Industry Insights • 10 MIN READ
How to Minimise the Risks of Geo-Location Tagging
by Beverley Obukohwo, Eleanor Barlow • Apr 2021
Do you know what and who is tracking your location? Do you know why people/websites and businesses want this information? Geo-location is the identification of the geographic location of a user or computing device via an array of data collection processes (Device/Server based and Combined data collection). The most commonly used Geo-location service is a GPS device to determine a precise location of a person. For example, if a company you visit online wants to know where their users are located around the world, they will use geo-location data to find this out.
Websites can also ask for a user’s location, usually presented as questions such as “This website uses cookies to store information about your visit (including your location).”
Many people do not mind a website knowing their location. It can, however, be problematic and make individuals more vulnerable to security threats if used unnecessarily. Any data that does not need to be shared online, should not be entered. So, if you want to make sure your geo-location tagging is not being tracked, here are some options.
- Use Virtual Private Network (VPNs). A VPN is the best solution to shield your location. A VPN essentially encrypts your data and sends it through secure remote servers. This transmission masks your real IP address.
- Clear and Turn off cookies.
- Stay away from Google tracking. Most people who surf the web, interact with Google in some way, either to search for data or websites.
- Use antitracking solutions. There are various types of software with anti-tracking features. Normally this would identify websites that are attempting to track you. Not only does it identify them, but it usually has the capability to remember them and block repeated efforts.
- Social networks. Avoid social networks if you can. Only include the minimum amount of information about you (including location – to prevent geolocation tracking, and secure your portable devices). Please avert from using any geo-tag feature.
- Turn off geo-tracking or the transfer of data about your location. Block the function from your device, including browsers, phones, operating systems and even applications. You should be able to ‘disable location services’ and enable ‘do not track’ feature.
- Monitor DNS-Leakage: Regularly check your DNS service for the leakage of personal data. Domain Name Server is a system in which local device addresses turn into IP addresses that other servers and routers can use to send and receive information. You can google “DNS leak testing” and you will get a lot of services that will help you.
- Managing Plugins: Browser plugins are weak points in many security systems that can allow data to be lost even if other important security measures are taken. Hostile plugins track the scope of your interests. To maintain a high level of privacy, it is recommended avoiding plugins. If this is not possible, you can configure your system so that it always requests permissions to launch the plugin or run it in a sandbox for additional security.
- Turn off JavaScript: JavaScript can deliver detailed information about you/your device to any server in the world. The practical solution would be to use a software that will check the list of domains that can run JavaScript. These are sites that you often visit. You can also create a whitelist of domains in your browser.
- Disable the WebRTC: Real-time communication allows a web browser to request real-time information from other servers or browsers. To disable it, all you need to do is double-click anywhere on the row and change the value to “false.” If you need to enable WebRTC at any time, just repeat the process. But remember to set the value as “false” again once you are no longer using a direct, peer-to-peer connection.
- Know the basics when on social media. Geotags are often automatically embedded within a picture, when taken on a smart device. People forget this, and often give away their location by simply uploading an image online.
- Educate your staff on security protocols. Security Awareness is not just for those interested in cyber security. It is a crucial element that all employees must be aware of. But once employees are cyber security aware, have a checklist in place, are able to recognise cyber threats, the impact of a cyber-attack, and know the steps to prevent cyber threats from attacking and infiltrating their systems, businesses improve their security posture significantly. View this checklist here.
For more information, speak to one of our experts here.