You may have heard the terms “jailbroken” or “rooted” in relation to Apple iOS and Google Android devices. This is the concept of altering the device operating system for the purposes of removing or circumventing restrictions.
The OS’ which power smartphones and tablets are specifically designed to be restrictive. There are free software packages available that can remove these restrictions.
There are several reasons that a user might want to compromise the OS of their device. A few examples include:
- install software that has not been approved or has not been made available by the manufacturer/carrier
- augment or create additional operating system features
- install commercial software without purchasing licences for that software
- freely migrate from one carrier to another
- repurpose the hardware for a use not anticipated or intended by the manufacturer
By itself, the concept of circumventing OS restrictions is not necessarily a bad thing. There are many peoplewho use jailbroken or rooted devices every day without issue. The potential danger is that circumventing these restrictions requires, and later allows, the use of unsigned, unapproved code which may contain viral or malicious code. This type of code has the potential to:
- facilitate unauthorized distribution of data stored on the device. For example, secretly forward corporate emails or contact lists
- disable or prevent encryption
- circumvent passwords to unlock devices
In response to the risk associated with a compromised device, many organizations have chosen to prevent these compromised devices from accessing corporate data. This effectively eliminates the risks jailbroken or rooted devices having access to corporate data. Educating end users on the risks associated with using a compromised device is a common practice within these organizations. In addition to educating employees, many companies turn to Mobile Device Management (MDM) software to ensure that compromised devices are not used. Many MDM software packages allow companies to limit or prevent corporate data from being accessed from compromised devices.
For more information about MDM software, download the complimentary “Executive Brief on MDM.”