Wearable Security is a Matter of Establishing Standards

By Ken Briodagh April 15, 2015

Wearable devices are here. They’re not universal, or even prevalent, yet, but the numbers of folks with a Fitbit, Samsung Gear or Apple Watch are only going to grow. That’s not to mention the still-in-development tech like implanted health monitors and sense enhancement mods, but we’re not all that far from those, either.

With all of this tech coming into so many lives, and collecting so much information about consumers and workers, there is a broad potential for security risk. Malicious software can steal personal information and activity patterns from consumers, and if someone uses personal devices for work, enterprise-level intelligence can be at risk, too.

Jim Haviland, CSO of enterprise mobility specialists Vox Mobile, says that we’re seeing a parallel to problems we’ve seen before with emerging technology. “The biggest issue at the moment is the lack of standardization,” he said. “There are so many different ways in, and there aren’t a lot of enterprise-level standard platforms [for wearable development] yet.”

He’s not wrong. Although heavy hitters like Microsoft are promoting platforms for IoT development, most wearables are coded on derivatives of a mobile OS like Android or use some proprietary platform that hasn’t been well vetted, mostly because it isn’t widely used. This makes the devices vulnerable to a variety of exploits and until the industry or governments set standards for encryption and other security measures, the huge pile of data will remain in danger.

“With mobility, we still see most startups looking at how to solve a specific thing because they’re thinking in a ‘behind walls’ model,” said Haviland. “That doesn’t work in the IoT.”

What will work is an incremental improvement model. Every generation of devices will be better than the one before, hopefully keeping ahead of the hackers, but more likely learning how to fix the holes from the attempted and successful attacks.

“Everyone wants to be the ‘Steve Jobs’ for this one, but I don’t think that job’s open,” he said. “I think over time, there will be a number of standard platforms [like with mobile OS now].”

The first step, he said, and the most dangerous missing security feature today is encryption. It’s important for the industry to keep developing and advocating for a common method for getting to encryption. And although data is important, the weak spot is at the control capabilities.

“As soon as we have the ability to learn insights at the point of action, that’s when M2M becomes really valuable,” he said. “We have to figure out how to protect that command and control ability to maintain that value.”

The nightmare scenario is that an “IoT virus” could enter a system through a worker’s unsecured wearable device, and take control of vital functions. As an example, such controls could grant a malicious user control over a power grid, medical facility or airport.

Now, that’s unlikely, but not impossible and Haviland says the stakes are real. “We’ve got to learn about this stuff. We’re still in the ‘we don’t know what we don’t know’ phase,” he said.

The important thing for now is to keep developing and to keep talking about the concerns and the solutions. Join the conversation in the comments below. Tell us if you’re worried about wearable security, or how you’re taking steps to create encryption standards.

Related Articles

Beyond the Closet, Connecting to IoT

By: Gary Audin    11/11/2020

Two challenges arise when considering cable based IoT.

Read More

Banyan Security Enhances Secure Remote Access for Engineering Resources

By: Ken Briodagh    10/27/2020

Banyan's Continuous Authorization Can Grant or Revoke Access to Sensitive Engineering Environments and Applications in Real-time Based on TrustScore

Read More

Senet Eyes RAN Partnerships as Key to Delivering Network Services for Massive IoT

By: Arti Loftus    10/21/2020

To meet the challenges that come with providing network connectivity for IoT solutions, Senet is executing a strategy for massive IoT that will be bui…

Read More

mimik Selected by 5G Open Innovation Lab to Drive Early Adoption of 5G

By: Ken Briodagh    10/15/2020

mimik's patented Hybrid Edge Cloud platform will boost the performance and reduce the cost of 5G Networks

Read More

5G Sets New Standards for Vertical Industries' IoT Connectivity

By: Special Guest    10/13/2020

As 5G rolls out across the world, vertical industries across IoT are working on additional standards to make the technology suitable for their industr…

Read More