Just a month after IBM decided to block Siri from its internal corporate network to prevent disclosure of sensitive corporate data, F-Secure has warned enterprise users to think twice before using Apple's virtual assistant. According to F-Secure vice president Maria Nordgren, the popular Siri is not suitable for business and enterprise networks.
The reasoning behind such concerns is simple: Siri reads your contacts, knows your calendar by heart, your partner's birthday, your thoughts on some things, and it may also know your company's sensitive secrets. Speaking at a press conference in Helsinki, Nordgren warned that Apple's lack of corporate security policies is a major weakness.
Think Twice
"Four out of ten users don't worry about corporate data and don't think it will leak," said Nordgren, as cited by ZDNet. "Take Siri, it's cute right, I like it but if you ask it a question, the data is not stored on the iPhone - it goes to a datacentre in Oregon."
When you communicate something to Siri, the software takes the voice data and uploads it to Apple's datacenters for processing. There, the data is translated into text and the query is returned back to the device, so Siri can answer your request. All this happens in just a few seconds, depending on the speed of the network used.
Risks
Nordgren further warned about the risks of hackers accessing Siri data. Apple's virtual assistant can be used to search the Web, access your contacts, and it has access to various other sensitive information (take, for instance, a simple question asking Siri to find family planning clinics nearby). All these data can be used to create a wider picture of its user, and you don't even realize how much Siri actually knows.
Apple's ability to access sensitive corporate data of a competitor is even more worrisome, raising the risk factor even higher. "If anyone was interested in that information you're screwed," said Nordgren.
Corporate Security
F-Secure's warnings follow Apple's announcement at its annual Worldwide Developers Conference (WWDC) that its next-generation mobile operating system, iOS 6, will bring Siri to the iPad as well. The iPad is very popular among business and enterprise customers, and while many welcome the new addition, others worry the iPad was safer without Siri, which until now was exclusive to the iPhone 4S.
As previously mentioned, IBM already banned Siri on its corporate network over security concerns. The company feared that Apple and others could potentially access its customers' and employees' requests and unwittingly reveal industrial secrets. IBM has adopted the increasingly more popular bring-your-own-device (BYOD) to work policy and still allows Apple's iPhones and iPads, but Siri posed serious concerns in the company's information security section.