Connecticut Office CALL US AT (203)-295-5050 | New York Office (646)-693-1950
Home - Article

Featured Article

July 15, 2016

Security Advisory: Say No to Pokemon GO in the Office

Take a look around your building today and you’re bound to see countless people walking around with their heads down, staring at their phones. The majority of these people aren’t checking their email or browsing the Web...they’re playing a game called Pokémon GO—a highly addictive mobile application from Nintendo, which is now a global phenomenon.

What makes Pokémon GO so appealing is that it allows gamers to experience augmented reality (AR). Pokémon characters appear on a mobile interface as if they are actually walking down a surrounding street or sitting on someone’s shoulder in real time. In the game, players hunt and collect Pokémon characters on an interactive map that works in conjunction with their local environment.

While AR technology has been around for many years, up until this point it was mostly used for learning or business purposes. With Pokémon GO, the public is now getting a taste of how AR can enhance mobile games. And this is at the root of why Pokémon GO is so popular; it’s the excitement about AR technology, combined with the nostalgia of Pokémon, which is creating massive interest from consumers. Just two days after its release in July, Pokémon GO was already installed on 5.16 percent of all U.S. Android phones. And it now has at least twice as many downloads as Tinder. There is no sign that consumer interest is fading.

So, why should you care about Pokémon GO?

The application is living on your employees’ personal and company-owned mobile devices. It’s accessing your network, and is being used throughout the day by workers across all areas of the organization—from entry-level workers to C-level executives.

Third-party mobile applications always come with inherent security risks, and Pokémon GO is no exception. First and foremost, there is widespread concern among security professionals about the amount of information that the Pokémon GO application collects on end users. For instance, the game asks to collect the user’s contact information and location. It can also read, modify and delete USB storage contents. Plus, Pokémon GO makes other invasive requests for things like full network access and the ability to see who else is using the network. And until recently, Pokémon GO was also accessing  end users’ Google accounts, including Gmail and Google Docs.

What’s more, the application can be considered a security threat because of the fact that players must use a camera to catch Pokémon. Employees may not always think about their physical setting before capturing a Pokémon and saving the image to his or her phone, or sharing it on social media. As a result, they may accidentally expose client or customer data in the background, or information that should not be shared with outside eyes—like new products or trade secrets. This is especially problematic in financial institutions, healthcare facilities, government organizations and technology companies.

Still, there are more security issues that you need to be aware of.

Right now, for instance, there is a malicious version of the application in circulation that is a major risk to Android devices. According to Wired, this version uses code to install backdoor links for hackers, leaving end users vulnerable. The backdoor links essentially grant hackers full control over the phone. Many of your end users could be using this insecure version of Pokémon GO.

So while Pokémon GO may be fun for your employees, it’s just not worth the security risks that come with it. Consider laying down the law in the name of cybersecurity, and instructing your employees to close their applications before coming into work so they cannot access the network. All Pokémon GO applications should be removed from company-owned devices, too. And employees should take this time to update their security settings on applications that contain sensitive data.

Of course, asking employees to do this is one thing. Enforcing it is quite another. One easy way to do it is to establish a mobile device management (MDM) policy. Apex Technology Services can work with your business to centralize mobile application management across your organization. All applications for company-owned devices can be stored and provisioned in a central hub. So instead of downloading applications on their own, employees can request them from IT. This will also give IT the ability to ban insecure or controversial applications from entering into the business.

A robust MDM solution will allow your end users to use the critical business applications they need on a daily basis. The difference is they will do so safely.

You can read more about Apex’s approach to MDM by clicking here.

A new breed of hacktrepeneurs has awoken and they have little to fear and everything to gain by infecting as many companies as possible and extorting money from them. Apex Technology Services stands ready to protect your company regardless of whether it’s located in New York CityWhite Plains, New York; Connecticut; Australia; Europe; or anywhere else. Our full suite of cybersecurity and IT support services is at your disposal, enabling you to spend less time worrying about and more time growing your business.

In addition, our new Cybersecurity Compliance Certification for law firms will help keep your legal practice from becoming the next Panama Papers victim. This baseline cybersecurity audit for the legal industry should be considered seriously by all law firms.


Apex Technology Services
Choose from comprehensive, affordable solutions for IT consulting, network services and computer help desk support in Fairfield county including Norwalk, Darien, Stamford, Greenwich, Ridgefield and Bridgeport. Also Westchester county including Rye, New Rochelle, White Plains, Yonkers and New York including Manhattan and the five boroughs.


Apex Technology Services is a cutting edge MSP offering quality IT support to financial, medical, legal, Fortune 500 and government agencies while adhering to the highest of quality...



Apex Technology Services has the cybersecurity expertise to help your business in a world filled with attackers looking to shut down your business hold it ransom or steal your valuable...



Apex Technology Services delivers a combination of traditional IT functions such as infrastructure as a service (IaaS), applications, software, security, monitoring, storage...


Ranked Top 10 Network security Solution Provider

One Stop Shop For All Your Technology Needs

Contact us Now!