In-depth

Wearable tech & the risk it poses to enterprise data

Davey Winder explains why IT directors need to wise-up about including wearables in their organisation's BYOD security policies

Bring Your Own Device (BYOD) security problems have been overblown during the last few years. Sure, the increased uptake of cloud services and the pressure put on both budgets and staff expectations has led to more off grid devices appearing in the workplace. However, the use of them doesn't have to be a security nightmare; it just means the enterprise has to adjust its security posture accordingly to accommodate the risk. 

Advertisement - Article continues below

The same goes for the 'Shadow IT' threat. None of which stops security vendor after security vendor from lining up to tell us all these things are a clear and present danger to enterprise data. 

The latest of these "threats" to enterprise data is Wear Your Own Device (WYOD). According to new research from Accellion, published today, enterprises are simply not ready to tackle the security risks that come with "the dawn of the age of WYOD".

Aimed squarely at the UK enterprise, the research questioned decision makers from 100 organisations with more than 1,000 employees, and Accellion discovered that 77 per cent of them didn't include wearable tech as part of their broader mobile security strategic planning. What's more, 53 per cent said they hadn't even considered the possible impact of it on their security posture, despite 81 per cent also accepting any increase in wearable tech could be a security risk.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

My main concern here is the figures simply don't make sense and I suggest the 'decision makers' who responded are immediately relieved of having to make any further decisions about enterprise data security as they are clearly not up to the task. I mean, seriously, half of them say they haven't considered the wearable threat yet more than 80 per cent accept wearables could be a security risk.

Did they not understand the question? If that were not enough to reinforce my knee-jerk distrust of such surveys, after all the responses are only as valid as the questions being asked. Another statistic emerging from this research is that 41 per cent of UK enterprises "currently have a BYOD policy in place that can be extended to cover wearables", which suggests that 59 per cent do not.

What the actual flip? More than half the BYOD policies out there, in these enterprises at least, are not fit for purpose because they do not cover own devices being brought into the workplace if they are strapped to a body part, apparently. Sorry, run that past me again, old chap?

Advertisement - Article continues below

Accellion says the figures "demonstrate that the wearable device poses a great threat to UK business, and if IT teams don't act quickly we could see many more cyber attacks as a consequence" which isn't the conclusion I am drawing from the headline figures. What I'm getting is they demonstrate a number of enterprises either have a really crap understanding of what a BYOD policy should look like or no idea what a wearable device actually is. Or both.

Don't get me wrong, I fully understand the threat that wearables introduce into the enterprise data landscape. What I don't understand is how that threat differs fundamentally from anything else that falls under the umbrella of BYOD. The clue is in the D bit, and a smartwatch or Google Glass, or USB storage underpants for that matter are all devices. End of. Next...

Advertisement
Advertisement

Recommended

Visit/security/vulnerability/355236/hp-support-assistant-flaws-leave-windows-devices-open-to-attack
vulnerability

HP Support Assistant flaws leave Windows devices open to attack

6 Apr 2020
Visit/security/cyber-security/355234/safari-bug-let-hackers-access-cameras-on-iphones-and-macs
cyber security

Safari bug let hackers access cameras on iPhones and Macs

6 Apr 2020
Visit/software/video-conferencing/355229/zoom-we-moved-too-fast
video conferencing

Zoom CEO admits company "moved too fast" as privacy issues mount

6 Apr 2020
Visit/security/internet-security/355228/mozilla-fixes-two-firefox-zero-days-being-actively-exploited
internet security

Mozilla fixes two Firefox zero-days being actively exploited

6 Apr 2020

Most Popular

Visit/development/application-programming-interface-api/355192/apple-buys-dark-sky-weather-app-and-leaves
application programming interface (API)

Apple buys Dark Sky weather app and leaves Android users in the cold

1 Apr 2020
Visit/data-insights/data-management/355170/oracle-cloud-courses-are-free-during-coronavirus-lockdown
data management

Oracle cloud courses are free during coronavirus lockdown

31 Mar 2020
Visit/security/privacy/355211/google-releases-location-data-to-showcase-effectiveness-of-coronavirus
privacy

Google releases location data to show effectiveness of coronavirus lockdowns

3 Apr 2020