Avoiding Security Faux Pas with Wearable Tech

Wearable technology opens many doors for consumers, but unfortunately, it also opens the floodgates to risk, hackers and anyone wanting to profit from the information you share via connected devices.

If developers don’t secure their applications, and networks don’t secure the communication between them, wearable tech will quickly gain a reputation for insecurity which will be tough to shake off.

With cyber-attacks being reported almost daily, the public is becoming more conscious of the importance of their data.

Therefore, developers need to reassure the public that they can use wearable technology with confidence because the necessary measures are taken to ensure that no one can access their device, or confidential information, without their explicit permission.

Wearable devices collect and collate huge amounts of data. Take a fitness wristband for example. This can track your current location to accurately monitor your work out, and in doing so, it feeds back a whole lot of data for analysis. If malicious users are granted access to this data through a lack of security, they will be able to identify the times that you are out of your house, putting you and your home at serious risk. Security is vital to ensure that wearable tech doesn’t become a threat rather than a benefit.

How important is it for apps to be developed from the ground up with security in mind?
APIs are how wearable devices communicate data. Therefore, it is vital that wearable tech vendors place security at the forefront of their API plan. Apps developed from the ground up are great for introducing innovative solutions and creative features, but in any digital circumstance, exposing code to external developers also opens the door to potential threats from malicious hackers. This is why it is so important that adequate security technology is installed from the word go.

Are businesses’ IT departments prepared for the security risks posed by wearable technology?
Bringing wearable tech into the workplace only intensifies the headache that BYOD has already triggered for IT managers. Making the situation more complicated is the fact that our risks extend well beyond the devices themselves. A typical gadget may connect to a device through Bluetooth and sync personal information to a cloud service protected by an alternate web login from Facebook or Google, providing a rich set of attack routes in both the physical and online realms. And while a challenge for a professional internet attacker has always been to broker an online hack for physical material gain, wearable technology may provide that physical link directly.

Whether it’s being accessed from outside or inside the office, the responsibility lies with businesses to make corporate data secure. Far too often, companies take a reactive approach to data protection by waiting for hackers to strike, when what they should be doing is proactively securing devices and the way the data is exchanged in the first place.

What are your main recommendations for improving wearable tech security?
Because APIs are the conduit for data transmitted by wearable technology, an API management strategy is key to securing the data flowing between our devices and the Internet. Wearable technologies depend on these APIs to communicate with the Internet, so it’s critical that they are managed, monitored and secured. An API Gateway should be built into the new application from the offset to ensure that data is being transmitted securely. Employing an API Gateway means that only pre-agreed data is allowed to flow in and out of devices. It also guarantees that the information you want to be communicated has a smooth transition, and makes sure that data flows efficiently between devices and the internet.

What is Axway doing to improve wearable tech security?
Axway API Management enables businesses and retailers to build security and data management into their networks and devices from the word go, giving wearable tech the chance to succeed. When in place it governs the flow of data between the devices and the internet, ensuring the integrity of any data from the workplace.

As part of the management solution, the Axway API Gateway provides a platform for deploying and managing APIs, internally and across the firewall, regardless of protocol or authentication mechanism. Then we also provide Axway API Portal, this allows enterprises to monitor exactly which developers are able to access the company’s APIs, ensuring that only trusted third parties can use the shared code to create new applications.

Sharing APIs can be extremely rewarding in terms of new services and new product innovation, which offers increased profits for businesses. Axway’s technology can be beneficial to a broad range of enterprises, from those developing wearable tech, to supply chains, to telcos. But security, effective communication, efficient data transfer and proper data governance are pivotal to the potential for success that the shared APIs will experience.

Source: Mobile Today

Image: Mobile Marketing