Why Jailbroke and Rooted Phones Are a Risk to BYOD Security
Most customers purchase a mobile device and use it as intended: They download apps from official sources, and while they might be disappointed that they cannot use certain apps or add particular themes to their phones, they live with the limitations.
However, some users do not want to have their use restricted by the phone developers. They want the freedom to run any application they please and get as much functionality from their devices as possible. To do so, they run a process known as jailbreaking (for iPhones and iPads) or rooting (for Android devices). While these processes do give the user greater freedom, they also create greater security risks — especially in the BYOD environment.
How Phones “Get Out of Jail”
Jailbreaking or rooting a device requires modifying the operating system source code in such a way that you gain more control over the operation of the device or more specifically what can be added to the device in terms of applications. The primary purpose is to give the user the ability to install applications from sources outside of the official sources such as Apple’s App Store or Google Play. Jailbreaking and rooting are also part of the process of unlocking devices so they can be used on any cellular network. However, it’s now illegal to do this, so most jailbreaking or rooting is done with the aim of increasing functionality.
The process of jailbreaking or rooting is the same regardless of the type of device: Users take advantage of flaws in the device’s security, which allows for modifications to the source code. Apple products are far less likely to be modified, because Apple developers actively search for these flaws and close them before they can be exploited. Android devices are more commonly rooted because their open source code makes it easier to do. In either case, changing your phone in this way creates a certain amount of risk because it allows for the installation of applications that have not been vetted by official sources — and could contain harmful malware. This malware could prove devastating to an organization, creating a data breach that could lead to lost time and money.
In addition, in the case of Apple devices, Apple’s terms of service explicitly forbid jailbreaking, and note that modifying the operating system and installing unapproved software constitutes a violation of the terms of service. Such a violation could prevent a user from receiving service in the event there is a problem with the device, which could cause problems in the BYOD environment. Apple users who jailbreak their devices also lose the built in security that comes with using such a tightly controlled device. Unlike Android devices, there aren’t currently any mobile security options for Apple products that can block harmful malware — and even the existing antivirus and security protection for Android devices may not be completely effective on those that have been modified.
What to Do About the Danger
The overwhelming sentiment among IT security professionals is that jailbroke and rooted devices have no place in the BYOD environment. Putting aside the fact that modifying a mobile device for the purposes of increasing functionality is perfectly legal — although questionable in terms of morality — the fact that it creates even a slight security risk means that organizations must make dealing with such devices a part of their BYOD security plan.
The most common approach for handling jailbroke and rooted devices is to simply ban them from corporate networks. Mobile device management programs have the ability to detect when such a device is attempting to log in to the network and deny access. Some organizations have taken a more granular approach, denying jailbroke devices access to only certain applications, but experts point out that a more large-scale approach is usually more effective.
However, some experts are finding a new wrinkle in the fight against rooted and jailbroke devices. A growing number of such devices are also infected with “jammer” software that disguises the fact that the device has been modified. This just highlights the importance of having a strong MDM plan in place, as well as advanced network security that can detect threats from all sectors.
Strict BYOD policies that prohibit jailbroke and rooted devices from accessing corporate networks aren’t always popular with users, who argue they are not breaking the law and that they should be able to do whatever they wish with a device that they own. However, with so much at stake, organizations simply cannot afford to take the risk of a rooted device opening the door to malware.