Whether we want to admit it or not, wearables are coming to the work place. Fitness bands and smartwatches are the new trend and they are ready to tap into our secure networks. With technology becoming more and more integral part of our lives, it makes sense that wearables would be a natural extension of our smartphones, and essentially ourselves.
Wearable technology goes beyond our normal BYOD concerns. The new vulnerabilities and security threats wearables bring along isn’t something that can be ignored. Each connected device represents a potential access point for hackers to obtain sensitive data.
So what do we do to secure these devices? According to an article by Nicko van Someren for entrepreneur.com, there are three major things to consider:
1. Don’t take data for granted.
Smartphones, tablets, wearables and other connected devices are collecting a host of extra information that can put consumers and corporations at risk. GPS logs, for example, can track where you work, where you pick up your kids from school, which ATMs you stopped at and which medical clinics you visited.
Identity thieves and blackmailers who wish to gain insight into your company’s info, your bank account and your medical records can hack your wearable devices to find this valuable information. Furthermore, tracking information in a wearable device isn’t just useful to stalkers. It could also be used by competitors to alert them to which clients, vendors, partners and investors you’re meeting with. Recognizing that all data has value is the first step in ensuring it remains in safe hands.
2. Choose substance over style.
The dominant mobile operating systems of today have become much more user friendly over the past few years. Apple, Google and Microsoft have all delivered world-class mobile user experiences that provide more power and freedom than ever before, pushing the “Security vs. Usability” trade-off to the forefront of IT conversations. Meanwhile, many enterprises struggle to keep up with this innovative and powerful extension of the worker outside of the office.
On the flip side, users are beginning to recognize that a great user interface is not the only requirement — security and privacy have become just as integral. In a 2014 study, American multinational corporation Fortinet found that 70 percent of its respondents are “extremely concerned” or “somewhat concerned” about data breaches or having sensitive personal data compromised.
The first wave of wearables was not designed for the enterprise, making this consumer technology a significant threat to business security.
The second wave that we’re seeing now is much more sophisticated and of more benefit to enterprise workers for productive mobility. Hopefully, this means they will have more robust security features built in, but in all likelihood they will have even more access to sensitive data without a comparable increase in security. In order to keep corporate information safe, companies must protect the most appropriate assets while allowing the end users to access the functionality provided by the manufacturers.
3. Use a containerized approach.
Mobile operating systems are leaky by design because they make data easy to move from one app to another, one device to another and one user to another. This ease-of-use has profound implications in terms of security because using something that’s incredibly easy to set up and use means there is very little control over the data replication. For enterprises, this can create a security problem if employees bring unsecured devices in the workplace for work purposes.
Keeping enterprise data in separate, encrypted containers on smart devices has made it possible to control where the data goes next. Policies can be put into place that control the flow of alerts to paired wearable devices as well as controlling the flow of data between apps.
For example, an IT department can allow email subject lines or meeting reminders to get sent to a smartwatch but not allow full access to emails or Office documents on the smartwatch.
To secure any mobile technology, enterprises need to adopt a containerized approach where corporate data is separated from personal data and secured. According to Gartner, smartwatches will make up 40 percent of consumer wrist-worn devices by 2016. While just a year ago only two of the top 10 smartphone vendors were in the wearable space, today nine out of the 10 top smartphone vendors have entered the market.
Wearable technology is on the rise, and just as we saw with BYOD, employees will continue to bring wearable devices to work to increase efficiency. Many enterprises are just now planning and implementing their overall mobile strategies and policies to ensure the security of corporate data, and wearables must be a part of that discussion.