Out of the Box Solutions Blog

Out of the Box Solutions has been serving the Michigan area since 2002, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses

Tip of the Week: How Your Secrets Can be Spilled by a Jogging App

Tip of the Week: How Your Secrets Can be Spilled by a Jogging App

When considering your business’ security, it is only too easy to overlook how information of any kind might be compromised. Take, for example, the case study that is provided by the fitness application Strava, the jogging app that shares more data than many, including the United States military, would prefer.

Utilizing GPS-enabled fitness trackers, Strava creates what they call a Global Heatmap that shows user patterns and routes. Trouble is, this Heatmap shows the activity of all users--including those who probably shouldn’t have their location broadcast, like those who are staying at a military base. As a result, those who use the perimeter of the base as a jogging course have inadvertently provided a publicly-accessible sign of the base’s location. Furthermore, the app has managed to map out patrol and supply routes, and provides a rough time frame of when soldiers are where.

While some may argue that the locations of these military bases could be found using Google Maps, at least Google takes a few measures to protect potentially classified information by blurring out the actual base. Strava, on the other hand, displays a pattern of human activity that has many former military members extremely concerned.

This is also not for a lack of oversight, either. For instance, quite a bit of data has been collected from the United Kingdom’s military base HMNB Clyde, which is used as storage for the UK’s nuclear arsenal. Using the app’s route-sharing feature, someone reminded users of security by naming a route “You shouldn’t be using Strava here.”

Another location that has been visibly frequented by Strava users is, perhaps ironically, the National Security Agency.

In response to the tweets outlining these clear security risks, Strava released a statement reminding its users that they are able to control what data is shared to the Heatmap.

This entire scenario serves as evidence of a few things. First and foremost, a security vulnerability can come from the most seemingly insignificant source. As more devices and assorted gadgets are able to collect and aggregate data, it becomes incredibly important for you to know what these devices are capable of and where you should draw the line for the sake of your business’ security.

Secondly, you need to impress to your employees how important it is that they know what they are sharing by using certain apps with certain settings in place. Encourage your staff to do a deep dive into their mobile apps and the permissions each has, and to lean on IT to answer any questions they may have. While it may be less important to your business that an app like Strava can track the location of an employee, it may be critical to it.

For more information into preserving your business’ security, call Out of the Box Solutions at 800-750-4OBS (4627).

Could CES Provide a Look at Tomorrow’s Workplace T...
3 Key Goals for an Internal IT Team


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Thursday, 24 May 2018

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Privacy Cybersecurity Business Computing Network Security Hardware Internet Ransomware Android Technology Email Wi-Fi Mobile Devices Applications Malware Smartphones Microsoft Managed IT services Employer-Employee Relationship Small Business VPN Data Management IT Services Business Communications Tech Terms Outsourced IT Cortana Passwords Blockchain Windows 10 IT Support Computers Wireless Cloud Save Money Backup Remote Computing Data Saving Money Business Management Cost Management Wireless Charging Data Backup Office 365 Knowledge Content Filtering Environment Virtualization Machine Learning Spyware Websites Business Intelligence Internet Explorer Backup and Disaster Recovery Telephony IT Management Gmail e-waste Server HP Safety Workers Big Data VoIp Threat Hard Drives Voice over IP User Tips disposal Networking Millennials Printing SSD Holiday Document Management Value Lead Generation Telecommute Dongle Physical Security Business Technology Paper Facebook eCommerce Network Attached Storage Patch Management Managed IT Services Paperless Office Social Media Tech Term Virtual Assistant Smartphone Bandwidth Productivity Laptop Ink Twitter Online Shopping Password Tip of the week Digital Database Data loss Government Phishing Innovation PowerPoint Inventory Efficiency Comparison User Tip Browser Cybercrime WannaCry Spam BDR Data Breach Software Data Protection Settings Server Management Specifications Edge Marketing Tactics HIPAA Virus Sales Mobile Security Communication Antivirus Hard Drive Hackers Managed IT Service IT budget Tablet Operating System Battery Automation Conferencing Processors Staff Maintenance Technology Tips Excel Computer Office Artificial Intelligence Vulnerability Cloud Computing Telecommuting Analytics Router Gadgets Users Sports Internet of Things Data recovery Alert Connectivity