Some mobile phones and tablets may be jailbroken or “rooted” to be used in ways unintended by the device vendor.
Apple devices are locked in to the Apple ecosystems – Apple store for apps and iTunes for music – and they increasingly interact only with other products made by Apple. Apps on the Apple store have been through a rigorous verification process and are considered safe.
Jailbreaking an iPhone or iPad gives the user full access to the device, allowing them to modify it in ways unintended by Apple, hence voiding the warranty. A jailbroken device can load apps not from the Apple store, and therefore not extensively tested for usability, stability, security, and most importantly lack of malware. Jailbreaking is usually carried out to change the appearance and functionality of an Apple device, where the added functions were usually prevented by controls for security reasons.
Rooted Android and Windows phones and tablets similarly give the user superuser privileges, which allow full access to the device, and override restrictions on actions not permitted by ordinary access. These devices are not as restricted in such applications as Apple products, however the increase in security provisions in modern operating systems can restrict some applications from accessing functions within the device, making rooting desirable.
Rooting a device is also the first step in installing a different ROM or operating system, for example replacing Windows with Android on a Windows tablet or installing a ROM developed by enthusiasts which may offer more performance, less security, may or may not contain embedded malware that may defeat the security of even banking apps, and may be more vulnerable to infection by any malware it encounters.
Jailbreaking or rooting an Android or Apple device also burns out a fuse within the device, indicating it has been tampered with. This is a one-way operation and is not reversed by re-installing the vendor authorized ROM/operating system.
Mobile Device Management (MDM)
Companies use Mobile Device Management to secure their mobile devices. MDM can control what their employees can and cannot do on company devices, which applications they can load, how they connect when browsing the Internet, encrypt company data held on the device, update anti-malware software and lock lost devices, or wipe company data from stolen devices.
Devices are enrolled into the MDM through a software installation process, however, if a device is jailbroken or rooted the device will never enroll. This is often a problem with personally owned Bring Your Own Device (BYOD) phones and tablets.
Jailbroken or rooted devices should only ever connect to guest or restricted access networks, and never be allowed to connect unfiltered to sensitive areas of an organisation’s network.
Agilient has experienced security consultants to help with mobile device security issues and questions. Follow our LinkedIn page for all the latest security updates, and Contact Us to see how we can assist your business.