Blog by Costis Papadimitrakopoulos

Smartphones were considered the ultimate in personal devices because they’re something that most people have with them at all times and don’t share. Wearables will take that device-person relationship to another level. Their simple use case of collecting health information or recording what a person is looking at takes the device-to-person interaction at a whole new level. So if enterprise mobility management (EMM) solutions are important for managing and securing smartphones, they’ll be just as important for wearables — maybe even more so.

“Wearables” currently is synonymous with consumer devices such as the Samsung Galaxy Gear smart watch, Google Glass and fitness trackers such as FitBit. But that pigeonholing misses the large and growing number of enterprise deployments. One example is Virgin Atlantic, whose Heathrow Airport staff is equipped with smart glasses and smart watches so they can greet passengers by name and provide white-glove service.

EMM solutions enable enterprises to manage and secure wearables, whether they’re company-issued or employee-provided. Virtually all of the reasons for using an EMM platform for smartphones apply to wearables, too, such as enforcing security policies and pushing firmware updates rather than relying on users to download and install them.

For many wearable applications, there are additional reasons to use EMM platforms. For example, remote lock and wipe might be desirable for consumer-facing health care applications, such as patients in rural areas where cellular coverage is spotty. Those patients’ data will have to be stored in a secure workspace/container on the devices until the wearers move into areas with coverage. Remote lock and wipe ensures that their data isn’t vulnerable when wearables are lost or stolen.

The same security benefit can apply when patients spend most of their time in places with excellent but expensive cellular coverage. For example, it might be more cost-effective to have the wearables upload data to the health care provider only when patients are within range of their home Wi-Fi network.

In both scenarios, lock and wipe is critical for protecting patient data when it can’t or doesn’t immediately go up to the health care provider’s cloud. And when it’s time to upload information, an EMM solution provides end-to-end encryption, regardless of whether the connection is over cellular, Wi-Fi, Bluetooth or another wireless technology.

As Adoption Scales Up, So Do Security Risks

Enterprises should make scalability a key consideration when comparing EMM solutions to ensure that they can ramp up if an internal or external wearable initiative grows faster than expected. And if a business decides to provide wearables to all employees who already have a company-issue or BYOD smartphone, their EMM platform immediately would have to support twice as many devices.

Enterprises shouldn’t underestimate how quickly and broadly wearables can scale. McKinsey & Company predicts that the Internet of Things market — which includes wearables — will be worth $33 trillion by 2025, while Gartner expects $2 trillion by 2020. It’s a safe bet that hackers and fraudsters see that as a big opportunity. Any delay in scaling up an EMM platform opens or widens a window of risk.

So does the aforementioned example of wearables that store patient data for hours or days. Windows of risk are something that every organization must shut because it’s a question of when, not if, their security will be tested. Those that ignore or underestimate the need for EMM for wearables risk suffering a security breach. For them, the worst-case scenario is a breach so big that Congress has to act, and they wind up with a law nicknamed after their company.

Unfamiliarity Breeds Risk

One key difference between smartphones and wearables is that the latter is a new type of device for most consumers and businesspeople. That unfamiliarity creates security risks. For example, by now most people know not to open a suspicious-looking email on their PC or click on a link in an unsolicited text message on their phone, but will they know what a threat looks like on their wearable? Probably not now, and probably not for years to come because the user interface (UI) will be limited on many wearables simply due to their size.

A compact UI can’t share as much information about, say, a nearby device that wants to pair, which makes it easier to hide malicious intent. EMM solutions mitigate those kinds of threats. For example, by providing AES 256-bit encryption, EMM solutions make it extremely difficult for a hacker to access information on the device.

Wearables’ Unique Challenges

One challenge for extending the EMM model to wearables is that each device vendor currently has its own management interface, which creates far more fragmentation than in the smartphone world, where there are multiple operating systems. The wearable ecosystem could help maximize security by agreeing on an industry-standard management API that all EMM solutions could leverage. Wearable vendors have a vested interest in enabling that standardization because security breaches will undermine adoption, particularly by enterprises.

The field of potential wearable applications is so limitless that virtually every business, government agency and other organization will eventually use them, just as all of them now use smartphones. EMM solutions have become a must-have tool for smartphones, and they’re about to play the same role for wearables.

Last Word

As wearables become as ubiquitous as smartphones, no organization — including small businesses, large enterprises, non-profits and government agencies — can afford to ignore the security of the data on those devices. Although it’s too early to predict exactly what the wearables landscape will look like, it’s safe to assume that security, privacy and standardization will be critical. Given that EMM has evolved from the need for rock-solid security, that platform is the ideal, natural foundation to address wearables’ challenges and ensure that those devices live up to their potential.

Costis Papadimitrakopoulos is the CEO of Globo.

Blog