The BOYD (Bring your own device) policy starts being a very common practice in a lot of company.
The ability to access corporate resources from their device makes it much easier to work in mobility, but it introduces a great number of security issues.
To overcome these problems companies can require, to employees who want to use their device, to install agents that allow company to control the security settings and necessarily take action if the devices are lost or stolen.
One of the most common agent for android devices is the AirWatch MDM, by VMware:
AirWatch provides enterprise mobility management for Android with a single console to manage devices, email, applications, content, browsing and more. AirWatch offers same-day support for Android releases to enable our customers to take advantage of the latest technology and advancements. The AirWatch platform has best-in-class architecture that is highly scalable, secure and flexible to meet your global enterprise mobility initiatives.
A complete and integrated solution!
However, enrollment is usually blocked if the device has root permissions enabled.
Understandable limitation, in the case of a normal user: the root permissions enabled introduces less control by the agent and the possibility of more security issues.
Nevertheless, not always root permissions imply security problems:
often the same vendors release devices on which can enable root without ‘esoteric’ procedures, and very often are essential for developers and skilled users.
How to force enrollment?
Fortunately there is a simple and quick way to force the enrollment of the device with root permissions.
Activate the module from Xposed Installer, restart the device and…enroll!
- OpenSSL Security Advisory, 3rd May 2016: Patch, Patch ASAP!
- Tor in a company network: how to detect and block it?
- Mazar BOT campaign in Denmark and Italy
- BadLock: let's take stock of situation!
- The Panama Papers Leak – What You Need To Know
- Frederike Kaltheuner @ #IJF16: understanding predictive privacy harms