According to the Ponemon Institute, cybercrime costs the average UK business around £3 million a year. As applications, platforms and devices grow, so does the number of opportunities for hackers to develop sophisticated attacks. As wearable technology begins to infiltrate the workplace this will be yet another concern for IT, and another opportunity for the hacker.
Add this to the long list of concerns that IT Admins already face: Mobile devices, laptops, desktops, and servers all need to be maintained from an update perspective or companies increase their risk of being exposed. Moreover, different users require different technologies, complicating how IT manages the IT estate. With a plethora of new office technologies surfacing and an expectation from users to work from the devices that make them productive, how do IT departments prevent vulnerabilities across their estate?
As technology permeates further into our daily lives the risk of being exploited increases, but there is a way of preventing this from happening. The truth is many cybercrimes can be mitigated by simple maintenance, like patching your applications. Whilst a simple task to carry out, many organisations still do so manually, which is not only laborious for IT staff carrying out the work, but often can result in human errors and time being taken away from other more innovative matters – such as implementing a new Wearable portfolio for your users. Before organisations can become innovative, they must prioritise security, and importantly, prioritise patching.
Wearable is on its way
Wearable technology today can be compared to where mobile phones were in the late 1990s, a gimmick that we all want in our personal lives, but one that enables productivity. For many of us, Wearable is a brand new concept, but an exciting one. Most of us in the UK aren't even able to own Google Glass for at least another year – creating further anticipation for those already intrigued by its functionality. But whilst Google Glass is a rarity this side of the Atlantic, other wearable devices, such as smart watches are making an appearance.
The convenience of these devices makes them all the more appealing. Whilst some functionality is similar to a smartphone, for example QR scanning, voice recognition and weather and traffic updates, the device almost feels a part of you – making it even easier to be productive. Although Wearable technology is still immature in the consumer space, let alone in the enterprise space, it is still keeping IT managers awake at night, as the realisation that these products will soon be creeping into the workplace dawns.
There are several reasons that the IT department is concerned with wearable. Firstly, after the rise of Bring Your Own Device (BYOD) in the workplace, IT teams realised there was a need to strike a balance between freedom and control. When consumer devices entered the workplace, many IT departments labelled it as 'Shadow IT', when all users wanted to do was get the job done. Over time, businesses saw the benefit of users working from mobile devices and being connected from anywhere at any time. As a result, IT introduced policies and software (and in some cases consumer devices themselves) to help manage and empower users. But this did not happen overnight and in a lot of cases is still being worked on. With Wearable's being such a new concept, IT teams are likely to have to endure yet another rigorous approach and tighten security before trusting them enough to allow them into the IT estate. Patching is at the heart of the security.
Secondly, there is always a concern around newly developed products. With such hype around Wearable technology in the consumer world, new Wearable companies are cropping up rapidly as savvy business people recognise the wealth of opportunity it can lead to. As a result, many manufacturers have to compete in price wars; meaning there will no doubt be areas that the developers have paid less attention to so that they can start shipping and making money. It's less likely to be the physical design of the product or what you can do with it that falter, as these are key selling points. The more cynical IT manager will believe the area that these products will fall down on is security – something the IT department is responsible for.
To add to the complexity of Wearable technologies and defending against vulnerabilities, is the fact that IT departments are already struggling to manage the estates they currently have – but could effective patching prepare them for the wave of devices that lie ahead?
Putting patching at the heart
Patching is paramount for any organisation reliant on technology. A recent CSIS publication on Cybersecurity called out the fact that 75 per cent of attacks use publicly known vulnerabilities in commercial software that could be prevented by regular patching. Gartner also found that unpatched vulnerabilities are the primary infection method of network threats and for 90% of exploits, a patch was previously available. With such high figures correlating unmanaged patching with security vulnerabilities, those manually patching are playing a dangerous game of risk. But the importance of patching is essential, especially as the cost of leaving applications unmanaged will surge alongside the rise of Wearable technologies in the workplace.
Furthermore are the consequences of the different types of malware that can come as a result of leaving patches unmanaged or left to be handled manually; data privacy, reduced productivity and cost. For example, if an employee were to wear Google Glass in meetings to capture the minutes and that data were to be intercepted, it could not only breach data privacy of the meeting itself, but also could cost the business greatly if ideas mentioned were to get into the wrong hands. Similarly, if warehouse workers were to have Wearable devices hacked into whilst preparing to ship goods, it could result in huge errors or result in having to manually work out which products need to be shipped where and when.
Unpatched IT estates are a huge issue but one that can mitigated simply with the right tools. Despite patching and updating systems being around for years, organisations of all sizes struggle to patch systems effectively. Regardless of whether devices are behind firewalls or are outside the four walls of the office, operating systems and applications need to be patched – in a timely manner. The issue that many businesses face is that they don't have sufficient back-office technologies to cope with patching automatically – something that could reduce hours and errors – not to mention risk of being a victim of cybercrime.
To conclude, Wearables are inevitable, as is the need for patching. The stats speak volumes, but with a growing IT estate and the dawn of wearables, IT teams are facing greater pressures than ever. By investing in solutions now that automate patching, they can reduce their risk of being susceptible to cybercrime and prepare for the wave of new and unknown devices.
Morten Gammelgård is the EMEA Channel Manager of Shavlik.