Blacklist

Scott.Morabito's picture

Scott.Morabito

Joined: Jun 8, 2012
WWW
No votes yet

Lets start a list of apps to consider blacklisting on enterprise networks.

I'll start with kama or sutra

Top
entmdm's picture

entmdm

Joined: Nov 23, 2010

enterprise mdm

Your rating: None

A few third party MDM software that should be on this list. I do want to say that for iphone mobile device management, AirWatch is an awesome web based or hosted tool.

Top
Aaron Freimark's picture

Aaron Freimark

Joined: Nov 6, 2010
WWW

Smells like spam...

Your rating: None

Hi entmdm. Please remember that this is a technical forum, not for marketing.

--
Aaron Freimark, Enterprise iOS founder & GroundControl CEO

Top
Scoosh's picture

Scoosh

Joined: Dec 7, 2010

Blacklist

Your rating: None

The first question to ask, why blacklist apps?
It's a legitimate question.

Blacklisting from a security perspective doesn't apply since each app is sandboxed & isolated from each other.

BUT, with respect to hostile work environments, such as kama or sutra, every app on the App Store has a rating. It may be easier to just leverage the content ratings.

The majority of business-oriented apps I've seen are 4+, news apps 12+, HBO is a 17+.
It's a guideline more than anything.

  • Sports Illustrated swimsuit edition (17+)
  • Maxim (17+)

Focus on the app ratings. Using Mobile Configuration profiles or an MDM solution, you can use the Restrictions payload to set the maximum allowed content ratings.
Apps are 4+, 9+, 13+, 17+, or all apps.

If you are looking to determine a jailbroken devices, your MDM application query should flag the following.

  • Cydia
  • Icy
  • Rockapp
Top
Aaron Freimark's picture

Aaron Freimark

Joined: Nov 6, 2010
WWW

I heard today from the Jamf

Your rating: None

I heard today from the Jamf Casper folks that Jailbroken apps live in their own "space" and won't be reported by current MDM inventory mechanisms. Can someone confirm this?

--
Aaron Freimark, Enterprise iOS founder & GroundControl CEO

Top
fredster's picture

fredster

Joined: Sep 4, 2011

As I understand it, in

Your rating: None

As I understand it, in effect, all iOS apps live ing their own 'space' because of the sandboxing nature of iOS.
Depending on the MDM, if it supports Jailbreak detection, then admins are alerted or automatically quarantined (depending on the rule/policy put in place)when the iOS device is jailbroken.

Top
mbernier's picture

mbernier

Joined: May 19, 2011
WWW

Yer, in iOS, everything runs

Your rating: None

Yer, in iOS, everything runs in a realm : applications, mailboxes etc ... so, except for some very restricted actions, nothing in a realm can interact with other things in an other realm.

Top
MC_AirWatch's picture

MC_AirWatch

Joined: Sep 4, 2011

Dont' think JailBroken apps are possible

Your rating: None

Apple removed the device jailbreak detections APIs in OSv4.2, so as an MDM vendor you can't simply call an Apple provided API to detect a Jailbroken device - you now how to have your application independently try to perform illegal operations (my understanding) to verify jb status. As far as the a jailbroken app, that's a new one for me and not possible based on my understanding of the Apple Application Security Model.

http://images.apple.com/iphone/business/docs/iPhone_Security.pdf
Matt

Top
cosimo's picture

cosimo

Joined: Jan 14, 2012
WWW

Blacklisted Apps

Your rating: None
Scott.Morabito wrote:

Lets start a list of apps to consider blacklisting on enterprise networks.

I'll start with kama or sutra

Does anyone have more Apps which should be blacklisted in an enterprise environment? Like for example 'Path? which is uploading the whole address book and exposing enterprise data?

Regards,
Sebastian

Top
babybluetx23's picture

babybluetx23

Joined: Mar 22, 2012

Airwatch DOES detect

Your rating: None

Airwatch DOES detect jailbroken devices and reports them. it will then do one of three things depending on the configuration you have set up in your enterprise. it will wipe the device totally, it will unenroll it from airwatch, or it will send the user a message asing them to contact support. Right now i currently have our system set up not to do anything when a device is compromised because i have a droid tablet, that has been rooted and a new ROM put on it, that i am currently testing. i didnt want airwatch to wipe it out.

Top
babybluetx23's picture

babybluetx23

Joined: Mar 22, 2012

In my environment we are

Your rating: None

In my environment we are working on blacklisting facebook and angry birds. i work in a hospital so we really dont want our patients to see nurses playing angry birds at the nurses station.

Top
jpref's picture

jpref

Joined: Apr 18, 2012

Blacklisting?

Your rating: None

can you tell us how you are going about doing this ? We are using an MDM solution right now, but it only allows an all or nothing solution for the app store.

Top

Who is online?

There are currently 0 admins, 0 users and 9 guests online. Connected users: .

Recent Activity