Out of the Box Solutions Blog

Tip of the Week: How Your Secrets Can be Spilled by a Jogging App

Tip of the Week: How Your Secrets Can be Spilled by a Jogging App

When considering your business’ security, it is only too easy to overlook how information of any kind might be compromised. Take, for example, the case study that is provided by the fitness application Strava, the jogging app that shares more data than many, including the United States military, would prefer.

Utilizing GPS-enabled fitness trackers, Strava creates what they call a Global Heatmap that shows user patterns and routes. Trouble is, this Heatmap shows the activity of all users--including those who probably shouldn’t have their location broadcast, like those who are staying at a military base. As a result, those who use the perimeter of the base as a jogging course have inadvertently provided a publicly-accessible sign of the base’s location. Furthermore, the app has managed to map out patrol and supply routes, and provides a rough time frame of when soldiers are where.

While some may argue that the locations of these military bases could be found using Google Maps, at least Google takes a few measures to protect potentially classified information by blurring out the actual base. Strava, on the other hand, displays a pattern of human activity that has many former military members extremely concerned.

This is also not for a lack of oversight, either. For instance, quite a bit of data has been collected from the United Kingdom’s military base HMNB Clyde, which is used as storage for the UK’s nuclear arsenal. Using the app’s route-sharing feature, someone reminded users of security by naming a route “You shouldn’t be using Strava here.”

Another location that has been visibly frequented by Strava users is, perhaps ironically, the National Security Agency.

In response to the tweets outlining these clear security risks, Strava released a statement reminding its users that they are able to control what data is shared to the Heatmap.

This entire scenario serves as evidence of a few things. First and foremost, a security vulnerability can come from the most seemingly insignificant source. As more devices and assorted gadgets are able to collect and aggregate data, it becomes incredibly important for you to know what these devices are capable of and where you should draw the line for the sake of your business’ security.

Secondly, you need to impress to your employees how important it is that they know what they are sharing by using certain apps with certain settings in place. Encourage your staff to do a deep dive into their mobile apps and the permissions each has, and to lean on IT to answer any questions they may have. While it may be less important to your business that an app like Strava can track the location of an employee, it may be critical to it.

For more information into preserving your business’ security, call Out of the Box Solutions at 800-750-4OBS (4627).

Could CES Provide a Look at Tomorrow’s Workplace T...
3 Key Goals for an Internal IT Team


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Tuesday, January 22 2019

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Technology Business Computing Network Security User Tips Tech Term Privacy Productivity Internet Efficiency Smartphones Cybersecurity Mobile Device Malware Browser Android Hardware Communication Microsoft Data IT Support Cloud Ransomware Network Email Small Business Business Management IT Services Communications Collaboration Applications Managed IT services Users Innovation Data Backup Backup Google Saving Money Wi-Fi Mobile Devices Data recovery Internet of Things Passwords Wireless Windows 10 Holiday Software VoIp Marketing Workplace Tips Cloud Computing Outsourced IT Business Intelligence Social Media Managed IT Services Blockchain Hosted Solutions Information Business Employer-Employee Relationship Networking Hackers Medical IT Facebook Smartphone Artificial Intelligence Apps Virtual Assistant Password Cost Management Analytics Bandwidth Managed Service Mobility Wireless Charging Managed IT Service Remote Computing Compliance Patch Management Virtualization VPN Computer BDR Data Management Remote Monitoring and Management Computers Cortana Tech Terms Save Money Access Control Microsoft Office Gmail Automation Connectivity Wearables Specifications Lead Generation Network Attached Storage Operating System Company Culture Workers Staff Dongle Paper Movies Authentication Paperless Office Maintenance Analysis Certification Voice over IP Battery Error Gadgets Processors Cables BYOD Sales eCommerce Laptop Technology Tips SaaS Healthcare Managing Stress Troubleshooting Millennials Ink Twitter Authorization Digital Data loss Router Streaming Media Vulnerability Machine Learning Database Voice over Internet Protocol Plug-In Wireless Internet Tablet Online Shopping GDPR Data Security Conferencing Environment Update Business Technology Government PowerPoint Inventory Unified Communications Spam Websites Internet Explorer Training IT Management Backup and Disaster Recovery Downloads Touchscreen Spyware Cybercrime Proactive IT Help Desk Excel Office WannaCry Server Management e-waste G Suite Outlook Big Data Sports Server Data Protection RAM Telecommuting Edge Virus Safety Threat Security Cameras Hard Drives Trends Microsoft Office 365 Tip of the week HP Tactics Business Continuity Knowledge Office 365 Settings Storage Content Filtering HIPAA disposal Bring Your Own Device Profitability Phishing Comparison Mobile Security Microsoft Teams Miscellaneous Antivirus Printing Reporting Word SSD A.I. User Tip Document Management Telecommute Upgrade Telephony IT budget Dark Web Hard Drive Value Hybrid Cloud Amazon Eliminating Downtime Data Breach Physical Security Printers Quick Tips Personal Information Disaster Recovery Regulation Alert