Google Glass as a security, privacy concern for the enterprise

Protecting employee data is low on the priority list for firms, says panel
Tools

SAN FRANCISCO-- Employees bringing Google Glass into the enterprise could pose more security and privacy risks than employees with their smartphones and tablets, explained Sharon Anolik, president and founder of Privacy Panacea.

Of particular concern is the ability of Google Glass to record video surreptitiously, Anolik told FierceMobileIT.

Privacy and security "concern for enterprises has increased as mobile devices of all sorts have become more prevalent in the workspace. The reason Google Glass poses some additional concerns is that the environment is not aware of what is being recorded at any given time. That could pose concerns for the individuals in the workplace who don't know if they are being recorded, and for the companies, they don't know what is being viewed on the screen," Anolik relates.

Even if the company puts in place a policy that says employees with Google Glass have to turn off the record mode when at work, "how would they police that, how would they monitor that? It makes it more difficult for a company to manage what is happening in their workspace."

While firms might be concerned about the privacy implications of Google Glass, they don't seem as concerned about the privacy implications of the data they hold on their employees. In fact, protecting the security of employee data is well down on the list of security and privacy priorities for firms, Anolik told a session at the CITE Conference being held here this week.

"Most of the companies I have consulted for, when they prioritize their privacy policies, their internal employee data always falls to the end of the list and usually doesn't get addressed, across the board, across industries," Anolik says.

"Most of the companies I have consulted for, when they prioritize their privacy policies, their internal employee data always falls to the end of the list and usually doesn't get addressed, across the board, across industries," Anolik says.

Jane Allen Carlock, partner and principal with PricewaterhouseCoopers and a panel member, agrees. "In our experience, employee data is one of the first populations that might go out to a cloud provider…I was just dealing with a client that had an employee data breach that came from a third-party cloud provider."

Bob Bragdon, publisher of CSO magazine and moderator of the panel, noted that employee data is the most attractive to cybercriminals but the least important to companies. "What is most [often] stolen is employee data, but what is least invested in [by companies] protecting is internal employee data. The investment is all focused on protecting external data."

Anolik recommends that companies prioritize the protection of employee data and backed that protection early in the software development lifecycle. Unfortunately, "not all companies are willing to do that. They don't see the ROI; they are willing to take the risk and pay for or deal with it later."

Related Articles:
Wearable technology--what's right for your workplace?
Google Glass for sale on Tax Day
Google Glass in the office? Get legal on board