WELCOME TO THE CONTINUITY CENTRAL ARCHIVE SITE

Please note that this is a page from a previous version of Continuity Central and is no longer being updated.

To see the latest business continuity news, jobs and information click here.

Business continuity information

Geolocation risks to enterprises examined

ISACA publishes guidance in ‘Geolocation: Risk, Issues and Strategies’ paper.

50 percent of Smart phone users globally* access location-based applications such as Facebook, Groupon and Google Maps on their mobile devices, and that number is expected to grow significantly. But a new ISACA white paper cautions that regulating the use of geolocation data is still in its infancy, so individuals must be aware of the information they are sharing and enterprises must act now to protect themselves and the information they provide, collect and use.

Geolocation uses data acquired from a computer or mobile device to identify a physical location. Applications using this technology offer consumers greater convenience, discounted prices and easy information sharing, and enable enterprises to deliver more personalized customer service and offers. But as geolocation services become more common, the need for data management and enterprise controls increases significantly.

As ISACA’s new white paper, ‘Geolocation: Risk, Issues and Strategies,’ points out that malicious use of geolocation data can put both an individual and an enterprise at risk. When a person’s personal information, such as gender, race, occupation and financial history, is combined with information from a GPS and geolocation tags, the data can be used by criminals to identify an individual’s present or future location. This raises the potential of threats ranging from burglary and theft to stalking and kidnapping.

“Geolocation is becoming more and more a real source of commercial and financial benefits for organizations, but unfortunately as with any technology that becomes popular, geolocation becomes also more and more interesting for hackers, scammers and spammers,” said Marc Vael, CISA, CISM, CGEIT, CISSP, chair of the Knowledge Board and Cloud Computing Task Force at ISACA. “That is why this ISACA white paper is right on time to bring an independent but constructive view on the risks and issues, as well as and strategies to follow in order to use geolocation in a sensible manner.”

Collecting and using geolocation data poses risk to the enterprise, including:

• Privacy: Geo-tagging is implemented by users, but there may be multiple entities that have access to the data, including the service provider and wireless access points/developers. Users can’t always identify (or aren’t always aware of) the source or owner of their location data.

• Enterprise reputation: When breaches occur or policies have not been communicated clearly to customers, organizations risk negative perceptions of their brand.

• Compromise of sensitive information: The physical location of an enterprise and its remote facilities/equipment can be identified, increasing potential for loss of sensitive information through a variety of attacks.

Download the free ISACA white paper from www.isaca.org/geolocation

•Date: 28th September 2011 • Region: World •Type: Article • Topic: Enterprise risk management

Business Continuity Newsletter Sign up for Continuity Briefing, our weekly roundup of business continuity news. For news as it happens, subscribe to Continuity Central on Twitter.
   

How to advertise How to advertise on Continuity Central.

To submit news stories to Continuity Central, e-mail the editor.

Want an RSS newsfeed for your website? Click here