Hey everyone,
We’ve recently added quite a few iOS and Android devices to the company fleet, and one of our main concerns is making sure none of these devices are jailbroken or rooted, since that can seriously put our data at risk.
Has anyone got a good way to spot these devices right away? And if we do find any, what’s the best approach to block them from accessing company emails, apps, or files?
Thanks.
39 Views
Hey, we use compliance settings to detect jailbroken devices. When an iOS device is jailbroken, it’s automatically marked as non-compliant. We also check the compliance reports to identify any jailbroken or rooted devices.
Additionally, we have configured automatic email alerts to notify the admin whenever a device becomes non-compliant. This helps us respond quickly and take necessary action. Hope this helps!
Hello @timo-liam. Just to add on to what @roosevelt mentioned, one effective way to block jailbroken or rooted devices is to create dynamic groups based on their compliance status.
You can set up a dynamic group with a condition filter that automatically separates jailbroken and rooted devices. And then, appropriate actions and restrictions can be applied specifically to those devices.
I’d highly recommend looking into conditional access policies, especially if you have Entra ID integrated with Hexnode.
Interesting! Could you explain more about conditional access?
With Hexnode and Entra ID working together, you can set rules that decide who gets access to company resources based on whether their device is safe.
For example, if your device is jailbroken or rooted, it’s marked as non-compliant. Then, if the conditional access policy is configured to grant access only to compliant devices, any device marked as non-compliant will be automatically restricted from accessing corporate resources.
Check this out: Help doc on conditional access
Thanks guys for all the suggestions. Definitely saved my time.
Don't have an account? Sign up
