Comments on zDefender – Android anti-malware software
A ComputerWorld article today discusses zDefender, an anti-malware tool for Android based devices. Based on the content of the article I’m guessing that zDefender is a custom ROM aka JailBreak. It appears to me that this is the only way that real desktop-like anti-malware would work due to the security model of both Android and iOS. In and of itself that is fine, however it does bring up concerns in an MDM environment and especially with BYOD.
I strongly recommend to my mobile enterprise clients to block and automatically unenroll detected jailbroken devices for the simple reason that jailbroken devices have vastly more malware than non-jailbroken devices.
Additionally, managing a jailbreak/custom ROM installation is likely to be very help desk intensive, particularly in a distributed environment where IT does not get to stage each device but would rely on users in the field to install. Those of you who have jailbroken a device can testify that it can be tricky for the average user, and if you lost power or connectivity during the jailbreak you can probably testify that it bricked the device. Now imagine 10,000 Joe users doing this in the field.
Finally, consider this approach in a BYOD environment. At separation for example, when a device is unenrolled, how do you restore the soon-to-be-ex-employee’s device to its original state? This could be a management nightmare.