Microsoft Adds Support for Detecting Jailbroken iOS Devices to Microsoft Defender for Endpoint
If it’s Detected that a Device is Jailbroken, a Warning is Surfaced to the Security Team in Microsoft 365 Defender.
Microsoft Defender for Endpoint got several upgrades that are generally available for Android and iOS and provide supplementary breach protection, lessen risk in organizations, simplify the end-user experience, and offer secure access to on-prem resources, according to an announcement made this week by Microsoft Corporation.
The tech company has added support for detecting jailbroken iOS devices to Microsoft Defender for Endpoint, the enterprise version of its Windows 10 Defender antivirus.
Microsoft Defender for Endpoint has the capability of detecting unmanaged and managed devices that are jailbroken. If a device is detected to be jailbroken, a warning will be sent to Security Center and if conditional access is set up based on the device risk score, then the device will be blocked from accessing corporate data.
Jailbreaking is the process of abusing the vulnerabilities of a locked-down device to install software other than what the producer has made available for that device.
Jailbreaking enables the person who owns the device to obtain complete access to the source of the operating system (OS) and access all the features. It is called jailbreaking because it involves setting free users from the ‘jail’ of restrictions that are perceived to exist.
If it’s detected that a device is jailbroken, an alert is surfaced to the security team in Microsoft 365 Defender. The device will then be considered as a high-risk device and this risk score is shared with your app protection or device compliance policies so that you can block it from accessing corporate resources.
Microsoft Senior Program Manager Shravan Thota declared that these types of devices bring supplementary menace and a higher chance of a breach to your business.
Microsoft Corp. has also announced the general availability of Microsoft Defender for Endpoint support for mobile application management (MAM) on Android and iOS. With this update, Microsoft Defender for Endpoint can safeguard a company’s data inside a managed application for those who are not utilizing an MDM but are using Intune to manage mobile apps.
It also extends support to clients who use other enterprise mobility management solutions such as AirWatch, MobileIron, MaaS360, and others, while still using Intune for mobile application management.
In order to improve the end-user experience, the tech organization also simplified onboarding for iOS end users. The update enables admins to push the VPN profile required for enrollment during the setup configuration process.
Microsoft’s mobile threat defense solution will continue to provide:
- Protection against phishing coming from browsing, email, apps, and messaging platforms
- Scans for malware and potentially unwanted apps (on Android)
- Blocking of unsafe connections as well as access to sensitive data (on Android)
- A unified security experience for SecOps in Microsoft 365 Defender
This is part of an extensive determined attempt to expand the security platform’s capabilities across all popular operating systems with the objective of enabling security teams to protect all their endpoint users by employing a unified security solution.
As told by BleepingComputer, the technology company announced two months ago that Microsoft Defender for Endpoint also supports Windows 10 on Arm devices.