The Apple Watch – Enterprise Transformation and the Security Factor

In my previous blog A New Model for the Device Driven Enterprise about enterprise apps being written specifically for Apple Watch usage, I linked to an article from September 2014 Apple Watch: The Internet of Things’ new frontier where (InfoWorld’s executive editor) Galen Gruman stated that “Apple’s new Apple Watch — to be released in early 2015 and starting at $349 — is the new orbit around that center [of liquid computing*], bringing computing to an even more personal device than a phone.”

apple watch worn.jpg

A revolution in technology and soon the workplace

As Apple states on their Watch website, massive constraints have a way of inspiring interesting, creative solutions. The highlighted example is the custom-designed chip embedded in the Apple Watch where no traditional computer architecture could fit within such a confined space as the statement configuring an entire computer system on a single chip is an industry first and represents a singular feat of engineering and miniaturization also alludes to just how revolutionary this device appears to be.

The Apple S1 chip is defined as a “system in package (SIP)” – a number of integrated circuits enclosed in a single module. Here is a rendering of the chip inside the watch:



As personal as this technology experience appears to be — categorized on the website as Apple’s most personalized device yet with entirely new ways to stay in touch (to go along with an image of heart beating watch-faces), the launch of the Apple Watch heralds the arrival of what appears to be a grand portion of a whole new enterprise trend, and soon executives and key employees will bring their new Apple Watches into the workplace, including those shiny 18K gold $17K Apple Watch Editions.

And, as with the iPad and iPhone before it (and don’t forget Android devices as well), already stretched-thin IT departments will now be tasked with enabling and consequently securing these devices. So just where does this leave current BYOD and soon to be merged BYOW (wearable) business strategy? Certain technology market solutions providers, as evidenced in my previous blog, have already embraced BYOW in terms of application development for the Apple Watch to go along with their continued development for BYOD. There are of course others (such as Evernote with a note dictation app for the watch) and many more to come. In fact, one provider of mobile management and security solutions has gotten deep in the game as well.

By the numbers

Wearable technology is transforming the enterprise mobility conversation. In a press release dated April 10, 2014, International Data Corporation (IDC) estimated the global market for wearables to exceed 19 million units shipped in 2014 and that it would climb to nearly 112 million units in 2018, a compound annual growth rate of 78.4%.

A Forrester report entitled The Enterprise Wearables Journey from March of this year specified wearables as a legitimate enterprise priority. Where just a year ago, enterprise wearables remained more theoretical than practical, 51 percent of technology and business leaders now identify wearables as a critical, high, or moderate priority for their organization. The report specifies that developer ecosystems surrounding wearable devices will mature by 2017, creating apps, back-end software, and services to support enterprise-class wearables implementations on a broader scale. Organizations with highly mobile employees will likely consider the introduction of wearables into their business process flow as these ecosystems expand and grow.

By 2020, Forrester sees wearables as being commonplace devices among a number of employees at many enterprises. The diversity of these wearables by that time will mean that specialization tailored to the various types of devices as well as market verticals and employee’s roles within these organizations will have likewise become common practice. Smart accessories (as they are classified by IDC) like Pebble Smartwatch, Samsung GALAXY Gear and Sony SmartWatch along with others will also likely play a key role, however the strong focus at the moment is of course on the Apple Watch.

And with these predictions…

This predicted rapid growth of wearables being brought into the enterprise will soon require (or at least move) companies to embrace these connected devices as they did with smartphones and tablets. Likewise, it becomes imperative that IT has policy and management controls available to support wearables, increasing employee productivity and device choice without endangering sensitive corporate data within those enterprise companies that have accepted BYOW as a part of organizational infrastructure to go along with BYOD.

Accellion, a company which develops applications for secure mobile file sharing, recently posted the following infographic to their website concerning wearables as well as them being brought into the workplace:

Accellion smartwatch

Note the final statement that less than half of enterprises, only 41%, have a BYOD policy that can be extended to wearables (which include smart glasses and wristwear). This article Do you need a wearable device policy? addresses just that in this statement:

However, while IT may not be ready for ‘wear your own device’ just as we saw with the adoption of smartphones, data thieves will be quick to target these shiny new, coveted gadgets. No matter where these devices are worn on the human body – from wrists to eyes – security is a key area that requires attention. 

The omnipresent security factor

Security and privacy have of course been major topics of discussion in the world of mobile devices for quite some time now and wearables like smart glasses and smart watches, especially Apple Watches, with the vast number of them that will be worn on business people’s wrists, aren’t immune to these concerns either. As a result of the high demand for the new wearable, analysts and techies alike are likely asking themselves just how secure this type of device will be. This in essence will become a growing concern for enterprise companies and especially their IT departments, as employees bring their Apple Watches along with numerous other wearables that are available today as well as in the near future into the workplace.

Maria Korolov, of CSO magazine, offered a number of security issues that the Apple Watch in particular raises including eavesdropping on watch-to-phone communications, trust of third-party apps and the Apple Watch making the iPhone more vulnerable. Certain concerns are highlighted as follows:

  • Third-party apps could allow hackers to enter a user’s iPhone
  • A badly-designed application could potentially offer a wireless gateway to an iPhone’s contents.
  • Malicious spying apps that plague smartphones could find their way onto an Apple Watch.
  • Hackers could “eavesdrop on watch-to-phone communications” via Wi-Fi and Bluetooth connections between the iPhone and Apple Watch “spoofing” one device for another.

To the last point, Ken Westin, senior security analyst at cybersecurity firm Tripwire stated “The fact the device uses both Wi-Fi and Bluetooth will provide a great deal of interoperability and additional functionality for the watch,” He added “However it also comes at the price of increasing the attack surface for the device.” 

Vulnerabilities will always exist in device conversations in the enterprise, mitigating risks will continue to be of central focus and the CIO will need to team with others on the lines of BYOW, as well as BYOD security. And I have heard some rumblings of the potential need for a CIoT Officer

Productivity transformation and security-in-one

Good Technology, an enterprise mobility management (EMM) and security provider in April announced itself to be the first EMM vendor to support policy management and business-class productivity on Apple Watch devices. Good is providing management and control of Good Work™ email and calendar notifications, while Good Mobile Device Management supports iOS 8.2 MDM controls for Apple Watch as well. According to Good, these capabilities will allow enterprises to implement enterprise-grade security necessary to accommodating the organization’s IT management structure in the ever-changing mobility landscape which includes the predicted influx of wearables.

Christy Wyatt, chairman and CEO of Good Technology stated, “The success of secure mobility for enterprises depends on their ability to embrace new devices and enable seamless, secure access to enterprise data without impacting the amazing consumer experiences of the products themselves.”  She goes on to say, “Good’s leadership in mobile security and rapid pace of innovation enabled us to deliver support for Android Wear with our Good Work app in March. Today we are proud to announce support for the Apple Watch, demonstrating our continued commitment to provide the management and security tools our customers require.”

While users have already begun to lay the groundwork in wearing and no longer just carrying devices into the workplace, the current as well as predicted future demand for smart watches, especially the Apple Watch, will continue to build enterprise focus to competitive mobile strategies. Where BYOW will bring certain enterprise transformation, the coinciding security challenges will also continue to dominate conversation. With reward in technology, now comes that certain measure of risk that continuously needs to be addressed – as we’ve already seen with BYOD.

More to come with developments for the Apple Watch — after InfoComm.

*Gruman’s own coined phrase — if you would like to read more on his concept of liquid computing see Liquid computing: The next wave of the mobile experience.