Pokémon Go Brings Physical, Data Security Threats to Your Company
NEWS ANALYSIS: The wildly popular phone app from Nintendo now has more users than Twitter and is causing concern where gamers randomly show up in search of Pokémon characters.WASHINGTON—There already are signs at the National Holocaust Museum and at Arlington National Cemetery asking visitors not to play the Pokémon Go mobile augmented reality game while they are there. There are reports that some of our nation's lawmakers were seen playing Pokémon Go on the floor of the U.S. House of Representatives. There have been several armed robberies here of Pokémon Go players by criminals who used the game's features to attract users, who were relieved of their smartphones and other valuables. But the Pokémon Go phenomenon is not specific to Washington. It has become an international craze to the point that it's now the lead story on some television network news programs. To some extent, the game, which has been available for only a week, seems fairly harmless and even seems to have some benefits—it's getting people outside to walk around in search of Pokémon characters. But for your company Pokémon Go has a more sinister side. The game has a huge potential as a cyber-security risk, malware vector, safety hazard, on-the-job time-waster for your employees and a waste of your company's computing resources. Worse, the game may become a gateway into your company's data stores and it can introduce malware that spreads within your network.
According to Chester Wisniewski, senior security advisor at Sophos, Pokémon Go brings threats from two different areas to people who play the game. If those people are your employees, they can bring those threats into your company. One of the most insidious is the fact that a spinoff of Google's parent company Alphabet is the force behind the game and is handling the location and points-of-interest data for the game.