Augmented Reality for Enterprise Alliance Announces the AR Security Infographic
Best practice guidance for security professionals
BOSTON, MA – SEPTEMBER 10, 2024 – The Augmented Reality for Enterprise Alliance (AREA) announced the AR Security Infographic today. This new tool explores the benefits and potential security risks of using AR in the workplace. By carefully considering security before deploying AR solutions, organizations may be able to avoid issues before they occur.
The infographic has ten sections for AR Security. The sections contain the risks and considerations related to the topic within AR. Each section has a summary to the left when it is clicked on. There is a detailed page for the section when clicking the ‘LEARN MORE’ button.
“AR headsets pose unique security risks for businesses. Traditional mobile security isn’t enough,” said Mark Sage, Executive Director of the AREA. “Vendors, IT departments, and users share responsibility for securing AR.”
The sections include:
Attack Surface—Pathways to infiltrate and corrupt data.
- Connection Abuse—Enterprises contain AR devices that connect many mobile devices. Understanding the network connections and potential threats at all levels is essential.
- Physical Breach—AR devices pose unique security risks because they collect real-world data (audio, video, location), unlike traditional IT systems.
- System Breach—AR devices introduce new security risks beyond those of mobile devices.
Data Domains – Nefarious agents use these domains to eavesdrop, pilfer, and exploit enterprises.
- Trust Exploitation/Data Extraction—AR devices pose unique security challenges due to their ability to interact with the physical world.
- External Services/Physical World Data—AR devices collect vast user data through cameras, sensors, and microphones.
- Environment/Object/Visual Manipulation—AR devices introduce unique security risks for businesses. Unlike traditional IT systems, AR devices collect real-world data (audio, video, location) that attackers can exploit.
Considerations –
- Configuration & Management/Integrity Protection—AR devices face mobile device security challenges, including logging, malware detection, and incident response.
- Root of Trust/Physical Security—AR devices require a hardware root of trust for core security functions due to their unique hardware and complexity.
- I/O Security/Identity—AR’s unique hardware and data collection require careful security assessment of all components to minimize confidentiality, integrity, and availability risks.
- Access Control/Monitoring & Analysis—AR’s new voice, gesture, and gaze controls make strong passwords difficult for secure access. Biometrics offers a solution, but integrating them securely company-wide is complex.
The AREA Security Committee member companies and Brainwaive LLC contributed expert insight to completing the AR Security Infographic.
About the AR for Enterprise Alliance (AREA)
The AR for Enterprise Alliance (AREA) is the only global membership-funded alliance helping to accelerate the adoption of enterprise AR by supporting the growth of a comprehensive ecosystem. The AREA accelerates AR adoption by creating a comprehensive ecosystem for enterprises, providers, and research institutions. AREA is a program of Object Management Group® (OMG®). For more information, visit the AREA website.
Object Management Group and OMG are registered trademarks of the Object Management Group. For a listing of all OMG trademarks, visit https://www.omg.org/legal/tm_list.htm. All other trademarks are the property of their respective owners.