The Internet has been abuzz with things lately — or maybe it's the other way around. The Internet of Things is here to stay, and that has meant a lot of changes for application and enterprise security. As apps diversify and everything from seemingly innocuous Fitbits to complicated bring-your-own-device programs become the norm, managing threats to secure enterprises will become an increasingly creative and multifaceted endeavor.
Soon, keeping track of smartphone OS versions and apps will seem easy compared to the problems brought about by wearables and the latest crop of tablet-laptop tweeners and their new applications. Once Apple assured the public there would be at least one smartwatch in every tech-forward office by the end of this year, the new challenges became real. Are you ready?
Since the Apple Watch is technically just an extension of the iPhone, there shouldn't be any major new vulnerabilities. However, because of the growing pressure placed on software developers by hardware teams, every new product launch brings a unique set of untested parameters to the mix. The smartwatch is more of a screen repeater for smartphones than a whole new device, so the biggest initial threat may be employees' abilities to read their texts and check Facebook more discreetly than ever before.
Still, more devices with approved network access always means more potential doors for intruders. And with smaller devices such as fitness trackers interacting with their surroundings in less obvious ways, the entry points to networks are no longer just computers. One company is looking to plug the hole in the hardware-software interaction space by creating a security tool that monitors Bluetooth and Wi-FI signals and alerts security admins of abnormal activity. While this innovative software-sensor combo fills an obvious need by sniffing out misbehaving devices, it does not ensure complete enterprise safety the same way comprehensive security software can. Ultimately, it should be thought of as an added layer of protection in an increasingly complicated AppSec world.
All wearables should be regarded with as much reverence and scrutiny as smartphones. Employees will soon have incredibly powerful computers on their wrists and in their glasses. To maintain a safe network environment, it is critical that you regard the Internet of Things not as a gimmicky way to make everyday devices dorkier, but as a diversification of computing. Every watch app has the same network access and vulnerabilities as its phone or laptop counterpart, so each one must be inventoried, tested and scanned the same way.
Whether smartwatches are the next big thing or a total fashion faux pas is up to you. But they could be the downfall of your enterprise if you don't take them seriously.
Check out our whitepaper for more on the Internet of Things and the security risks it presents.
Photo Source: Flickr