Be Careful with Virtual Assistants in Your Workplace

Virtual assistants offer a lot of promise as a productivity tool, so it's not surprising that they would begin to appear in the workplace. Alas, these devices have also gained a reputation as a security risk. Whether or not you’ve considered bringing virtual assistants into your organization, you need to prepare for their presence there.

From Apple’s Siri, to the Google Assistant, to Amazon’s Alexa, to Microsoft's Cortana, these voice-activated solutions have appeared in our computers, our mobile devices, and in stand-alone devices.

As they have become more mainstream, their capabilities have grown. Many of these capabilities are admittedly well-suited for the workplace, but the always-on microphones that these devices rely on to function make many pauses. Ultimately, there’s the potential for sensitive data to be sent to a third party if it is merely spoken aloud in this device’s presence.

This has created a dilemma for those wishing to leverage these devices: do the benefits outweigh the potential risks of such an implementation?

Listed below are a few considerations that should help make these risks less of a factor.

Just Another Internet of Things Device

The risks associated with Internet of Things (IoT) devices have been clearly documented. One notable example: the Mirai botnet, which enslaved IoT devices to power its attacks. Moreover, it seems to be easy to forget that these virtual assistants are simply another Internet-connected device.

Nonetheless, if you keep that in mind, you may find it much easier to outline policies for these devices that can help to diminish your potential security risk. For instance, if there is a location in your office where sensitive information is spoken aloud, a virtual assistant shouldn’t be placed there. Additionally, you don’t want to put your organization's network at risk, so it would make more sense to establish a secondary wireless network for these devices to utilize. Thus, even if these devices are infiltrated, the rest of your network isn’t vulnerable as a result.

Whose Devices are They?

Data privacy and ownership is a huge factor in business, which could potentially complicate our issue more. Say an employee were to bring in their own virtual assistant. While this may decrease the business’ capital investment into the use of a virtual assistant, there are a lot of concerns regarding security and privacy. How can you enforce data privacy if the data is being accessed by a device that you can’t control?

Policies Are Your Greatest Asset

In order to keep your company safe, while still embracing the benefits that virtual assistants can bring to the workplace, you need to set firm controls on how they can be used. There should be the assumption that one of these devices can always be listening, leading to a policy of keeping these assistants out of areas where sensitive information is regularly discussed.

This awareness should also spread over to your other devices. There are already plenty of microphones and potential vulnerabilities in the office. Phones can have their firmware hacked, and laptops can have monitoring software installed without your knowledge.

Macro Systems can help you be sure that your organization remains secure against a variety of threats while still enjoying the use of different technologies. Call us today at 703-359-9211 to learn more.