Fitness Technology: Is Your Information Safe?

Is Your Information Safe? photo

In today’s digital world, new technology is changing how we go about pursuing fitness and how fitness and health are offered to us by gyms and clubs. For all the different types of digital fitness devices and toys, they all come down to one main component: information. But are we trading convenience and time for safety and is our health data safe?

A Quick History of Fitness Technology

In the early 20th century physical activity was taking the stage as a sort of protest against the “ills of modernization,” – these “ills” including the increasingly sedentary jobs people were working. Participating in physical activity was gaining popularity for men and women both. This movement led to the fitness boom of the 70’s and 80’s and with this boom electronic technology was introduced.

This technology included VCRs and exercise videos, exercise bikes and electronic treadmills. And this electronic movement has sequed into today’s movement: digital and wearable fitness technology.

The Draws of Going Digital

The popularity of digital and wearable fitness technology can be attributed to a few factors:

  • Accountability – now we no longer have to guess or estimate or hope we’ve hit our fitness goal for the day or session, wearables provide the data to show us.
  • More Complete Knowledge – we can combine information obtained from our smart fitness gadgets and wearables to give us a holistic view of our bodies, both health and fitness-wise.
  • Convenience – don’t like counting steps or laps, marking miles, calculating times? Today’s wearables do all of that for you so you have both an accurate and hard copy of your stats.

The Drawbacks of Going Digital

The benefits mentioned above bring some drawbacks, the main one being increased vulnerability of our personal health and physical (and often medical) data, and with those drawbacks is the increasing need for responsibility in handling our information.

Clubs, studios and gyms, for example, need to not only exercise firm, responsible, legal handling of members’ data, but to also adopt a policy of transparency and compliance in handling that data. Ask your fitness facility what their policies are on collecting, using, storing and disposing of any health or physical data obtained through their techology. You hand over a lot of personal data to fitness clubs by joining online, booking classes and sessions online, allowing gyms and/or trainers to monitor and track your workouts with wearables, using fitness apps, even doing virtual programs and chatting with bots.

Some trackers can provide geolocation data, which will share your location and even a company’s location if you’re participating in a job fitness program. Steve Manzuik, Director of Security Research for Duo Security (a cloud-based access provider) points out these devices aren’t necessarily creating new security issues so much as “reintroducing” old ones – mainly issues of hacking and data theft. This theft occurs when wearables are linked with smartphones. According to Vinay Anand, Vice President of ClearPass Security at Aruba Networks, (an enterprise wireless LAN provider), “As the wearables are usually connected to a variety of cloud apps and, depending on an organization’s BYOD policy, the corporate network, this can be a launch point for an attack. This means that malware and other forms of attacks can use that path to compromise the phone and then other resources inside the network. The attacker would have access to legitimate enterprise credentials that would lead to loss of, or the ransom of, sensitive data.”

While most IT security professionals agree the risk of data theft from wearables is very low for now, that risk can escalate according to the type of device being used. Lower risk wearables would be trackers, pedometers, heart rate and oxygen monitors, and these can be vulnerable via Bluetooth but the data is fairly hard to capture and the data is generally of very low value to hackers. The next step up – smartwatches, for example – can provide a higher risk of data theft, although Chet Wisniewski, Principle Research Scientist for Sophos (a security software developer) says this increased risk is more a result from the theft of the devices themselves than from interception. And this risk can increase from there as the newer and more sophisticated fitness wearables are being put on the market.

Devices that are less vulnerable to data theft would include wearables connected to smartphones, while devices that are more vulnerable to data theft would include those actively connected to the internet via Ethernet or WiFi.

Some Steps to Take to Boost Security

Stephen Cobb, Senior Security Researcher for ESET (a digital security company offering antivirus and internet security solutions), has shared five steps we can take to boost our fitness gadgets’ security:

  • Name your device a name that’s not easily traceable or recognizable.
  • Use strong passwords when creating online accounts for storing your information.
  • Exercise caution when allowing friends to “follow” your wearable and be sure you know exactly what information will be shared and with whom.
  • Read and understand your device’s privacy policy.
  • Stay updated on fitness technology – you need to be informed of any new threats or hackers, etc.

Another safety step to take is to activate your devices “Lock” if it has one. This will secure your information through encruption.

Image Credit:

Post by Andrea Rogers