How to have your cake and wear it: 5 essential security tips for wearable devices

A report recently issued by PWC suggested that wearables adoption will mirror the phenomenal rise of tablets in the enterprise. Apparently a fifth of adults in the US already own a wearable tech device and additional sales could top 130 million units in 2018. Enterprise vendors are watching these predictions carefully and starting to anticipate their arrival into the workplace with dedicated platforms, such as Salesforce1.

Although many applications being developed are for medical workers and white-collar users, it is not difficult to see why wearables also offer great potential for the same-day delivery industries. They provide a significant opportunity for achieving service improvements through more seamless interaction with customers. Added to this, proof of delivery is more secure and evidence to refute claims of lost or damaged consignments can be captured automatically, potentially without the customer even realising it. Customer service benefits aside, wearables also support hands-free working, which means productivity and efficiency levels can be further improved on existing rates achieved from using ‘traditional’ mobile devices.

But while the benefits of enterprise wearables are well documented, privacy and security remain the chief apprehensions among consumers. In PWC’s survey, 82 per cent of respondents said they feared "wearable technology would invade their privacy" and 86 per cent said they thought wearables would make them more vulnerable to security breaches. Privacy and security are serious threats that IT departments need to control carefully if wearables are to make the impact analysts are predicting in the enterprise space.

Below are five key threats to be aware of when considering how wearables might impact a sameday delivery business:

Security

Top of the list of risks is security, which is as much an issue for the service provider as it is for the end customer. This is because devices like Google Glass are able to record and transmit images of anything in the wearer’s field of vision. Implementing and enforcing a robust security and privacy policy will be essential for an organisation to protect itself adequately from threats and avoid the prospect of litigation. This should be relatively straightforward to implement for most forward thinking organisations and an extension of their existing social media and BYOD policies.

Data theft

A big part of the attractiveness of wearable devices comes from the ability to process and exchange data in real-time. Herein lies the security risk, because if they are stolen or intercepted, personal data could be compromised. The US National Security Agency highlighted this potential problem at a recent conference. Using enterprise-grade encryption to both protect data from eavesdropping and verify the identity of any connected device would be good first steps to prevent wireless attacks. Features like an automatic wipe will also help and reduce the attractiveness of stolen devices.

One of the other issues with wearables is that it is relatively straightforward for someone to ‘password surf’, seeing a PIN or password on screen and then use the information to hack into the device once it is stolen. It’s not a new problem but one that needs to be overcome if companies want to protect their workers’ digital identities and not risk security breaches due to stolen customer information. Biometric passwords could provide the answer to protecting a user’s identity, by ensuring a device is rendered useless if stolen.

Wearable device management

Mobile device management is already an essential part of managing the technology used by a mobile workforce and the same will be true of wearables. These will add an additional layer of complexity to what is already a very complicated aspect of IT security management. Already many MDM software vendors are re-naming their applications "Enterprise Mobility Management" to signify their ability to cope with the greater complexity. Clear policies need to be established and enforced to define expectations around what employees can and can't do using wearable devices, balancing the need for flexibility with confidentiality and privacy requirements.

wearables, wearable tech

The viability of BYOD

Linked to the previous point, organisations introducing wearables need to consider very carefully whether extending a BYOD policy to include these devices is actually commercially viable. From experience, managing the complexity created by having a multitude of different devices in use within an organisation will be a serious future challenge and one the IT department needs to prepare for to manage the potential resourcing implications and inevitable disruption created. Including wearables into a BYOD policy adds a whole new dimension to the level of device management required and presents a huge step change away from having a standard, company issue wearable in circulation and involves developing an understanding of, for example, support requirements for each device, plus an awareness of the individual operating platforms.

Employee privacy

Since wearables are able to continuously monitor employee behaviours and track their activity levels and whereabouts at all times, this creates an obvious employee privacy issue. Clearly, there are pros and cons to this issue. On the one hand, being able to monitor productivity levels is useful for KPI management and not too far removed from what companies are already using - for example; tracking on mobiles to monitor delivery drop speeds of individual drivers. Employees are accustomed to this practice and the data is only ever used internally.

More contentious is the ability to collect data, which other organisations can use. For instance, health insurance providers trying to understand how healthy an employee’s behaviour is when setting the cost of monthly premiums. In the case of the sameday delivery market, monitoring at this level could be regarded as an invasion of privacy as it’s not relevant in the context of the industry.

The best way forward

Given current adoption rates, wearables will inevitably make a big impact on the way delivery companies work. Experts are already giving their arrival a new moniker and coining the issue "BYOD 2.0". Even more so than with the original BYOD, it will be essential to have clear usage policies in place and an excellent understanding of responsibilities and expectations at both the employee and customer level. Provided this is in place and appropriate restrictions relating tosecurity, privacy and the types of devices that can be supported are implemented, there is no reason why delivery service providers cannot benefit from the improved productivity and efficiency that wearables can bring into a business. The advice is to proceed with caution.

By David Upton, Managing Director at DA Systems