Siri a Security Risk for IBM
Written by Lucy Black   
Thursday, 24 May 2012

IBM includes Siri on the list of apps it disables on its employees iPhones. Public file-transfer services iCloud and Dropbox are also banned.

In common with many companies, IBM has adopted a "bring your own device" (BOYD) policy. So while IBM hands out BlackBerrys to around 40,000 of its 400,000 employees, a much larger number use other smart phones and tablets that belong to the individual workers rather than the company.

Allowing the personally-owned devices access to internal IBM networks is a problem, as Jeanette Horan, IBM;s CIO and responsible for the company's internal use of IT admits in an interview published in Technology Review.

Horan says that when IBM surveyed several hundred employees using mobile devices, many were "blissfully unaware" of what popular apps could be security risks. Some were violating protocol by automatically forwarding their IBM e-mail to public Web mail services or even using their smart phones to create open Wi-Fi hotspots, potentially exposing data to snooping.

Now Horan's team has established guidelines about which apps IBM employees can use and which they should avoid. Public file-transfer services such as Dropbox and Apple iCloud are disallowed due to IBM fears that using such software could allow sensitive information to get loose.

siriworksicon

 

In addition, before an employee's own device can be used to access IBM networks, the IT department configures it so that its memory can be erased remotely if it is lost or stolen. As part of the process IBM even turns off Siri, the voice-activated personal assistant, on employees' iPhones as the company worries that the spoken queries might be stored somewhere.

"We're just extraordinarily conservative," Horan says. "It's the nature of our business."

But is this security far fetched. Probably not. In order for Siri to answer queried, they do have to be transcribed from voice to data. Apple's License Agreement includes "things you say will be recorded and sent to Apple in order to convert what you say into text" and adds that by using Siri on an iPhone 4S, you agree to "agents' transmission, collection, maintenance, processing, and use of this information, including your voice input and User Data, to provide and improve Siri, Dictation, and other Apple products and services."

As far as the employees are concerned there's a problem. Many of those who buy an iPhone 4S have made this choice because of Siri - so to have it switched off must be galling. 

This isn't just a problem for IBM, the BYOD policy is widespread and other company IT departments are likely to take similar draconian steps in the interests of security. But what if an employee wants to leave a company, or worse still get fired by it? Will their personal software be restored? Will they be able to disable the corporate alternatives without losing personal data?

It seems that this Siri story isn't as amusing as some of the others we have run.

 

siriworksicon

More Information

IBM Faces the Perils of "Bring Your Own Device"

Related Articles

How Siri "Really" Works

Siri - A Horror Movie

Siri for iPhone 4S

 

To be informed about new articles on I Programmer, subscribe to the RSS feed, follow us on Google+, Twitter, Linkedin or Facebook, install the I Programmer Toolbar or sign up for our weekly newsletter.

 

Banner


pg_parquet - Postgres To Parquet Interoperability
28/11/2024

pg_parquet is a new extension by Crunchy Data that allows a PostgreSQL instance to work with Parquet files. With pg_duckdb, pg_analytics and pg_mooncake all of which can access Parquet files, is  [ ... ]



Google Updates Responsible AI Toolkit
01/11/2024

Google has announced updates to the Responsible Generative AI Toolkit to enable it to be used with any LLM model. The Responsible GenAI Toolkit provides resources to design, build, and evaluate open A [ ... ]


More News

 

espbook

 

Comments




or email your comment to: comments@i-programmer.info

Last Updated ( Thursday, 24 May 2012 )