The 90s are back thanks to the Pokémon GO app that has grabbed America by their smartphones. Approximately 40% of adults who have downloaded the game are in the 25-and-older category. And 63% of users in the U.S. are female. With so many adults trying to catch Pikachu, chances are you might have employees playing on a personal device used for business communication and transactions. To avoid data breaches, companies may want to establish a stringent security policy when considering a BYOD (Bring Your Own Device) environment.
WHAT IS POKÉMON AND POKÉMON GO:
What started off as a 1996 Nintendo video game, turned playing card game and then TV show, has made a come-back into the application era. Pokémon (short for Pocket Monsters), is a game where you look for creatures, catch them, train them and battle with them. Jump ahead 20 years later – Pokémon GO has the same concept, except it’s using the world around you to enhance your gaming experience.
The game accesses the phone’s GPS to track your location and creates a Google map as the game board. It also uses the phone’s camera to overlay images of Pokémon onto real-world environments. The user needs to travel around town to find all the Pokémon. Hence, it’s dubbed an “augmented reality” smartphone game.
WHY IT IS A SECURITY RISK:
- Knockoff Apps. One common problem for Android users has been downloading apps mirroring Pokémon GO, in Google Play. Through mirror apps, security threats, such as "Hummer", can root phones and install malware apps. This is a security nightmare for businesses supporting Android hardware.
- Data Breaches. When the app first came out, it requested excessive permissions when a user signed on through a Google account. It gained access to search history, documents and pictures, for example. Though the bug has been fixed, it’s possible that extent data breaches took place before the change.
- Best Practices. If a business does not have a BYOD policy, users can install Pokémon GO and other gaming applications on devices used for business purposes. Employees should understand the importance of using company approved software only to avoid unwanted access to intellectual property.
HOW A BYOD POLICY WORKS:
A BYOD policy is set of rules that helps corporate IT departments provide a level of support for employee-owned PCs, smartphones and tablets. The freedom of allowing personal devices might leave you wondering the keys to developing a BYOD policy and how best to implement it. Below are important elements of a secure system:
- Thoroughly scan the device before any machine onboarding.
- Check for any third-party software that could pose a problem.
- Install company approved and managed antivirus software.
- Confirm the device is encrypted.
- Secure mobile devices using group policy. If applicable, make sure the device is set to wipe itself after a certain number of failed logins.
- Enable a remote wipe option in the event the phone is lost or stolen.
SMBs should take BYOD security seriously to keep their email and cloud-based information secure. If you want to protect your information from critters, call us today to discuss how ITS can protect all your devices with Mobile Device Management (MDM) and help your company develop a BYOD policy.