Educause Security Discussion mailing list archives
Re: Where do you stand? --- University policy on Jail broken mobile device access to secure networks.
From: Brian Helman <bhelman () SALEMSTATE EDU>
Date: Thu, 29 Mar 2012 15:25:12 +0000
I'm curious what brought this topic up?
From a security standpoint, I see no reason why rooted/JB devices shouldn't be supported. Granted, the "sandboxing" has been defeated, but we're seeing that your device doesn't need to be JB for apps to access data outside of their normal control anyway. And, other than the possibility of an SSH server running by default (with the default password unchanged), there's been no proof that JB devices are less secure than stock items. In fact, I'd argue the opposite -- JB devices are often more secure, because they can be patched in a more targeted fashion. This issue with Apple devices broadcasting past wireless network information will probably get patched on the JB side before Apple does it officially.
As far as policy, we do support JB devices. In Fact, we use them. Apple forced us to do this when they removed most of the network tools (e.g wififofum and WiFiAnalyzer) from the App Store. -Brian -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Eme Ejike Sent: Thursday, March 29, 2012 11:05 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Where do you stand? --- University policy on Jail broken mobile device access to secure networks. This is certainly interesting. I believe we all have some wonderful opinions....... BYOD is here with all the intricacies involved in generating an apt SLA model for such devices on campus. As part of the MDM service push for these devices, policies, standards and guidelines need to be defined to build a solid foundation on our foray into this arena. What do our members believe an official stance on jail-broken devices should be? Bearing in mind that our objectives are to provide security conscious access when on campus (i.e connected to an elevated access SSID with a purview into secure segments of the network --Network shares, ERP applications.. etc). A reference on some industry SME view would help in supporting your response. Sincerely, Eme Ejike OCCS, ITSO Supervisor Old Dominion University
Current thread:
- Where do you stand? --- University policy on Jail broken mobile device access to secure networks. Eme Ejike (Mar 29)
- Re: Where do you stand? --- University policy on Jail broken mobile device access to secure networks. Brian Helman (Mar 29)
- Re: Where do you stand? --- University policy on Jail broken mobile device access to secure networks. Ejike, Emechete C. (Mar 29)
- Re: Where do you stand? --- University policy on Jail broken mobile device access to secure networks. Brian Helman (Mar 29)
- Re: Where do you stand? --- University policy on Jail broken mobile device access to secure networks. John Ives (Mar 29)
- Re: Where do you stand? --- University policy on Jail broken mobile device access to secure networks. Brian Helman (Mar 29)
- Re: Where do you stand? --- University policy on Jail broken mobile device access to secure networks. Eme Ejike (Mar 29)
- Re: Where do you stand? --- University policy on Jail broken mobile device access to secure networks. Ejike, Emechete C. (Mar 29)
- Re: Where do you stand? --- University policy on Jail broken mobile device access to secure networks. Brian Helman (Mar 29)
- <Possible follow-ups>
- Re: Where do you stand? --- University policy on Jail broken mobile device access to secure networks. Ejike, Emechete C. (Mar 30)