My clients use my app in their private devices which are not under any MDM-control or under control of a foreign company. I want to make sure that my app can only be executed when some requirements are met like:
device is not jailbroken
device-password is set
At the end I want to make sure that no data is leaked, when the app is installed on private devices.
Is it necessary to install a client like mobile iron? If I can install a mdm-profile, this must only guarantee the required conditions for my app.
How do I archive this goal?
iOS MDM management will enable you to tell if a managed device has a passcode set; I don't think there is any other way (short of jail-breaking) to detect this.
Your own application can attempt to do jailbreak detection; Apple's MDM by itself cannot do jail-break detection.