Don’t panic, security chiefs: what to do to prepare for the Apple Watch

Security heads must prioritise prevention as we reach the wearable tipping point

As a CIO, which is the dominant emotion felt when you see that first image of a snaking queue outside a retail store; as the devoted wait in the cold, in the rain, in the darkness for the new piece of tech gadgetry that promises to change our lives?

Shared excitement, as the possibility of new applications supercharges your mental workflows?

Or is it silent anxiety? You watch with hope that you don't spy an employee – or exec – in line, for fear of that moment when you're asked by one, five, or a dozen early adopters to bring this piece of alien ware into your network? Great. More endpoints to secure.

The business environment is decidedly consumer-driven – employees demand the same conveniences at work as they have at home. It's one thing to fall back on pre-prepared responses on why a new device can't simply be added to the network when questioned by an eager employee; but what will happen when a member of the executive walks over, rolls up their sleeve and shows off a shiny new Apple Watch that's been paired to their corporate-email-receiving iPhone?

Fanboys and girls will try and stop the security conversation after highlighting the device will only work when a pin is entered every time it's removed from the wrist. As a peripheral piece of tech – in that it gets all its data and information from the accompanying iPhone – its value appears to be limited to the hardware itself. (Particularly if you splash out on the Gold edition.)

But we don't like words like 'seems' and 'appears' in cybersecurity. For all that we're told, we know that any piece of tech is vulnerable once someone smart enough works out how to crack the wireless or Bluetooth connection.

With the advent of the Apple Watch, we're potentially at the tipping point of wearable technology take-up because no matter what you feel as the keeper of corporate technology, it will be the employee-as-consumer that brings this tech and all that will follow it (the wave of imitators has already started) into the workplace.

So, what do you do to prepare for that first conversation in late April?

Arm yourself with what knowledge you can

Seems obvious, but always worth stating as early adopters will often do a wide amount of their own reading, and it pays to equal them, if not know more. We know a reasonable amount about the security features on the Apple Watch so far and that the user can configure a pass code, but it’s yet unclear whether a company’s enforcement of passcodes on iPhones will also apply to the watch. It may be up to the user as to whether or not the watch is secured.

Get your hands on one

At the earliest possible time, arm yourself (no pun intended) with a device to become familiar with its security settings. Again, savvy consumers will find ways to circumvent the security

Prioritise prevention

Do you have an enterprise-wide view of your network? Can you determine all endpoints, and therefore vulnerabilities? Not all systems are designed with prevention in mind, so pick one that allows you to detect and prevent known and unknown threats at every point in the kill chain across the organisation

Sourced from Sebastian Goodwin, director of product marketing, Palo Alto Networks

This article is tagged with: