I am guessing this is only a problem for Jailbroken phones. I am not aware of a way to install an app that is not on the Apple App Store without jail breaking the phone.
It seems a little weird to blame Apple for users that are turning off a major security feature of the phone.
No need to guess. You don't need to jailbreak:
You only have to allow installing from untrusted developer. This article links that to enterprise provisioning. It makes sense that enterprise users should be able to get updates without going through iTunes. You are not installing a new application according to the article. You are replacing an app with a fake version of that app. This is too subtle for many users to catch as most users are naive about security.
Before coming to the defense of a company, do the research.