Although Google Glass is garnering initial praise from public safety officials, governmental CIOs, CTOs and IT executives had better be ready.
Government IT professionals must keep in mind that Glass's inherently fast operating mode lacks one major component: security. There are no password requirements, pin number or touch pattern to complete like those available on smartphones.
[ Will there come a day we can't imagine living without Glass? Read Google Glass: Autocorrect For Your Life? ]
Therefore, if someone were to steal an employee's Glass, he would have quick and easy access to all of the information stored on the device, which is linked to that person's Google+ account and smartphone by default. It's like taking candy from a baby. A hacker would have complete access to all contacts, email accounts, passwords, personal pictures and videos, and much more.
This becomes more of a threatening issue if the Glass owner has stored work or government-related information on the device or if the Glass is connected to a government system. Like smartphone devices, Glass can be hacked whenever it is connected to public Wi-Fi -- because public Wi-Fi security is minimal, it can be easily bypassed. The same risk exists when Glass is connected to a secure network through a hotspot on a smartphone. Also, any viruses on a person's smartphone, computer or Glass can be easily transferred to the entire network, consequentially making the network vulnerable to more viruses and hackers.
Another concern for government organizations is the threat posed to intellectual property, financials and confidential communications by employees who own Glass. If policies allow for employees to wear Glass in the workplace, strict regulations will have to be made limiting use in certain areas or when handling certain information.
Basically it comes down to being knowledgeable of the risks. Government organizations need to be aware of the capabilities of Glass and all of the possible threats posed by the device depending on the specific organization. Due to the inconspicuous nature of the device, controlling the purposes for which wearers use Glass is difficult. At this point, the best line of defense for any governmental organization is to be aware and be ready. And the best way to be ready is to create a Google Glass policy before employees stroll in wearing their devices.
Ideally, a Glass policy will fit into an existing BYOD strategy. If an organization doesn't have a BYOD strategy, the emergence of Glass can be a compelling argument to get one in place. As part of a Glass policy, a government entity might:
-- Set limits for where and how the device can be used.
-- Create a data loss prevention plan to detect potential data breaches.
-- Create an employee policy for use of Google Glass in the workplace.
-- Maintain Google Glass and all computers, installing security updates and patches as they become available.
No matter what shape the final Glass policy takes, timing is the most critical component. Having a Glass strategy in place before the device's wide release is half the battle, and that's particularly important when the battle you're facing is ever-changing.