IT Today Catalog Auerbach Publications ITKnowledgebase IT Today Archives Book Proposal Guidelines IT Today Catalog Auerbach Publications ITKnowledgebase IT Today Archives Book Proposal Guidelines
Auerbach Publications


IT Performance Improvement



Networking and Telecommunications

Software Engineering

Project Management


Free Subscription to IT Today

Powered by VerticalResponse

Share This Article

Social Software Engineering: Development and Collaboration with Social Networking, Jessica Keyes, ISBN 9781439853757, $89.95
How to Reduce the Cost of Software Testing, Matthew Heusser and Govind Kulkarni, ISBN 9781439861554, $69.95
Information Security Management Handbook, Sixth Edition, Volume 5, Harold F. Tipton and Micki Krause Nozaki, ISBN 9781439853450, $89.95
Making Your Data Center Energy Efficient, Gilbert Held, ISBN 9781439855539, $69.95
Implementing Electronic Document and Record Management Systems
Cloud and Virtual Data Storage Networking, Greg Schulz, ISBN 9781439851739, $79.95
Internet Retail Operations: Integrating Theory and Practice for Managers, Timothy M. Laseter and Elliot Rabinovich, ISBN 9781439800911, $69.95

Take Action to Avoid Mobile Device Geolocation Risk

September 29, 2011 - Twenty-eight percent of U.S. adults use location-based applications like Facebook and Google Maps, and that number will grow. A new ISACA white paper cautions that regulating geolocation data is in progress, so individuals and enterprises must be aware of the information they provide, collect and use. Geolocation uses data to identify a physical location. It offers consumers convenience, discounts and easy sharing, and enables enterprises to deliver personalized services. But this increases the need for data management and controls.

As ISACA’s white paper, "Geolocation: Risk, Issues and Strategies," notes, malicious use of geolocation data can increase risk. When information (gender, race, occupation, financial history) is combined with a GPS and geolocation tags, criminals can identify a location, increasing the potential of espionage, burglary, theft, stalking and kidnapping.

"As mobile device and geolocation use grows, more information becomes available to hackers and unauthorized users," said Marios Damianides, past international president, ISACA, and partner, Advisory Services, Ernst & Young. Proposed U.S. legislation restricts whether companies can store location data from mobile devices, and a proposed amendment to the Children’s Online Privacy Protection Act (COPPA) addresses the collection of geolocation data from children under 13.

Collecting and using geolocation data pose risk to enterprises, including:

  • Privacy: Multiple entities have access to geo-tagging data, including service providers and wireless access developers. Users can’t always identify the source or owner of their location data.
  • Reputation: Enterprises risk their brand/reputation, when breaches occur.
  • Compromise: Secret locations and remote facilities/prototypes can be identified.

"We live in a mobile world and geolocation is here to stay. It has benefits for individuals and enterprises, but if not managed properly, the risk is substantial," said Ramsés Gallego, member of ISACA’s Guidance and Practices Committee and security strategist and evangelist, Quest Software.

Enterprise Tips

  • Implement safeguards, leverage COBIT for policy development.
  • Update the security of device operating systems and software.
  • Make sensitive data (personal, financial, confidential) unreadable or inaccessible.
  • Respect differing global privacy regulations.
  • Implement a risk management policy that identifies where geolocation services add value and where they should be disabled.

Consumer and Employee Tips
ISACA advises people to follow a five-step "route" for informed use of geolocation:

  • Read mobile app agreements, know what information you share.
  • Only enable geolocation when benefits outweigh risk.
  • Understand that others can track your current and past locations.
  • Think before posting tagged photos to social media sites.
  • Embrace the technology, and educate yourself and others.

"There are great consumer advantages of geolocation, such as photo tagging and directions," said Robert Stroud, past international vice president, ISACA, and vice president, Strategy and Innovation, CA Technologies. "However, many consumers are unaware of the risk and need to educate themselves."

Related Reading

Separating Backup and Archiving: Securing Your Digital Information

E-mail Management

Implementing Electronic Document and Record Management Systems

© Copyright 2011 Auerbach Publications

© Copyright 2011 Auerbach Publications