Infosec: Jailbroken devices are a threat to the network

A panel of experts has warned that jailbroken mobile devices need to be detected before they are allowed on corporate networks, as their security cannot be guaranteed

A panel of experts at security conference Infosec has urged organisations to wake up to the risks of allowing jailbroken devices to connect to the corporate network, as employees increasingly bring their own devices to work.

A jailbreak is a software tool that "breaks" a mobile operating system, specifically Apple's iOS, allowing users to download non-Apple approved apps and other software to their devices.

Because this process also disables Apple's patching process, the device's security can no longer be guaranteed.

"We don't allow jailbroken devices onto the network," said Paul Hyland, group information security officer at manufacturing and packaging firm Ardagh Group.

"We expect all employee-owned devices to be kept up to date [with patches], so a jailbroken device is a security risk," he added.

Robert Cockerill, head of IT infrastructure and security at Thames River Capital, explained that his firm uses a tool to deny network access to risky devices.

"We have a mobile monitoring tool which detects out of date and jailbroken devices, so we block them from the network."

However, it appears that public-sector organisations are less prescriptive about what sort of devices are allowed on the network. Tony Doyle, head of ICT services at Blackpool Council, admitted that his organisation does not monitor which devices attempt to connect.

"We're not detecting jailbroken devices yet, perhaps we should be," said Doyle. "We're using Good Technology on mobile devices, which encrypts our data and enforces the use of PINs across all tablets and smartphones," he added.

Chairing the panel discussion, Nigel Stanley, practice leader security at Bloor Research, asked why some users would want to jailbreak their devices.

"The question is, why are they jailbreaking their devices? What sort of threats are they potentially bringing into the network?"