What is Kaspersky’s cybersecurity policy for bionic devices?
Kaspersky, a global cybersecurity and digital privacy company, has become one of the first organisations to address the challenge of human augmentation, by presenting a comprehensive cybersecurity policy.
The new policy aims to enhance the workforce while also considering employees’ security and welfare when using bionic devices in the office.
What are bionic devices?
Bionic devices are something that replaces or augments a part of the human body with an artificial device or implant. This includes medical technology such as pacemakers, artificial sensory organs – visual prostheses or hearing aids – or bionic limb prostheses, but also devices such as chip implants and near-field communication (NFC) devices, which some organisations have introduced for identity and access management (IAM).
What is Kaspersky’s new policy?
The policy governs procedures for using bionic devices within the company and aims to reduce the associated cybersecurity risks in business processes.
The proposed document addresses the entire company’s infrastructure and all of its business units. As a result, it applies to the full access control system, as well as administration processes, maintenance processes, and the use of automated systems. The policy is to be applied to both employees and temporary staff, as well as employees of third-party stakeholders that render contract services to the company. All these factors aim to enhance the cybersecurity of the corporate infrastructure on a larger level.
Some of the policies include:
- The introduction of colour-coded security zones at Kaspersky sites, and how NFC chips can be used to access each level, from visitor parking through to lobbies and communal areas, and sensitive zones such as server rooms.
- Security specifications to be applied to NFC chips, including device ID, and whether or not the device supports strong cryptographic encryption standards.
- Patch management procedures for bionic devices, with a sliding scale of prioritisation based on the CVSS scores of disclosed vulnerabilities.
- Guidance for employees with bionic prostheses, internal organs or sensory organs, covering situations such as passing through metal detectors where used.
Marco Preuss, Director of Kaspersky’s Global Research & Analysis Team (GReAT) in Europe, declared: "Human augmentation is a burgeoning area of technology which in fact remains underexplored. That’s why making a first step towards clarifying issues related to its use, as well as strengthening security, will help us to ensure its potential is used in a positive way. We believe that to build a safer digital world for tomorrow, we need to digitally secure the future of human augmentation today."