Thank you for your interest in the AREA-Directed Research Program – this round of RFP submissions closed as of February 6, 2016.

 

Invitation

The AREA seeks to receive proposals for a funded research project that its members will use to better understand relevant data security risks associated with wearable enterprise AR and mitigation approaches.  

Organizations with expertise in the field of data security risks and mitigation and adjacent topics are invited to respond to this invitation by February 6, 2017 using the guidelines provided on this page.

Background

There is a high level of concern about risks to enterprise data security when introducing or using mobile, wearable enterprise AR systems. This issue was raised recently when the U.S. Senate Commerce Committee held a hearing on AR in November of 2016. All enterprise customers want to reduce or eliminate the potential risk, and most provider segment members of the AREA are not specialized in data security issues/topics. 

Unfortunately, there is very little known or documented about the subject.

Goals

The goals of the AREA-directed research project are:

  1. To clarify for those who are unable to answer elsewhere their key questions about enterprise data security risks when introducing enterprise AR using wearables (since these are not included in the current device security systems)
  2. To define and perform preliminary validation of protocols that companies can use to conduct tests and assess risks (real or perceived) to data security when introducing wearable enterprise AR systems 

Deliverables

The result of the research undertaken will produce three deliverables: two reports and a protocol:

  1. An AREA-branded in-depth report
    1. Building upon prior AREA research conducted through interviews and an on-line survey in January and February 2016 and compiled in a report by a data security expert.
    2. Using existing data security industry frameworks and terminologies, list and define the types of data security risks that may be of concern to IT managers when asked to manage AR delivery devices and assets
    3. Classify the known and potential threat to data security according to potential severity levels, noting any factors that could increase or reduce the threat level.
    4. Propose preliminary and in-depth risk mitigation measures that enterprise IT groups can follow.
  2. An AREA-branded protocol (a defined set of rules) for testing wearable enterprise AR devices for their hackability or data exposure threat levels
  3. An AREA-branded report documenting the use of the proposed protocol to test at least three devices for their security exposure threat levels.

These deliverables will become the basis for meaningful and productive discussion about data security risks between customers and providers so that open issues can be addressed and data security risks reduced.