Google yesterday formally announced Android Wear 2.0, its revised operating system for smartwatches and other wearables. LG previewed its compatible smartwatches, and we may see more smartwatches from other manufacturers despite pitiful sales of previous Android Wear models. But we’ll surely see reports of the life-threatening dangers that Android Wear brings to your business.
The security industry has been practicing fake news—lies, insinuations, and intentionally misleading “issues” to ponder—about as long as the conspiracy-crazed alt-right and Russian President Vladimir Putin’s cronies have, and certainly longer than the Trump Administration’s inner circle has, much less the emerging alt-left. We used to call it FUD: fear, uncertainty, and doubt. Now it’s called fake news.
Every time there’s a new product, the sirens of security begin wailing in hopes of causing enterprise IT to get shipwrecked onto their product shoals. Don’t listen to those siren songs.
Here’s what enterprises need to know about Android Wear and, for that matter, the iOS-fueled Apple Watch:
- These are consumer devices that have little to no enterprise value. They’re not likely to be part of your technology portfolio, even if some users find them valuable for tracking appointments, getting message alerts, and navigating to meetings.
- Both Android and iOS give you a few basic controls via mobile management policies (which you should have in place anyhow) over information display on these devices, so you can block company-sensitive information from being shown on a watch face that a spy might find valuable. Or you can even block wearables from pairing with corporate-managed smartphones. (That scenario is very unlikely anyhow, but a chancellor or spy chief’s next meeting could have value for another country’s spies; ditto for a corporate CEO’s next meeting in corporate espionage.)
- Android smartwatches have been around for nearly three years and Apple Watches for nearly two. How many breaches have been traced to them? I’ve heard of none. Risk easily abounds in theory, but in practice, not so much.
- Android Wear 2.0 can be used for more than consumer wearables, and industrial products running on Android Wear 2.0 will likely be made. But like other industrial products, these will be heavily customized—like the UPS signature scanners that run Windows Embedded aren’t really Windows, neither are these Android Wear-based devices really Android devices. Their vendors will provide their own proprietary management and security controls, and you get to decide whether they meet your needs. But these will not slip into your offices without your knowledge or oversight like smartphones did.
- Android Wear 2.0 has been in public beta for some time, so if you are still concerned, join the beta program and see what the reality is before you act on any worries. In fact, you should do that for all platforms your employees use, so you become educated on the realities of evolving platforms rather than rely on vendor FUD. There are public beta programs for Windows, MacOS, iOS, and Android that you can easily join.
The reality is that Android Wear is irrelevant to most businesses, both as a platform to use and as a risk to worry about. IT and security pros face a lot more important issues, so stop wasting your time and money on the fake-news risks, and instead consider the real ones, such as phishing, malware, insider breaches, and advanced persistent threats from national governments and cybercriminals.