Send Us An Email

Give us a call

Headquarters

OnSite I.T. Blog

Tip of the Week: How Your Secrets Can be Spilled by a Jogging App

Tip of the Week: How Your Secrets Can be Spilled by a Jogging App

When considering your business’ security, it is only too easy to overlook how information of any kind might be compromised. Take, for example, the case study that is provided by the fitness application Strava, the jogging app that shares more data than many, including the United States military, would prefer.

Utilizing GPS-enabled fitness trackers, Strava creates what they call a Global Heatmap that shows user patterns and routes. Trouble is, this Heatmap shows the activity of all users--including those who probably shouldn’t have their location broadcast, like those who are staying at a military base. As a result, those who use the perimeter of the base as a jogging course have inadvertently provided a publicly-accessible sign of the base’s location. Furthermore, the app has managed to map out patrol and supply routes, and provides a rough time frame of when soldiers are where.

While some may argue that the locations of these military bases could be found using Google Maps, at least Google takes a few measures to protect potentially classified information by blurring out the actual base. Strava, on the other hand, displays a pattern of human activity that has many former military members extremely concerned.

This is also not for a lack of oversight, either. For instance, quite a bit of data has been collected from the United Kingdom’s military base HMNB Clyde, which is used as storage for the UK’s nuclear arsenal. Using the app’s route-sharing feature, someone reminded users of security by naming a route “You shouldn’t be using Strava here.”

Another location that has been visibly frequented by Strava users is, perhaps ironically, the National Security Agency.

In response to the tweets outlining these clear security risks, Strava released a statement reminding its users that they are able to control what data is shared to the Heatmap.

This entire scenario serves as evidence of a few things. First and foremost, a security vulnerability can come from the most seemingly insignificant source. As more devices and assorted gadgets are able to collect and aggregate data, it becomes incredibly important for you to know what these devices are capable of and where you should draw the line for the sake of your business’ security.

Secondly, you need to impress to your employees how important it is that they know what they are sharing by using certain apps with certain settings in place. Encourage your staff to do a deep dive into their mobile apps and the permissions each has, and to lean on IT to answer any questions they may have. While it may be less important to your business that an app like Strava can track the location of an employee, it may be critical to it.

For more information into preserving your business’ security, call OnSite I.T. at (403) 210-2927.

Could CES Provide a Look at Tomorrow’s Workplace T...
3 Key Goals for an Internal IT Team
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Sunday, 22 December 2024

Captcha Image

Mobile? Grab this Article

QR Code

Customer Login

Latest Blog

Having tools that help enhance your ability to support your customers is rarer than you may expect. One of the best tools a lot of businesses employ is Customer Relationship Management (CRM). The CRM system can transform how a business operates, but ...

Contact us

Learn more about what OnSite I.T. can do for your business.

OnSite I.T.
429 14th St. N.W. #104
Calgary, Alberta T2N 2A3, Canada