May 24, 2012
IBM Execs Think Siri Is A Little Snitch
Michael Harper for RedOrbit.com
Sure, Apple´s Siri is great. She´s an Intelligent Personal Assistant, capable of arranging your calendar and finding the nearest pizza place, as well as a source of endless night-time fun as you and your buddies at the bar can find all manner of nonsensical questions to ask her. But, is she also a bit of a gossip?IBM´s top executives think so, and therefore have banned their employees from using Siri – as well as some other popular web apps – whilst on their campus.
As reported in MIT´s Technology Review, IBM, like many other companies, has implemented a “Bring Your Own Device” policy, allowing employees to use whatever smartphones and tablets they choose while at work. IBM still hands out the once popular BlackBerry to 400,000 of its employees, but twice as many choose to work outside of their offices on other devices.
This move isn´t saving IBM as much money as they had previously thought. After all, if employees are allowed to use their own devices, IBM doesn´t have to foot the bill. As it turns out, Big Blue now has to face an all-new challenge as they have to manage the security not of the devices themselves, but of the apps the employees are using, like Siri and Dropbox.
According to IBM CIO Jeanette Horan, when the company surveyed several hundred of their employees using their own devices, many were “blissfully unaware” as to the potential security risks these apps posed to their employer.
Now, Horan has established a set of guidelines as to what apps IBM employees can use. For example, Horan worries that files and data stored on the popular file-sharing service Dropbox could potentially get into the wrong hands, placing company secrets in jeopardy. Horan´s survey also discovered several employees who were re-routing IBM´s secure email to popular web mail services so they could access their inboxes on their Android and iOS devices, as well as using these devices to create Wi-Fi hotspots, leaving the back door open to would-be ne´er do-wells.
“We found a tremendous lack of awareness as to what constitutes a risk,” Horan said in the Technology Review.
“We're trying to make people more aware.”
In addition to educating her employees about the risks these apps can pose to their company, Horan has also implemented better security protocols, such as making every employee who brings their own device submit it first to the IT department, who then makes sure the device can be remotely wiped should it become lost or stolen.
The IT department also turns off public file-transfer services, like Dropbox, Apple´s iCloud and even Siri.
“We´re just extraordinarily conservative,” Horan says. “It´s the nature of our business.”
Horan has good reason to suspect Siri could be the source of potential leaks. Apple´s own Software License Agreement admits Siri sends information back and forth to Apple headquarters and may be stored.
“When you use Siri or Dictation, the things you say will be recorded and sent to Apple in order to convert what you say into text,” according to the agreement.
Siri also has access to calendars and contacts to help her keep track of your digital life. Apple doesn´t officially acknowledge how long this data is stored or how it´s kept either.
“By using Siri or Dictation, you agree and consent to Apple´s and its subsidiaries´ and agents´ transmission, collection, maintenance, processing, and use of this information, including your voice input and User Data, to provide and improve Siri, Dictation, and other Apple products and services.”
One of Siri´s original developers, however, feels these privacy issues are nothing new, just the way in which they are presented. Speaking to Wired, Edward Wrenbeck said, “Just having it known that you´re at a certain customer´s location might be in violation of a non-disclosure agreement.”
Wrenbeck then said. “I really don´t think it´s something to worry about.”
“People are already doing things on these mobile devices. Maybe Siri makes their life a little bit easier, but it´s not exactly opening up a new avenue that wasn´t there before.”
As our world becomes all the more connected, companies will likely have to wrestle challenges such as these for the foreseeable future as they try to balance convenience for their employees and security for their business.