The risks of wearable tech in the enterprise

Unfortunately, BYOD or Bring Your Own Device, is still being debated in some organisations that are coming to grips with the shifting enterprise IT landscape and their own cost, risk and compliance environments.

Problem is that the enterprise BYOD horse has already bolted, so to speak. The fact that the usage of mobile devices is outstripping laptops and PCs is nothing new, and this trend is likely to accelerate.

The real challenge for organisations concerned about protecting their intellectual property is in recognising that information security risks are not necessarily reduced with the arrival of new, innovative and intuitive technologies. That intuitive, readily accessible cloud based file storage solution may have it’s place, however the risks from accidental or deliberate security breaches are very real.

For organisations that retain competitive advantage through protecting intellectual property in one form or another should be proactively shaping their information security policies and processes to meet the challenge before it arrives.

• The gradual demise of the once giant Nortel through the persistent siphoning off of intellectual property by alleged Chinese hackers over a 10 year period should be a salutary reminder that nothing should be taken for granted in the realm of information security.

For the public sector, the term ‘intellectual property’  generally has its equivalent in privacy, security and other confidentiality mandates.

Wearable Technologies – the new enterprise IT disruptor?

Wearable technologies are nothing new.  The humble wristwatch could be described as the first and probably most widely used item of wearable technology.  It blends utility with style, and plays a part in saying something about who you are (or want to be) whether you are wearing a $10 digital throw-away watch or a $6,000 Rolex.  Fashion accessories that integrate internet connectivity, miniaturized technologies, software and relevant information are already seeing the emergence of products such as Google Glass and the Smartwatch.

The use of these consumer-led technologies in organisations concerned about confidentiality, privacy and intellectual property protection should be considered carefully.

Banning the use of new and emerging technologies is not likely to be effective, however the evolution of your enterprise information security policies, together with the appropriate eduction of  all working within the organisation, whether employee, contractor, outsource provider, or any other party for that matter should be the starting point.

When it comes to proactively managing wearable technologies in the enterprise, here are few pointers for you to consider

1. This is NOT an IT issue to be solved solely by your IT department

The IT department has little to no real control over who brings what consumer technologies to the workplace, whether in their carry-case, wrist or pocket. This is an organisational issue requiring an organisational response. Executive accountability need to be assigned, and not just to the CIO or IT Manager.

2. Chasing the dragon

The demand for useful, innovative, consumer technologies is never ending. Those that are hooked on the latest ‘big thing’ in the IT world can bring their influence to bear on others within the organisation, leading to shadow IT.  It’s inevitable

3. Shift the focus from technical risk to Systemic risks

Technical Risk: “All systems are running perfectly, Captain!”
Systemic Risk:  “What iceberg Captain?”

It probably is a good idea to make sure that your Executives and managers across the organisation understand the key difference between systemic and technical risks.
The blurring of the lines between consumer based technologies and, so called enterprise technologies is only beginning, and organisations that understand the trend, what to do about it, and not just rely on (or blame) enterprise IT for delivering results ‘because it’s using the internet or technology’ may be a self limiting approach in the medium term.

BIO:  Rob Livingstone, a former CIO is the owner and principal of Rob Livingstone Advisory, an independent Sydney based IT advisory practice, and a Fellow of the Faculty of Engineering and Information Technology at UTS. Subscribe to Rob’s monthly newsletter at


Join the CSO newsletter!

Error: Please check your email address.

Tags hackersRob LivingstoneGoogle GlassBYOD securitysmartwatchBring Your Own Devices [BYOD]

More about GoogleNortelRob LivingstoneTechnologyUTS

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Rob Livingstone

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place