At least 32% of Americans use a wearable device and from all indications, wearable devices usage would increase rapidly in the coming years. For one, the number of wearable devices globally is forecast to exceed a billion by 2022.
There has been wide adoption of these smart devices because of their many benefits: improving health and overall well-being, boosting productivity, and so on. They are also portable, efficient, and ubiquitous.
However, most users do not realize what risks they incur with their smartwatches, smart wrist bands, smart glasses, hearables, and so on.
Most wearable devices are a security risk because they have access to sensitive personal data, can be accessed remotely, and lack adequate security protocols.
1. Access to personal data
Wearable devices are so tiny, yet hold enormous amounts of data. Most of the devices have extended their capabilities beyond their primary functions and could have personal information of their users, such as social security numbers and bank account and credit card details.
A watch is an instrument for measuring time, but a smartwatch can essentially be a digital assistant that enables you to read emails and social media messages, and even pay for goods and services online, among other functions.
Fitness trackers, step counters, and other wearable devices for monitoring health also hold a lot of sensitive data that spell trouble if compromised.
2. Internet connectivity
Wearable devices depend on cloud and Bluetooth networks to transmit and process data, and they remain connected for constant data syncing.
These wireless networks are mostly unsecured and provide an avenue for hackers to gain access to a device remotely and without suspicion. Most wearable devices are connected to a smartphone, and a breach on either end can make a hacker intercept and manipulate shared data.
These smart devices also pose a challenge in the workplace. By connecting an unsecured device to the office network, an employee can inadvertently compromise the company’s security.
3. Lack of adequate security protocols
Wearable devices, or say, Internet of Things devices generally, are built around functionality and efficiency, with little focus on security, if any at all. For all the data they collect, one would think they come with a basic security assurance, but that is not the case.
However, that is changing now, slowly, as many new wearables are being fitted with security protocols. But they are still not quite there yet. Most wearable devices still lack high-level security such as two-factor authentication, biometrics verification, and data encryption, and merely using them is a security risk.
Protecting your Wearable Devices
1. Keep sensitive data away
Wearable devices, (particularly the ones for health monitoring), under the guise of protecting you, often request more information than is necessary. But it is hardly ingenious to have such sensitive data as your social security number saved on your smartwatch or wrist band.
Likewise, online payments should be rather made via your smartphone or PC where you are assured better security. For every personal detail you enter on your wearable device, be sure that the company holding the data actually needs it for the service they are providing you.
2. Use secure devices and networks
Newer models of wearable devices are now prioritizing security. In purchasing wearable devices, go for ones that ensure that only you have authorization over the device (remotely and otherwise).
Security features that you should look out for include two-factor authentication, biometrics security, account lockout after multiple failed access attempts, etc. Also, avoid connecting to insecure (public) networks; there are no VPNs for wearable devices to protect you if you do.
3. Install updates regularly
It is important to install updates as soon as they are available. These patches usually contain security updates that protect your devices against new vulnerabilities.
4. Password security
- Keep your passwords safe.
- Use strong password combinations (easy to remember, hard to guess).
- It is advisable to use a different password for each device.
- Change passwords periodically.
5. Data Encryption and Backup
Data encryption takes password protection further. Even if a hacker does somehow access your device, they would not make sense of the data without having the decrypting password, which you must have kept safely.
Backing up data mitigates the effect of a data breach; if you are somehow attacked, you can regain lost data via backups.
6. Protect your smartphone
Wearables are usually connected to your smartphone, and even if the wearable device is protected, an unguarded smartphone is still an attack entry point.
Basic mobile security steps include not connecting to unsafe networks, installing apps from only credible sources (Play Store or iOS App Store), and so on.
The major problem facing the security of wearable devices is the lack of regulation. With no global standards concerning security for wearable devices yet, manufacturers get away with releasing unsecured devices.
However, you can protect yourself by ‘choosing substance over style’ when you are purchasing a wearable device and by applying the basic security practices explained above.
Security is an ongoing responsibility, so you must also be alert, particularly if your device exhibits suspicious behavior. Prevention is always the safest.
This content is accurate and true to the best of the author’s knowledge and is not meant to substitute for formal and individualized advice from a qualified professional.
© 2020 Mark Robinson