There are many tools available to jailbreak Apple (iPods, iPads, iPhones) and root Android (Samsung phones, Amazon Kindles) products. As evidence of how easily a geek can perform these hacks, just look at the used electronics offered on CraigsList in a given week.
In this era of ‘bring your own device’(BYOD), these liberated ones may make ‘guest’ appearances on your corporate network. The more you know about them, the better you will be able to control their access.
Most fundamentally, in the case of computers, the opportunity for control begins when the device’s bootloader—held in firmware—begins its routine. As first stage security, depending on the device, the bootloader usually cannot initiate the boot process without an appropriate key. For example, my old video editing system will not begin booting-up without first retrieving the encryption key held in a USB dongle. In contrast, though similarly, newer computers use a Trusted Platform Module (TPM) to manage BIOS-stage security checks before allowing the bootloader to start.
Seeking to circumvent boot-level cryptography, jailbreaking and rooting tools target the computer’s Trusted Platform Module with methods that evolve along with the safeguards to stop them.
A jailbroken or rooted device gives the owner root-level control over the software running on it and opens up access to a plethora of applications that are blocked by the manufacturer’s TPM. Many jailbreaking kits automatically install the Cydia application loader to bypass iTunes in installing unapproved software on Apple devices.
However, the same hack that provides access to alternative software also exposes the device to the security risks that the device’s factory TPM is efficient at managing. A jailbroken or rooted device infected with malicious software becomes a Trojan threat; any data on or passing through the device, including data generated through sensors, keypad, network protocols, or peripherals, could be secretly sent to a remote server.
Device Monitoring Safeguards
Mobile Device Management (MDM) systems control devices through installed clients. While you can install clients on all company-issued devices, and even devices to which the user provides such access, you cannot control a mobile device on which no MDM client software is installed. Since, by definition, a rogue device is one that operates on your network without your control or permission, MDM offers little help in tracking such devices.
Besides an MDM, you need a monitoring tool to discover and track unknown devices on your network. SolarWinds User Device Tracker, for example, lets you see devices connected through the SSIDs on your wireless controller. You can track suspicious devices by adding them to a watch list, allowing yourself the most timely information on which to undertake a deeper analysis if and when device access patterns warrant it.