Wearable devices that can measure productivity, safety, health, location, and other data points, are the perfect tool for employers to monitor their employees. Wearables, such as the Fitbit, Apple Watch, and smart clothing, are not only integrated into everyday life, but also in the workplace. Wearables create a culture of trust and accountability by providing employers with data they can use to identify if employees are overworked, stressed, or anxious. This information allows employers to be accountable of properly managing their workforce and employees to be aware of their health in a way that they otherwise may not be.
As beneficial as the data collected by wearable devices is, the host of privacy problems that the devices introduce appears to be an insurmountable challenge for employers. Wearables collect a lot of simple data and feed it to mobile applications for processing, most commonly through Bluetooth LE technology, according to Bruce Snell, cybersecurity and privacy director of Intel Security Group. Bluetooth LE technology has a multitude of well-documented security flaws, bringing security issues to all of the data being transferred through wearables.
In addition to this fundamental security flaw, wearables are IoT devices, which are known to be vulnerable to several hacking exploits. Typical IoT devices, wearables included, generate and consume data and either pass data between devices or store it in the cloud over unsecured networks. When an employee is on an unsecured network, a hacker can use data, such as GPS data collected from a health app tied to a Fitbit or smart watch, and send an employee an enticing email that includes an infected file. Upon opening the email, the employee could then provide access to all of the data on the wearable to the hacker. This results in vulnerable work files and data, which is every employer’s worst nightmare.
Cyphre’s patent pending BlackTIE® encryption technology addresses this issue and provides the highest level of security for critical IoT data anytime, anywhere – whether on employee computers, on the corporate network, or in the cloud. Integration of the IoT device with BlackTIE® provides the best data security available. Cyphre’s encryption technology protects IoT devices, such as wearables, through the process below.
- A client certificate and key known only to the IoT device are used by the device to authenticate the session with the Cyphre server, thus hardening the device to potential breach.
- Once hardened, the device can store encrypted data on the server, or use the server for encrypted pass-through communications with other devices.
- The IoT device sends and retrieves data through calls to the BlackTIE® API. Nefarious calls to the server are denied because only BlackTIE® maintains the session master key.
- After the fact, data stored on the server is absolutely secure – rendered useless to unauthorized access since it cannot be read without access to the black key.
To learn more about how Cyphre’s BlackTIE® encryption technology protects IoT data, visit our website.