Apple Watch: Security Concerns for the Enterprise and Beyond
By now, you’ve no doubt heard about Apple’s latest tech craze: Apple Watch. Revealed during the company’s latest announcement earlier this week, the Apple Watch is expected to revolutionize the mobile world. Available starting April 24, the Apple Watch will appeal to a variety of end users – with prices ranging from $349 (for the aluminum version) to $10,000+ for gold-plated versions.
The Apple Watch will feature many of the same abilities of the iPhone – making/answering phone calls and texts, Internet surfing, and app integration as well as new advanced health monitoring features and Apple Pay. But with a user’s data now on his/her wrist in addition to in his/her pocket, should we be concerned about security?
Let’s start with the good news.
Apple Pay, in and of itself, has been thought out well in terms of security, it seems. Users can opt in to use a PIN number which will need to be entered every time the watch is put on a wrist. So if that watch was stolen, it would be impossible for the thief to make purchases via Apple Pay unless they had a user’s PIN number. According to Apple:
“Even if you lose Apple Watch, your accounts are protected. Because when you set up Apple Pay, you’re required to create a passcode. Each time you take Apple Watch off your wrist, the passcode must be entered to access it. And you can quickly remove your cards on iCloud.com.”
Beyond Apple Pay, though, not much has been said about security with regards to the new device. And with enterprise firms transitioning more and more to BYOD strategies and evolving as part of the mobile world, isn’t it important that we talk about how secure the Apple Watch really is?
For instance, when on a user’s wrist, the watch works by syncing with the user’s iPhone over Wi-Fi and, in some cases, Bluetooth, networks. As Apple has said, the watch doesn’t do much without the phone. Hence, if data is constantly moving between the two devices, should we be concerned about the ability for hackers to intercept any of that traffic? Regular traffic that moves over Wi-Fi networks can be in danger and is a primary reason why many people are careful not to connect to public or other untrusted networks. And if an Apple Watch user needs to be connected to Wi-Fi in order for the watch to operate properly, it certainly seems there is a possibility for data to reside over potentially unsafe networks.
Additionally, I can’t help but wonder what the Apple Watch means for the enterprise community with regards to mobile device management and security. Firms who employ BYOD and allow employees to use their personal smartphones for corporate email are typically strict about what can and cannot be accessed. Many leverage MDM solutions such as Good Technology or Airwatch to protect corporate mail, for example. Will the same solutions be available to protect data that moves from the iPhone to the Apple Watch? Maybe a greater question is how will the Apple Watch affect enterprise mobility on a large scale? Only time will tell, it seems. Regardless, I expect there will still be quite a few crowds lined up outside Apple stores on April 24.
Photo Credit: Wikipedia