How does Mobile Device Manager Plus detect jailbroken devices in the network?

Description

Jailbreaking devices gives users additional control over the devices at the cost of security. The lack of security makes these devices an easy target for malware and cyber attacks. This poses a risk for the corporate data on the mobile devices. Thus to ensure security of corporate data, it is recommended that jailbroken devices must not be used in organizations. Mobile Device Manager Plus allows organizations to detect jailbroken devices in the network and also remove these devices once they are detected. These devices then cannot be enrolled into Moble Device Manager Plus and thus lose access to corporate data. 

This document explains how Mobile Device Manager Plus identifies jailbroken devices

Conditions

A device is marked as jailbroken if any of the following conditions are met

  1. If any of the following files are found on the device

    This is the simplest method to detect if a device is jailbroken. Mobile Device Manager Plus checks if any of the following files, which are common to jailbroke devices, is present on the devices. If it is present, then the device is considered jailbroken.

    1. Cydia.app
    2. MobileSubstrate.dylib
  2. If the devices can access files or folders outside the application sandbox

    Among the list of additional controls attained upon jailbreaking devices is access to files and folders outside the application sandbox on the device. If an application can read or write outside the application sandbox, then the device can be considered as jailbroken.

  3. Once the devices are marked as jailbroken, the admin can enable a setting by navigating to Enrollment -> ME MDM app (under iOS) and enabling the setting on detecting jailbroken device to remove them from management.