Out of the Box Solutions Blog

Tip of the Week: How Your Secrets Can be Spilled by a Jogging App

Tip of the Week: How Your Secrets Can be Spilled by a Jogging App

When considering your business’ security, it is only too easy to overlook how information of any kind might be compromised. Take, for example, the case study that is provided by the fitness application Strava, the jogging app that shares more data than many, including the United States military, would prefer.

Utilizing GPS-enabled fitness trackers, Strava creates what they call a Global Heatmap that shows user patterns and routes. Trouble is, this Heatmap shows the activity of all users--including those who probably shouldn’t have their location broadcast, like those who are staying at a military base. As a result, those who use the perimeter of the base as a jogging course have inadvertently provided a publicly-accessible sign of the base’s location. Furthermore, the app has managed to map out patrol and supply routes, and provides a rough time frame of when soldiers are where.

While some may argue that the locations of these military bases could be found using Google Maps, at least Google takes a few measures to protect potentially classified information by blurring out the actual base. Strava, on the other hand, displays a pattern of human activity that has many former military members extremely concerned.

This is also not for a lack of oversight, either. For instance, quite a bit of data has been collected from the United Kingdom’s military base HMNB Clyde, which is used as storage for the UK’s nuclear arsenal. Using the app’s route-sharing feature, someone reminded users of security by naming a route “You shouldn’t be using Strava here.”

Another location that has been visibly frequented by Strava users is, perhaps ironically, the National Security Agency.

In response to the tweets outlining these clear security risks, Strava released a statement reminding its users that they are able to control what data is shared to the Heatmap.

This entire scenario serves as evidence of a few things. First and foremost, a security vulnerability can come from the most seemingly insignificant source. As more devices and assorted gadgets are able to collect and aggregate data, it becomes incredibly important for you to know what these devices are capable of and where you should draw the line for the sake of your business’ security.

Secondly, you need to impress to your employees how important it is that they know what they are sharing by using certain apps with certain settings in place. Encourage your staff to do a deep dive into their mobile apps and the permissions each has, and to lean on IT to answer any questions they may have. While it may be less important to your business that an app like Strava can track the location of an employee, it may be critical to it.

For more information into preserving your business’ security, call Out of the Box Solutions at 800-750-4OBS (4627).

Could CES Provide a Look at Tomorrow’s Workplace T...
3 Key Goals for an Internal IT Team
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, October 15 2018

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Technology Business Computing Network Security Tech Term Privacy Cybersecurity Smartphones Internet Android Cloud Malware Communication Productivity Hardware User Tips Efficiency Browser Communications Saving Money Data Microsoft Passwords Managed IT services Small Business Ransomware Blockchain Network Applications Workplace Tips Users Backup Wi-Fi Mobile Devices Mobile Device Social Media Hosted Solutions Business Management Email Employer-Employee Relationship Windows 10 VoIp Innovation Collaboration Business Intelligence IT Support Google VPN Managed IT Service BDR Data Management Outsourced IT Computers Remote Computing Information Patch Management Save Money Computer Data recovery Business Internet of Things Tech Terms Managed IT Services Networking Wireless Automation Compliance Hackers Cortana Artificial Intelligence Analytics Cloud Computing Virtual Assistant Bandwidth Wireless Charging Gmail Cost Management Software Marketing Data Backup Virtualization IT Services Millennials Websites Internet Explorer Inventory Spyware Unified Communications Medical IT Cybercrime Big Data Authentication Backup and Disaster Recovery WannaCry Downloads Server Management Analysis e-waste Edge G Suite Virus Error Tablet Server Sports SaaS Business Technology Safety Settings Threat Troubleshooting Conferencing Data Protection HP RAM Tactics Authorization Hard Drives HIPAA Trends Managed Service disposal Bring Your Own Device Antivirus Excel Plug-In GDPR Printing IT budget Update Office Mobile Security Document Management Microsoft Teams Telecommute Telecommuting Holiday Physical Security SSD Hard Drive A.I. Tip of the week Value Hybrid Cloud Staff Touchscreen Knowledge Office 365 Lead Generation Connectivity Network Attached Storage Proactive IT Phishing Dongle Battery Paper Content Filtering Operating System Paperless Office Company Culture Smartphone eCommerce Maintenance Laptop Comparison Facebook Processors Movies User Tip Cables Microsoft Office 365 Telephony Technology Tips Apps Password Remote Monitoring and Management Storage Data Breach Ink Digital Managing Stress Data loss Workers Online Shopping Router Miscellaneous Specifications Twitter Vulnerability Machine Learning Reporting Database Voice over Internet Protocol Access Control Voice over IP Streaming Media Microsoft Office Dark Web Sales Government PowerPoint IT Management Amazon Gadgets Environment Spam Printers Alert Quick Tips Outlook Disaster Recovery Regulation