With 100 million in use, should enterprises begin to use Apple Watch to improve remote work security?
Enterprises seeking tools with which to improve endpoint security for the new remote working business environment may want to spend a little time considering the Apple Watch.
Access all areas
My argument is simple: Apple’s growing place in the enterprise means its complementary ecosystems can help support your business. As deal follows deal, the number of iPhones in use across the sector is growing fast, which means millions of workers already have access to the watch.
Watch adoption is also accelerating. There are now 100 million global users, according to Above Avalon analyst Neil Cybart’s estimates. He thinks roughly 10% of the world’s iPhone users and 35% of those in the U.S. already own a watch.
We know what the primary uses of the Apple Watch are: casually keeping an eye on incoming messages, important emails and notifications; fitness tracking and health; payments using Apple Pay; and biometric access to some door systems. (You can also use the watch to open your Mac, or even Windows PCs, and it will soon help unlock your iPhone if you’re wearing a mask.)
“Wrist detection allows the Apple Watch to maintain one’s identification chain as long as it remains in contact with the wearer’s skin,” wrote Cybart. “Going forward, the Apple Watch’s ability to serve as an identity checker can end up being used throughout our day as we interact with different devices, rooms, and objects.”
One of the first security shocks as we began working from home during the pandemic was a surge in phishing attacks, which 80% of businesses said increased in frequency as crooks tested the resilience of these newly distributed systems.
They knew at that time that newly remote workers were left to handle challenges alone, working outside the corporate network while still equipped with access to valuable corporate data. This made phishing profitable in the early chaos of lockdown, and means most enterprises are investing in endpoint security today.
As they do, they are understanding the need to adopt multifactor authentication (MFA), and to deploy biometrics within any single sign-on systems they may use. They also understand that perimieter defense based on traditional models must be supplemented by person-, situation-, location- and even time-based barriers to attack.
If a person who otherwise passes all your other checks seems to want to access your core systems at an unusual time, it’s possible your systems are being undermined.
It’s in this context Apple Watch could become part of your enterprise endpoint security toolkit. It provides unique benefits for such usage: location, biometric identification — even access to personal health data — makes it an increasingly powerful token of trust for at least part of the MFA or SSO authentication process.
‘i’ without phone
It’s not as if this is a technology that needs inventing. The watch is already a trusted device for your Apple ID and since 2018, even Microsoft Authenticator offers Apple Watch support, as does Symantec’s VIP Access (and others). The technology to weave this item into your enterprise security processes already exists.
Apple’s recent decision to give the watch the power to unlock your iPhone in iOS 14.5 pushes the device to a higher place in terms of identity and access control, giving it a little extra clout as an identity provider.
In the future, as Apple Watch inevitably morphs into a standalone product — potentially including the addition of Touch ID sensors — then it should also become more capable as a trust and authentication device. Cybart argues the number of people owning an Apple Watch will grow by up to 250% once it does become a standalone product.
With additional implications in terms of remote employee health, data access and at-a-glance team-based collaboration, it seems plausible to expect at least some of this accelerated growth will come from enterprise deployments, given the device’s developing capacity as a component for tougher endpoint security.