Is the Smartwatch a Security Risk?

The holidays are a great time to give technology to your loved ones. One of the most popular smart devices for each of the past few years is the smart watch. While they are extremely useful and make great gifts, they may have an effect on an organization’s cybersecurity.  Let’s take a look at some of the possible threats smartwatches may present for IT administrators.

Smartwatch Personal Data Protection

A smartwatch can do a lot of things for a person, and for the most part, aren’t too expensive for what they are. This makes them a very popular gift. They are known to cause problems for users and businesses, alike, however. In fact, most smartwatches that have been tested all had some type of vulnerability. Some will transfer data without encryption, some have built-in problems with their device encryption, and some are just downright insecure. 

While many of these vulnerabilities don’t typically combine to present privacy and security immediately, the amount of personal data that each device has after a period of use can present problems for users and businesses. That’s why if you are planning on using one of these devices regularly, you should understand that you may need to change the way you do certain things to ensure that your data isn’t leaking. Here are a few tips:

• Never use unofficial apps - Sometimes users will “jailbreak” a device to provide them with access to applications that they wouldn’t normally have access to. This can exacerbate the already flimsy security surrounding your smartphone. Only get your applications from the official Google Play Store, or the Apple App Store, or from the manufacturer of the smartwatch. 
• Don’t jailbreak your phone - If you want to use a smartwatch, the connection with your smartphone drives the services you use. For this purpose, you shouldn’t pair a smartwatch with a jailbroken phone as it exacerbates your risk. 
• Don’t connect devices directly to your watch - Since there are built-in vulnerabilities for many watches, it’s important to choose options that prioritize security. If your plan is to use your watch as a hub to control your other smart devices, reconsider. The lack of encryption can be a very direct pathway for hackers to expose. 
• Keep your smartwatch OS and other apps updated - Like any other piece of network-connected software, regularly updating security (or at least making sure it is regularly updated) is a great way to ensure you are doing everything you can to keep secure while using this useful technology. 

Smartwatch Risk for Businesses

Chances are that your business is already set up to deal with an influx of these smart devices because you’ve had to secure against your employees bringing in their mobile devices for years. That strategy, usually called BYOD, or Bring Your Own Device, was implemented because organizations were seeing problems with their data security as a result of employee access to network resources. The same strategy will help you manage the growing number of computing endpoints looking to access your network directly or through a mobile device (like many smartwatches do). 

By extending your BYOD strategy to a BYOIoT (Bring Your Own Internet of Things) strategy, you not only have the coverage you need to keep threats off of your organization’s network, but you also have the solutions in place to scale that platform as your employees plan on bringing in additional smart devices. Securing endpoints and monitoring data flow will be important strategies to consider in the days and years ahead. 

If you would like to learn more about how smartwatches work and how you should account for their presence even though they don’t seem like too much of a threat, call the IT experts at Horne & Benik. We can help you put together BYOD and BYOIoT strategies that can ensure that you can maintain security while still acquiescing to the IoT devices your staff may bring into the office. Reach out to us today at (603) 499-4400.