Out of the Box Solutions Blog

Tip of the Week: How Your Secrets Can be Spilled by a Jogging App

Tip of the Week: How Your Secrets Can be Spilled by a Jogging App

When considering your business’ security, it is only too easy to overlook how information of any kind might be compromised. Take, for example, the case study that is provided by the fitness application Strava, the jogging app that shares more data than many, including the United States military, would prefer.

Utilizing GPS-enabled fitness trackers, Strava creates what they call a Global Heatmap that shows user patterns and routes. Trouble is, this Heatmap shows the activity of all users--including those who probably shouldn’t have their location broadcast, like those who are staying at a military base. As a result, those who use the perimeter of the base as a jogging course have inadvertently provided a publicly-accessible sign of the base’s location. Furthermore, the app has managed to map out patrol and supply routes, and provides a rough time frame of when soldiers are where.

While some may argue that the locations of these military bases could be found using Google Maps, at least Google takes a few measures to protect potentially classified information by blurring out the actual base. Strava, on the other hand, displays a pattern of human activity that has many former military members extremely concerned.

This is also not for a lack of oversight, either. For instance, quite a bit of data has been collected from the United Kingdom’s military base HMNB Clyde, which is used as storage for the UK’s nuclear arsenal. Using the app’s route-sharing feature, someone reminded users of security by naming a route “You shouldn’t be using Strava here.”

Another location that has been visibly frequented by Strava users is, perhaps ironically, the National Security Agency.

In response to the tweets outlining these clear security risks, Strava released a statement reminding its users that they are able to control what data is shared to the Heatmap.

This entire scenario serves as evidence of a few things. First and foremost, a security vulnerability can come from the most seemingly insignificant source. As more devices and assorted gadgets are able to collect and aggregate data, it becomes incredibly important for you to know what these devices are capable of and where you should draw the line for the sake of your business’ security.

Secondly, you need to impress to your employees how important it is that they know what they are sharing by using certain apps with certain settings in place. Encourage your staff to do a deep dive into their mobile apps and the permissions each has, and to lean on IT to answer any questions they may have. While it may be less important to your business that an app like Strava can track the location of an employee, it may be critical to it.

For more information into preserving your business’ security, call Out of the Box Solutions at 800-750-4OBS (4627).

Could CES Provide a Look at Tomorrow’s Workplace T...
3 Key Goals for an Internal IT Team


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Friday, August 17 2018

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Technology Business Computing Tech Term Privacy Network Security Cybersecurity Smartphones Hardware Microsoft Managed IT services Ransomware Communications Android Malware Communication Internet Data Business Management Email Employer-Employee Relationship Passwords Small Business IT Support Business Intelligence Cloud Applications Blockchain Backup Wi-Fi Saving Money Mobile Devices Social Media Network Cortana Hosted Solutions Information Artificial Intelligence Data recovery Internet of Things Windows 10 Networking Analytics Gmail Virtual Assistant Software Wireless Charging VoIp User Tips Innovation IT Services Efficiency Browser Virtualization VPN Managed IT Service Outsourced IT Cost Management Collaboration Data Management Patch Management Data Backup Computers Remote Computing Computer Google Productivity Save Money Business Tech Terms Compliance Wireless Automation BDR Phishing Safety Threat Staff Content Filtering Data Protection RAM Lead Generation Network Attached Storage Tactics Paperless Office Smartphone Comparison Hard Drives Trends Battery Remote Monitoring and Management Processors Telephony eCommerce Laptop User Tip disposal Bring Your Own Device Data Breach Printing Cloud Computing Mobile Security Microsoft Teams Password Reporting Digital Data loss Specifications SSD A.I. Workers Hybrid Cloud Microsoft Office Vulnerability Machine Learning Voice over IP Hackers Connectivity Online Shopping Marketing Value Sales Dongle Paper Operating System Company Culture Amazon Maintenance Medical IT Spam Facebook Movies IT Management Millennials Cables Analysis Spyware Technology Tips Apps WannaCry Server Management Tablet Bandwidth Ink Big Data Users Managing Stress Workplace Tips Router SaaS Edge Virus Conferencing Twitter Server Business Technology Database Voice over Internet Protocol Managed Service HP Streaming Media Settings Plug-In HIPAA Excel Government PowerPoint Managed IT Services Environment Websites Internet Explorer GDPR Antivirus Office Inventory Unified Communications Cybercrime Document Management Telecommute Backup and Disaster Recovery Downloads IT budget Telecommuting Proactive IT Hard Drive Knowledge Office 365 Sports Holiday Physical Security Tip of the week e-waste G Suite Regulation Storage Alert Dark Web Gadgets Error