IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Wearables at work: Are smartwatches secure enough for the office?

Wearable technology poses a threat in the workplace – how can IT departments deal with them?

smartwatch

Following Mobile World Congress and with Apple Watch set to launch in April, wearable technology has once again taken centre stage.

From a security perspective, we have not seen any deliberate attacks aimed at smartwatch devices thus far, probably because the adoption of these devices has not yet reached the critical mass necessary to pique the interest of cybercriminals. However, this does not mean that they won’t try in the near future.

The wearable dilemma: what are the security concerns?

There are many potential risks that wearable technology could pose within an enterprise environment. Firstly, hackers could use poorly configured smart gadgets as backdoors into a corporate network. This is down to the fact that they are currently lacking the proper security mechanisms. Rather worryingly, the expected fast-paced and widespread adoption of these devices is likely to leave little time for implementing security standards on a global scale.

Secondly, most wearables can be charged via USB. Imagine what would happen if a user were to have his home laptop infected and somehow got his wearable to piggyback a Trojan onto his work laptop. USB vulnerabilities have been exploited by attackers for a long time, and it stands to reason that wearables or anything Internet of Things (IoT) related will be used to spread malware in the future.

There is little IT administrators can do to prevent these types of attacks, other than disabling access to USB-enabled peripherals. Another solution would be to ban wearable technology in the workplace, but we don’t believe that is really an option. In light of this, IT departments must set up new standards and protocols to manage the plethora of wearables and smart devices ready to connect to enterprise Wi-Fi networks.

Wearables at work: what are the challenges?

For businesses and IT departments looking to implement wearable devices, security and privacy challenges will of course be encountered. The connected world of IoT devices is already beginning to drive changes in the industry and new regulations and security frameworks will have to account for current IT limitations on network architectures.

An obstacle businesses are already facing is the inability to store, access and interpret the data in time due to its volume and speed. In order to counteract this issue, firms should consider a redesign in the architecture of data infrastructures as well as a more comprehensive strategy for storage.

Wearable devices should be regarded as mobile devices, but with ultimate portability and the potential to affect businesses in a way no other gadgets ever have. For example, imagine employees walking around the office with Google Glasses on and attending meetings or reading important documents. This type of technology would access some of the most well-kept company secrets, and with serious consequences if an attacker were to gain access to it.

Google Glass has probably taught us a thing or two about wearables and privacy, too. Some countries already have laws and regulations regarding surveillance and data protection meant to protect individual rights; for example, the UK has both the Data Protection Act and CCTV Code of Practice to refer to when considering Google Glass.

We strongly advise that companies enforce some guidelines or regulations regarding the use of wearable technologies, to include banning wearables capable of audio or video recording during conference calls. Unquestionably, as the wearable revolution grows in popularity, IT departments will have their hands full trying to keep up with the latest gadgets and advancements.

Wearable Technology: A Quick Guide

Alexandru Catalin Cosoi is chief security strategist at Bitdefender

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Databricks announces major contributions to flagship open source projects
open source

Databricks announces major contributions to flagship open source projects

29 Jun 2022
VMWare unveils new vSphere+ and vSAN+ solutions
virtualisation

VMWare unveils new vSphere+ and vSAN+ solutions

29 Jun 2022
HPE unveils new partner programme to boost XaaS practices
channel

HPE unveils new partner programme to boost XaaS practices

28 Jun 2022
Open source giant Red Hat joins HPE GreenLake ecosystem
automation

Open source giant Red Hat joins HPE GreenLake ecosystem

28 Jun 2022

Most Popular

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks
Security

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks

27 Jun 2022
Open source giant Red Hat joins HPE GreenLake ecosystem
automation

Open source giant Red Hat joins HPE GreenLake ecosystem

28 Jun 2022
Carnival hit with $5 million fine over cyber security violations
cyber security

Carnival hit with $5 million fine over cyber security violations

27 Jun 2022