Pokemon Go represents a tremendous security threat. As with all tremendous threats, it can also be your greatest opportunity.
I have to admit that Pokemon Go took me by surprise. I had no idea why people just told me they were going out for no apparent reason. Younger people were more blatant, but it was not until early this week that I realized that it was a phenomenon that was impacting the workplace.
People of all ages, including your coworkers, are playing at record rates. Most important, they are bringing the app into the workplace, and using it on cellphones that also access work related information. It is a significant security vulnerability.
That being said, it means that awareness programs are at the front and center to protect corporate assets. At the same time, you can also appear to be the champion for the workers. Security awareness might never be more welcome. Even if people think the app is “stupid”, frequently they have family members or other loved ones playing the game.
People hear about malicious apps spoofing the actual Pokemon Go app. They hear about the app tracking them and having access to all of their data. They hear about people being mugged and finding dead bodies. People are excited, but they are concerned. This is your time to shine.
All security programs, led by the security awareness team, should immediately create information about the security concerns, and what to do about them.
Clearly, there is a focus on mobile device security, but there are also issues concerning privacy, password security, and safety. For this reason, I recommend that you create tip sheets for distribution to all employees. Possible content to include would be:
- Ensure that you only download the official Pokemon Go app
- Ensure that your cellphone operating system is up to date
- As the app preferably uses Google accounts for authentication and tracking, consider creating a Google account just for that purpose
- Ensure that your password is strong
- Review app permissions, and remove as many permissions as possible
- Consider installing anti-malware software on your cellphone
- Be aware of the potential for crime
- Remain alert. Carelessness will cause more injuries than crime
- Never drive while playing the game
- Most important, if your organization uses Google apps, clearly state that employees should never use their corporate account for Pokemon Go or any other games.
You may want to provide references to additional resources for mobile device management, creating a strong password, and other relevant issues. Providing contact information for the security team would be welcome. In defining the additional resources, consider that many people may want to share the information with their friends and family, so avoid using links and resources that are only available on your intranets.
Sign up for MIS Asia eNewsletters.