Detect jailbroken iPhones or rooted Androids via MDM.
Jailbreak/root undermines OS security, encrypted containers and MDM restrictions are bypassable. Detection is not perfect (jailbreak-detection bypasses exist), but most consumer jailbreaks are easy to catch. Make it a compliance check, not log-only.
Try this first
- 1Intune Compliance Policy: tick 'Jailbroken devices' (iOS) or 'Rooted devices' (Android), action: mark non-compliant.
- 2Hook to Conditional Access so a jailbroken device gets no more work mail.
- 3Higher assurance: Microsoft Defender for Endpoint Mobile or Lookout, they do active checks via Mobile Threat Defense.
- 4Document policy: 'jailbreak/root on work phone = immediate work data wipe', not in a grey zone.
When to bring us in
Lots of false positives on older Androids with custom ROMs? We tune what 'rooted' really means for you.
See also
- Work and personal apps blur together on the same phoneAndroid Enterprise and iOS-with-Intune can enforce a work profile, isolating business apps in a separate container.
- Setting up Microsoft 365 on a new phoneOutlook, Teams, and OneDrive run smoothest if you install Authenticator first and sign the others in afterwards.
- Moving Authenticator to a new phoneMicrosoft Authenticator has built-in cloud backup. Run it before wiping the old device, otherwise everything has to be re-added by hand.
None of the above fits?
Describe your situation below. We pass your input plus the steps you already saw to our AI and return tailored next-step advice. If it's too risky to DIY, we'll say so.
Or skip the DIY entirely
Our Managed IT clients do not look these things up. One point of contact, a fixed monthly price, resolved within working hours.