How might I detect when profiles other than the profiles installed through MDM are present on a device?
For one example, Comcast users can install a profile from Comcast that includes keys for the encrypted Xfinity_Wifi hotspots. That profile is probably fine with me.
For another example, however, malware or adware is known to coerce users into installing profiles that do all kinds of things. In such a case, I would very much like to be alerted.
An extension attribute, I suppose? How might I separate MDM-installed profiles from user-installed profiles?
Thanks for any insight.