Cyber Health

Geofencing - what is it and why should you consider using it?

A geofence is a type of virtual perimeter for a real-world geographic area.  Geofencing has many uses that can vary widely, from smart devices and appliances to marketing / audience engagement to security and human resources. 

The most popular use-case is as more of a security mechanism, such as blocking access to your VPN or to a particular machine if the connection request is coming from a potentially malicious location such as Russia or North Korea (both of which are known hot spots for hacker activity).  This can be useful in preventing cyber attacks coming from geographies that would not have legitimate activity.  For example, it’s unlikely that your field service technician would ever need to connect to your VPN while traveling in North Korea, and may make sense to block all internet traffic from that geography.

Geofencing can also be used for targeted notifications for safety, such as triggering a notification when a device or RFID tag enters a specific location such as a hazardous area of the plant floor.  This type of location-specific geofencing can also be used for targeted marketing such as delivering a coupon when a user’s phone enters your store. 

Other types of geofences can be set up to monitor activity in secure areas, allowing management to see alerts when anyone enters or leaves a specific area.  Businesses can also use geofencing to monitor employees in the field, automate time cards for service request tracking, and keep track of company property or equipment. 

Whether you’re using this technology for security, marketing, or just general operations, this technology has become extremely popular and is expected to grow over 27% in 2022 which means it’s here to stay.  There are some security implications of implementing geofencing, particularly for the latter use-cases above.  Attacks like GPS Spoofing (pretending to be in a location you’re not) can trigger behaviors or automations with unintended consequences.  There is also the consideration of who owns the geofencing data, since devices are sending location data in real-time.  If you’re thinking about implementing Geofencing at your company, ensure that location data being transmitted is properly encrypted, and that any sensitive functions on geofencing sensors or devices are disabled.  If you’re thinking about implementing geofencing on your firewall, talk to your managed services provider or IT department to ensure it is implemented correctly.

To view other PMMI CyberHealth content, visit Got a more specific question? Email [email protected]. Be sure to also opt in to the CyberHealth e-newsletter to get cybersecurity updates straight to your inbox.