Big Data // Big Data Analytics
News
1/13/2014
11:14 AM
Connect Directly
Google+
RSS
E-Mail
50%
50%
Repost This

Wearable Computing Equals New Security Risks

Have you thought about all the data thieves could steal from wearable gadgets? Security experts say this discussion is just starting.

 alt=
10 Wearables To Watch At CES 2014
(Click image for larger view and slideshow.)

Wearable computing hogged the spotlight at last week's CES 2014, as tech companies hyped smartwatches, fitness trackers, health monitors, and Google Glass-style optical headgear. While relatively few people are using these devices today, it's never too early to focus on the inevitable security and privacy concerns that wearable gadgets will bring with them.

According to Domingo Guerra, president and cofounder of Appthority, a San Francisco-based mobile app risk management service, the need for wearable and other mobile devices to interact and share data creates a new class of security and privacy risks.

"Being able to connect everything has advantages, but it also changes the risk parameters from what was possible before," said Guerra in a phone interview with InformationWeek.

If wearable gadgets follow a similar adoption cycle as smartphones and tablets, which were quickly embraced by consumers and enterprises, they'll almost certainly prove tempting targets to malware creators and data thieves, he said.

Factor in the promise of big data and the Internet of Things -- an interconnected digital universe of computer gadgetry sharing bits -- and there's potential for mobile misfortune on a global scale.

[Sensor-equipped objects and their networks will reshape your life, Cisco says. See CES 2014: Cisco's Internet of Everything Vision.]

A fitness tracker, for instance, may contain both personally identifiable information and sensitive health data. A few well-publicized privacy breaches involving these devices could lead to a sharper focus from governmental agencies on wearable security. Information transfers from wearables to insurance companies could lead to a big data dystopia that few consumers want.

"It's still early in the wearables space around healthcare, and right now a lot of the information may be just personal -- maybe sharing it among your family," said Guerra. "But as soon as that (data) starts being sent to a medical or insurance provider, which might offer discounts if you're healthy, and you exercise, and you're eating right, we're going to start seeing government involvement in the form of regulation."

Will smartwatches like Pebble's Steel catch on as quickly as smartphones did?
Will smartwatches like Pebble's Steel catch on as quickly as smartphones did?

One factor that may hamper the adoption of wearables is the current balkanization of the market.

"I think wearables need to embrace a (common) operating system, because otherwise they're too fragmented," he said. "Right now we see a million different types of watches and glasses, and pulse and heartbeat and exercise devices. Everything's fragmented. And unless these items can communicate and interact with each other -- unless there's a common platform -- they're not going to (achieve) mass adoption."

As with smartphones and tablets, apps will drive the wearables market, he believes.

"We see this now with both iPhone and Android. People don't buy a device, they buy something to play apps," he said. "So I think a lot of wearables will have to incorporate apps, and I think the Internet of Things in general will be powered by apps."

A world of data-sharing devices, however, has its drawbacks.

"Because they need to be highly integrated and connected, there are some security risks as well," noted Guerra. "From the perspective of security, we need to make sure we learn our lessons from what we saw with mobile."

One lesson might be to develop apps from the ground up with security in mind.

"Mobile exploded really quickly, and a lot of developers started building apps into the new ecosystems," said Guerra. "And that's kind of why it grew so fast, but security and privacy weren't always in the top of mind."

He added, "We shouldn't be surprised if wearables suddenly take off, and we should start planning ahead."

Jeff Bertolucci is a technology journalist in Los Angeles who writes mostly for Kiplinger's Personal Finance, the Saturday Evening Post, and InformationWeek.

Next-gen intrusion-prevention systems have fuller visibility into applications and data. But do newer firewalls make IPS redundant? Also in the The IPS Makeover issue of Dark Reading Tech Digest: Find out what our 2013 Strategic Security Survey respondents have to say about IPS and firewalls. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
msangha
50%
50%
msangha,
User Rank: Strategist
1/16/2014 | 12:46:37 PM
Security and wearable tech
The feds were so concerned about the pacemaker for Dick Cheney, they had to encrypt it with their own encryption. Security for devices in the new world of "internet of things" (IeT) is not completely worked out and the devices are ready to explode onto the market. Quite concerning. For more on wearable tech, check: http://tinyurl.com/n8lsl69
jagibbons
50%
50%
jagibbons,
User Rank: Ninja
1/15/2014 | 4:07:39 PM
Re: Building security in
Skimming data out of apps on wearables is certainly going to be a challenge. My more immediate concern, though, would be about data that is seen by someone wearing a Google Glass type of product. Right now, there are businesses I visit where I have surrender my phone because it has a camera. What happens when computing is seamlessly built into my glasses? My glasses save everything I see. That's a security nightmare.
WKash
50%
50%
WKash,
User Rank: Author
1/13/2014 | 6:46:59 PM
Building security in
To  your point: "One lesson might be to develop apps from the ground up with security in mind."  That's the right approach but one imagines the race to market a winning product, and/or find the killer app, will likely mean that, as with most emerging technologies, security inevitably gets a seat at the rear of the bus, if at all.

 
Shane M. O'Neill
50%
50%
Shane M. O'Neill,
User Rank: Author
1/13/2014 | 5:42:44 PM
A common OS?
With so many devices coming, it seems wearables are destined to be fragmented. How would this "common operating system" for wearables manifest itself? Can we possibly expect all of them to run Android?
Laurianne
50%
50%
Laurianne,
User Rank: Author
1/13/2014 | 3:33:29 PM
Wearables security
The fragmentation point is important. Look at the Android phone upgrade situation today. Will wearables be any less messy?
Whoopty
IW Pick
100%
0%
Whoopty,
User Rank: Ninja
1/13/2014 | 12:38:53 PM
More of the same
There might be more security risks with wearables, but it's the same sort of ones we have already. Snooping data between devices or from them will open up new concerns - how about robbing people when they've just finished a workout and can't chase you? - but ultimately as long as we focus on making sure that data isn't freely given to every app, regardless of its own security, we'll be a lot better off. 
InformationWeek Elite 100
InformationWeek Elite 100
Our data shows these innovators using digital technology in two key areas: providing better products and cutting costs. Almost half of them expect to introduce a new IT-led product this year, and 46% are using technology to make business processes more efficient.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Elite 100 - 2014
Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators.
Video
Slideshows
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.