MDM is not good enough - Help with Custom ROM or block Recovery Menu

Search This thread

Aze3

New member
Sep 23, 2022
2
0
Hey,

I have a bunch of devices that are enrolled with an MDM. They don't have a standard Google account activated since these are meant to be company owned, which means no FRP activated through Google.

The issue at hand is that if I factory reset through the recovery mode and then start the phone there is nothing blocking the device from being used as a normal device. This is not good enough because and I need some way to make the process harder to dissuade malicious intent.

One way to do this is with a Custom ROM. https://www.hexnode.com/mobile-devi...id-devices-in-hexnode-mdm-by-configuring-rom/ https://www.hexnode.com/blogs/the-big-hows-of-managing-custom-android-os-in-the-workplace/
So that leaves me with a question if it's possible to take the stock ROM and just add the MDM APK with the configuration. As I understand, this would always then boot into the MDM configuration, leaving any other option of the table. (As long as the device is not flashed with stock ROM again.)

Another option, which I can't see if possible is if the whole Recovery Mode menu can be disabled/locked with a passcode, making it not possible to do a wipe through this way.

Appreciate all the help I can get with this as I'm new to this scene!
 

Aze3

New member
Sep 23, 2022
2
0
the mdm devices are running bythe admin mdm policies, the admin must enable or disable features from the phone or add more security steps
I've tested this with Scalefusion, Hexnode and had a chat with SOTI.
All of them say that it's not possible to lock or disable the access to the Recovery Menu that you can access by holding the Power button + Volume up and then Wiping the data and restarting the phone as a new device.

If there would be a way to disable this menu, then that would be great. But according to them they can't do that since it might brick the phone.

So now it's either solving a solution myself for this or trying Samsung Knox devices that offer more options regarding this problem.