Wearable devices security: Are you doing enough to protect yourself?

In the last article, I have discussed Edge Security and one of the areas that we should be looking more into is Wearable Devices and how we can provide Security for them.

Most wearable devices (smartwatches, head-mounted displays, body-worn cameras and others) can prevent unauthorised access with device encryption; however, some of them have been found to be vulnerable to security threats while transferring data to cloud or when paired with a personal device. This has increased the need to beef up cloud, application and network security efforts within these devices.

It’s perhaps no surprise, then, that the worldwide wearable device security market is expected to become a $702.6 million market by 2023 – a 16.4 percent increase from 2017. So far, the healthcare industry has emerged as the leading adopter of wearable device cybersecurity, as these devices comprise huge volumes of customer data including the user’s health, demographic details, biometric passwords and others. The vital use cases of wearables, however, has increased the need for cyber security across other industries as well.

Microsoft is a leader in cybersecurity. With over 3,500 cybersecurity professionals employed by the company to help protect, detect and respond to threats, Microsoft is well positioned to deliver security operations that work across a wide range of devices.

How is data breached via wearable devices?

As this SmallBizTrends article explains, one way for wearable devices to be breached is through signal interception. This is when, for example, an employee brings their own smart glasses to work, which are connected to their smartphones. The phone, in turn, is connected to a company network where sensitive customer data is stored, such as credit card and account numbers. A thief can intercept the Bluetooth feed from the smart glasses display en-route to a cloud data store, stealing customers’ login credentials and potentially drain their bank accounts.

Another example of cyberbreach through wearable devices is known as ‘corporate espionage’ This can occur when, for example, an executive enters a building wearing a wireless identity authenticator. Unbeknownst to the executive a similarly dressed corporate spy enters a few steps behind, armed with a wireless signal interceptor. After capturing the executive’s unencrypted PIN number from the electronic signature, the spy can now move about the building with all the permissions the executive enjoys, including access to intellectual property, could then be sold to competitors. 

How to protect yourself

To minimize wearable technology security issues, the Travellers Indemnity Company suggests businesses look for the following features in the wearables they allow:

• Custom security levels: give users the ability to choose the security level they are comfortable with when they install their device or pair it with their smartphone.
• Remote erase feature: enable wearable users to remotely erase and/or disable their device if it is ever lost or stolen.
• Bluetooth encryption: Bluetooth offers an encryption API when exchanging data between a device and its target data store
• Encryption of critical data elements: the most critical pieces of data transferred between wearable devices and data stores are user IDs, passwords, and PIN numbers.
• Cloud security: data is often transmitted from a wearable device to a smartphone and then to a cloud data store. Virtualized clouds can secure data with multiple diverse operating systems, each operating within a different security context.

Built on trusted technology

With its technology that has been woven into the fabric of wearable devices over many years, Microsoft is well-positioned to deliver secure solutions to businesses developing wearable devices. In fact, Microsoft pioneers key innovations in cloud technology, connectivity, mobile operating systems, remote sensors and security that are now being reimagined in the wearables space.

In 2018, Microsoft assisted a company specialising in the Internet of Things (IoT) to develop technology that can be used to secure wearable devices of all kinds. Microshare graduated from Microsoft’s ScaleUp programme and went on to create a secure data-management solution that can be used by any business that collects data.

To learn more about Microsoft’s security offerings for wearable devices, click here.