White House: Strava heat map is a "security risk"
The White House is “absolutely” weighing responses to the security conundrum raised by the smartphone fitness app, Strava, since “it’s really clear that that heat map is a security risk,” Rob Joyce, Trump's Cybersecurity Coordinator of the National Security Council, told Politico’s Eric Geller.
Driving the news: Strava's GPS technology has left some U.S. military personnel and bases exposed abroad — in Syria and Afghanistan, for example.
Joyce said that “policy evolution is needed,” but that “it is important to make good security policy balanced by not over reacting too.” Pentagon spokeswoman Maj. Audricia Harris said it took "matters like these very seriously and is reviewing the situation to determine if any additional training or guidance is required," BBC News reports.
Military risk: The GAO has previously assessed the security risks associated with the Internet of Things and wearable devices as they relate specifically to the Department of Defense.
- Per the report, "risks with the devices include limited encryption and a limited ability to patch or upgrade devices. Risks with how they are used—operational risks—include insider threats and unauthorized communication of information to third parties."
- The key point: The DoD "has not conducted required assessments related to the security of its operations."
During a morning news conference at the Pentagon, Army Col. Robert Manning III said that that DoD personnel are "advised to place strict privacy settings on wireless technologies and applications.” He added that service members are also prohibited from wearing such wireless technologies in some areas and during some operations.