Jailbroken devices are a threat to the enterprise


Userlevel 7
Badge +52
Mobile Apps are being targeted by hackers
One issue is that mobile devices are characterised by untrusted execution environments.  In other words, hackers can quite easily invade these devices without the owner's knowledge and compromise apps and data, while lost devices are an easy target for identity theft, data theft, and fraud.
Malware, unauthorised access, code tampering, piracy, and intellectual property theft are all major issues on the mobile platform.  These challenges are more difficult to deal with because mobile devices, and the resident apps, live outside the firewall, predominantly owned and maintained by users rather than companies.  Even on corporate devices that have security policies such as mandatory PINs, business policy wrappers and authentication policies, apps and data are still vulnerable to attack.  This is because all these measures assume that the device's controlled download and execution automatically protects the apps, the data, and the user.  In reality, a jailbroken device may do none of these things.
Jailbreaking (iOS) or Rooting (Android) is the process of bypassing restrictions, policies and safeguards built into devices by Apple and Android operating systems to enable device owners (and hackers) to install apps from outside the official App store and to bypass usage restrictions and checks that are built into the platform.  In a traditional sense, Jailbreaking/Rooting is executed by a user on their own device in order to use their personal device “freely”.  These jailbroken/rooted devices present a tempting target for hackers, who are able to leverage these compromised environments to cause direct financial loss and ultimately damage a corporate brand.
 
Building a self-defending and tamper-resistant app
Protecting an application and its code in a fundamentally distrusted and potentially malicious environment is a different discipline from IT security policy enforcement, and requires a fundamentally different approach.  The key is to leverage the same multi-layer, binary code protection paradigm as used for tamper-resistance in applications.  This will help achieve effective mobile shielding by making the applications on the device capable of self-defending and reliably detecting conditions at the time it is executed.  It is worth noting that the goal here is not necessarily to prevent Jailbreaking or Rooting, but to reliably and quickly detect its occurrence.  This detection becomes a critical pivot point for applications to alter their data processing and execution mode in order to preserve IP, data, finances and resources against being exploited.
Based on this building block of reliable detection capability, companies can customise the programming of their applications to intelligently and appropriately react as ‘programmed' to compromised circumstances in a manner that can be specified by the app's business policy envelope or Mobile Device Management (MDM) layer.  For example, an app may simply be required to notify the user that it is running in a jailbroken environment.  Alternatively, the app may phone the circumstances back to a server and trigger an out-of-band response process, such as a request for additional authentication or customer support call service.
As more businesses deploy mobile application and enterprise app stores/distribution become more ubiquitous, organisations need to understand that protecting assets via mobile computing devices requires more than applying MDM solutions.  It requires security to built-in to the app from the ground up, which ideally should include the ability to detect and react to jailbroken or rooted devices.
 
Full Article

0 replies

Be the first to reply!

Reply