Changing the Game on Wearables Security
Last night in the NBA, a star named Kobe went out like a supernova, while the Golden State Warriors made history with a record-setting 73 wins in a regular season. Fans and analysts alike have remarked all season long how this particular team is revolutionizing the way NBA basketball is played, which has led to historic success. In the workplace, wearables are similarly looking to effect a revolution in opportunities and efficiency for businesses. As has been the case from the beginning with the Internet of Things, however, data security for all these connected devices and apps has not been a priority for developers. Gartner predicts wearable device sales will increase 18.4 percent this year, and a previous Business Insider report estimated a 35 percent rise over the next few years—this kind of proliferation merits more attention to security detail, in my opinion.
And yet, there remain numerous vulnerabilities when it comes to the personal data these wearables collect. The most glaring, to me, is the lack of encryption on many devices for the stored information, or any kind of user authentication or password needed to access it. Protection for the data in transit is also often questionable, with some third party apps neglecting basic security standards. Needless to say, you don’t want such an open device to fall into anyone else’s hands by mistake. Likewise, the increasingly stealthy surveillance options many of these devices offer, with capabilities for capturing pictures, video and audio with a 007-like ease, should be a concern for organizations adjusting to the influx of wearables.
With a trend still in its nascence like this one, moreover, comes also the unsurprising lack of and questions about regulation, and to whom device manufacturers and app developers will be answerable. Considering the continued patchwork that defines our national data breach notification laws, distinct from state to state, I don’t have much faith in these issues being addressed satisfactorily any time soon. Organizations will also have to once again adapt and evolve their MDM (mobile device management) policies, as was the case when BYOD (Bring Your Own Device) became popular, and smartphones and tablets became a common feature in the workplace (as well as a common security risk).
The Internet of Things promised us connected, well, things. As this promise slowly comes to fruition in more and more aspects of our lives, businesses looking to take advantage will also have to revolutionize the way this game is played.