Security Risks Lurk Behind Corporate Wearables Adoption

Security risks and wearables adoption

Wearables makers were expected to sell 274.6 million devices in 2016, according to a Gartner report. Nearly three quarters of millennials, 71 percent, say their companies should give them wearables like smart watches or smart glasses, shows a PwC survey. Almost half – 49 percent – backed their techno lust by claiming that wearables would boost productivity. Corporate wearables adoption, however, comes at the price of myriad unexplored and unaddressed security risks.

“All I want is easy action…”

Wearables are tiny, making them easy to snatch while left in a gym, for instance. Since they require little authentication, thieves – or virtually anyone else – can then access all the data stored on them at leisure.

BYOD (bring your own device) policies – where in place – rarely address the new challenges posed by wearables. Most mobile device management systems are still untested in scenarios where corporate wearables feature widely in company networks.

Most, if not all, wearables are connected. They synchronise data with cloud based services or corporate servers. Most of these data are unencrypted. Companies cannot enforce encryption, since these are third party apps. Their embedded software is beyond the reach of a corporation customising its software or making it more secure. This invokes a classic man-in-the-middle attack scenario in which data in transit is totally exposed.

“I spy with my little eye…”

A good many wearables can transmit video, audio, and data. This makes them perfect for spying. Indeed, not a few corporate wearables sell precisely because of their crypto-spying capabilities, like tracking employee location, monitoring driving safety to cut corporate car insurance bills, or even observing employee moods.

Over-monitored employees can turn the tables on their employers, however, by recording images or sound during sensitive corporate meetings. (What is more, some of them could do so entirely unintentionally.) Checking every wearable for activated spying capabilities is an uphill task even for multinationals.

An active wearable usually links to smartphones or tablets through protocols like Bluetooth, NFC, or Wi-Fi/wLAN. Bluetooth, for one, is quite prone to hacking, jeopardising corporate wearables connected or communicating with other devices via Bluetooth. An unsecured Bluetooth connection can be snooped from up to 100 feet, making it easy for a penetrator to hide. The same applies to unsecured Wi-Fi networks inside or outside the office.

Fragmentation versus standardization

Highly fragmented as the wearables industry is, it might find it worthwhile to invest into basic compatibility and communications security standards. It should easily afford to do so, with a 2016 turnover expected to be an impressive $28.7 billion. Indeed, some months ago UL (formerly Underwriters Laboratories) announced it was looking to certify wearables for security and privacy. The move addresses individual privacy, however, leaving corporate concerns unattended.

Many manufacturers install proprietary software and operating systems into their wearables. They often do not support secure third party apps, yet allow unsecured apps to run on their devices. Patching and securing a wearable largely depends on its maker’s goodwill and dedication to improving device software continuously.

Since 37 percent of employees expect their companies to roll-over older technology for the latest, transiting to newer and more secure corporate wearables should be easy.

Enlightened self-interest

Companies can further motivate corporate wearable users into accepting secure new devices by highlighting the risk to their most intimate personal and domestic security. While it is very chic to sport the latest wearable, some devices will soon be able to communicate with the Internet of Things and control home appliances and security. Should unsecured devices be hacked, the consequences are potentially hair-raising.

Corporate wearables adoption is burgeoning and backed by a rapidly growing number of employees. Businesses, however, should be very wary of just what they offer their employees in the way of wearables while the security aspects remain unaddressed.

By Kiril Kirilov

Kaylamatthews

What Amazon’s Kendra Means for the AI and Machine Learning Future

Amazon's Kendra Learning Future Most people feel a bit astounded when they type a query into Google and get relevant results in milliseconds. They're probably not as impressed when using an enterprise search feature at ...
Machine

Machine Learning: The Importance of Actionable Data

The Importance of Actionable Data How awesome would it be to know for sure exactly what your customers want to see from your business? Imagine being armed with enough actionable data to be able to ...
Fig 2

Leveraging machine learning models for predictive maintenance of network services

Leveraging machine learning models As per lightreading's service assurance and analytics research study conducted with 100+ network operators and service providers, nearly 40% reported that issues around service assurance as a massive challenge. Service assurance ...
Mark Barrenechea

Information is at the Heart of Your Business

Information Business Even though digital information is evolving at a rapid pace, the world is still document-centric. Documents, whether created by a human or generated by a machine, underpin every operation, communication exchange and innovation ...
Kishore Durg

Relevance at scale is the key to growth – just ask Del Monte Foods

Relevance at scale is the key to growth Consumer goods companies have seldom had things tougher. The possibilities shown to consumers by customer experience leaders such as Amazon, Google and Facebook have whet out appetites ...
Mark Casey Apcela

Why CloudHubs are an Important Ingredient to Optimizing Performance of Cloud-based Applications

CloudHubs - Optimizing Application Performance It may seem hard to believe, but even in this day and age, there are still some enterprises that are cloud-averse. For whatever reason, they are hesitant to have their ...