it violates their terms of service. This is because a Jailbroken device could allow a user to run a free Wi-Fi hotspot or tether an app to share 3G/4G service without added monthly fees. This could leave you paying for mobile phone services you cannot access, or worse.

 

How to detect Jailbroken and Rooted devices?

Clearly, Jailbreaking or Rooting a device can be very harmful to your organization. So what steps can you take to ensure you remain protected?

To fully protect your infrastructure, you need to be able to:

  • Gather comprehensive inventory of your devices
  • Centralize customization and configuration
  • Detect, disable or wipe Jailbroken and Rooted devices
  • Enforce strong corporate password policies
  • Apply encryption
  • Manage BYOD (Bring Your Own Device) devices

The only way to achieve this, with full peace of mind, knowing your network is safe, is with an automated Mobile Device Management (MDM) solution – like Certero for Mobile that offers jailbreak detection.

In addition to a comprehensive and accurate inventory, Certero for Mobile’s powerful security features give you Rooted device and Jailbreak Detection functionality as standard, helping you quickly identify devices in your network that are exposed to potentially serious security risks.

If you want to be even more proactive, Certero for Mobile’s alerting features help you make quick decisions on whether to remove individuals from the corporate network or block/wipe their Rooted/Jailbroken devices. Coupled with automated policies, you can routinely scan all your mobile devices to detect those that may be Jailbroken or Rooted and act as appropriate – including BYOD.

If you want to discover more about Certero can help you manage your mobile devices, request a call back or chat with an expert below.

Follow us on Linkedin for more Cloud
updates

i

Read more like this from
Certero

Want more security for your mobile devices?

Certero's [software-as-a-service] Solution

Certero help organizations transform their outdated operations and technologies in days and weeks not years. All of Certero’s solutions can be delivered as SaaS with no loss of functionality. 

Certero Unified Platform
Learn more about Certero’s truly unique ‘unified’ platform.

Digital Transformation Edition
Transform in days and weeks, not months and years, start your journey now.

Verified Oracle LMS/GLAS Solution
Verified LMS (License Management Services), now GLAS (Global Licensing & Advisory Services) solution.

Cloud Management
Manage Visibility, Cost and Governance of your Cloud Resources 

Enterprise Standard Edition - ITAM / SAM for Wintel
Default solution to manage ITAM/SAM for a Wintel environment. 

Enterprise Premium Edition - ITAM / SAM for Wintel
All you need in one place to manage your ITAM/SAM for a Wintel & Citrix environment. 

Datacenter
Stand-a-lone or holistic solutions for IBM, SAP and Oracle.

Software License Compliance
One Stop Shop, products and services for any solution – all in one

Business Intelligence Solution
See how to turn DATA into INFORMATION then transform into KNOWLEDGE, all in a few clicks. 

IT Asset Visibility
Find out: What do I own? Where is it located? Who is using it?

ITSM & CMDB Integration 
Populating the CMDB with ‘Quality’ asset information is more critical than ever

Everything in One place, True Unification
IT Hardware, Software, SaaS and Cloud Asset Management products that can run ‘stand-a-lone’ or ‘holistically’ and optimally together as a single solution, no dependencies. True unification across all asset and platforms and all delivered as SaaS. All of Certero’s products have the best TTV (Time to Value) by some distance.

Certero for Enterprise ITAM
Networks, printers, routers, Wintel, Mac, Linux, zLinux, Unix, all virtualizations and much more....

Certero for Enterprise SAM
Focused on Wintel software vendors, including automated solutions for Microsoft, Adobe and much more...

Certero App Centre 
Enterprise ‘Application Portal’ for Self-Service application provisioning.

Certero for Mobile
Go beyond standard MDM and deliver full management and security for your mobile workforce.

Certero SRDB (Software Recognition)
Transform raw software inventory data into actionable intelligence about application usage and licensing.

Certero for Oracle 
Optimize your Oracle Database, Middleware and E-Business Suite applications.

Certero for IBM
Discover and manage all IBM software & entitlements across the network. Dual Inventory, ILMT and Certero.

Certero for SAP Applications
Managing and automating the analysis of complex SAP named user and engine licenses across your estate. 

Passworks
An intuitive self-service password reset solution that can reduce service desk calls by 30%. 

PowerStudio
PC Power Management solution. Save money and reduce your carbon footprint. 

Certero for Cloud Visibility, governance, reporting and control to IaaS and PaaS environments.
Certero for SaaS See, Manage and Eliminate Over-Spending with your SaaS Subscriptions.

Certero [Do IT] Differently - Technology Led Professional Services

Certero are pioneering the new way that ITAM & SAM services can be delivered.

SAM Managed Services
Expertise and technology to realize your license management & technology governance goals.

Discovery and Inventory
Achieve full visibility of all computers, servers and other IT assets across all platforms and locations. 

ELP and Optimization
Build and deliver ELPs & optimization reports for key software publishers.

SAM Maturity Assessment
Enhance your SAM program with the insight of focused & relevant improvement recommendations. 

Training and Education
Quick & effective knowledge transfer from Certero's licensing and vendor experts. 

Gartner Peer Insights Customers’ Choice

Rated #1 for SAM Customer Satisfaction year after year, after year

Blog
For the latest in ITAM, SAM, Cloud and SaaS Asset Management

White Papers and eBooks 
Download the latest white papers and eBooks for key insights and guides.

News
Read the latest news from Certero and the industry.

Events and Webinars
Keep up to date with Certero's latest webinars and events.

 

Videos
View our range of product videos, webinars and customer case studies. 

Data Sheets
Download our datasheets which highlight the key benefits and features of our world class products and services. 

Case Studies 
See how organization around the globe change they way they [Do IT].

We think [and do] IT Differently

We don’t believe in claiming to be something we’re not. We will not do mediocre, average, indifferent, or outdated. We are different and will do it differently.

About Us
Get to know us more

Our Story
See how our approach is different

Our Journey
A timeline of events

Our Vision, Mission and Purpose
Mission, Purpose and Values

Careers
Browse our current roles

Locations
Find our nearest location