The
rise of social media has given families and friends the ability to connect with
each other across the world, but it has also exposed people to compromising
situations including robbery, identity thief and other security issues. To help
Internet users understand the best practices of social media use and better
protect themselves, let’s summarize a few concepts:
Social media networks
- These are online channels that
enable people to connect with others via a status, a post, image, video,
etc.
Social media policy
- A
written document that outlines the expectations of employees when it comes
to using social media channels
Social media security
- Understanding
the threats and risk associated with social media and learning how to best
optimize your social media channels
Take a
look at this video to learn about social media security and privacy.
Now
that we are familiar with these terms, let’s dive into some key items to
consider when using social media.
Fix privacy settings
- Make sure to check the privacy settings for every social media site you use. If you’re profile is public, anyone can view it. Make sure to set your settings so only your friends or followers can view information that is on your profile.
- Once you post to social media, it’s out there for anyone to view. Refrain from discussing anything conversional including topics that are racist, offensive, or even illegal. Remember: Even if your privacy settings are set to “friends only”, someone can view the post if a friend likes, comments or shares that post.
Don’t be too specific
- Be careful about the types of information you post in a status update. Letting people know you are traveling can make you become the victim of a robbery. Also, including information like your phone number or mailing address can make you become the victim of identify thief.
Secure your password information
- Make sure your password is not easy to hack. Using the name of a pet or family is very easy for someone to steal especially if you post photos of them.
After viewing the official U.S. government social networking training module, I have become much more aware of what I post. Before, I never thought twice about checking in to a restaurant or posting real-time updates as I travel. Now, I will be more cautious about the types of items I post and the people I decided to add on social media sites.
If you're still not convinced that social media poses risks, view this article to learn about a
recent security breach with social media site Snapchat.
Also check out this infographic to learn how to protect your home from the risks associated with social media.
Also check out this infographic to learn how to protect your home from the risks associated with social media.
Resource:
United States of America Department of Defense (n.d.).
Social Networking V1.0. Retrieved from
http://iase.disa.mil/eta/sns_v1/sn/launchPage.htm
Amanda,
ReplyDeleteOne thing many of us are taking away from this week's lesson is that we have to avoid using obvious phrases as passwords (like the dog's name, as you mention). To heighten security, some organizations require frequent password changes; Marist, for example, requires a password change every six months. Some criticize, however, that these mandatory changes are a waste of time and resources (read one argument here).
What are your thoughts? If you agree that passwords should be changed regularly, how often do you think is sufficient?
Kait
Hey Kait, that's an interesting point. At my job, we have 2 sets of passwords that we need to log in, and each month we are required to change both passwords. You know what happens? Countless people either get a.) Locked out of their computer or b.) They forget what they used to change their password.
DeleteI've never been a huge fan of having to change your password. Instead, I think you should be required to have a certain amount of symbols, numbers and lowercase/uppercase characters. This makes it harder for someone to create an obvious password and therefore less likely that their password will be hacked.
What are your thoughts on the issue?
I actually prefer that my employer prompts us to change passwords. I think know in case, though, I have "go-to" passwords. They are structured pretty well (I think) and are meaningful to me. But they include ideas/identifiers that are not anywhere near common in the course of my daily life.
DeleteHowever, with my few "go-to" passwords, I tend to use them on a variety of sites and services. What do we think of that as it relates to security? How many passwords are too few? How many are too many?
Do you have any suggestions as to how to manage/coordinate numerous passwords?
Mike
Amanda - the locking out and forgetting also happens here at Marist. The other flaw in the system is that after you do your required "six month change," there is no stopping you from going back in and switching it to the previous password. Not good for security!
DeleteI think a blend of prompting users to change passwords and, strong password construction (I love when a site rates the strength of your password) would work.
Mike, you ask some great questions. Amanda, I'd be interested in hearing your thoughts. I'm guilty of not using enough passwords, and the problem there is if one is compromised, all are compromised.
So, one for every social network? A mix of a few? What do you think, Amanda?
That's a great question, and I know I'm guilty of using similar passwords for different sites. For work-related accounts though, I try to be more careful about the types of passwords I choose. I don't use any real names or keywords that relate to the company. I also make sure that for our important accounts (Facebook, Twitter, Adobe, Eloqua, etc.) we use completely different passwords to avoid multiple sites being compromised.
DeleteTo manage the different passwords, I think the best approach is to keep a track of every account and username/password that you have in an excel spreadsheet. I do this at work to manage the hundreds of different accounts I use.
You also need to be careful about the types of people you add as administrators on your accounts. We only allow about 5 people to have access to our company Facebook page (with only 2 or 3 having the ability to write posts) in order to keep it regulated and avoid the site being managed by multiple people.
Does anyone have rules for how many people at your company can manage your social media sites?
First things first, I just spent 10 minutes browsing the Eloqua site because I had never heard of it. I really enjoy hearing other people talk about their work because it introduces me to many new ideas and concepts to me.
DeleteNow, to Amanda's question, we are a pretty small operation from a communications management standpoint so, for our "corporate" sites we limit it strictly because there are only two of us working in that area. Not a lot of thought to it...just how it worked out.
On the other hand, we are a college and many departments, clubs and programs use social media also. In those cases, we require that they register with our office, tell us who the administrator is, and add us as administrators. Our first thought in this was security...if someone goes off the reservation we need a way to get involved. Secondly, it was succession planning. We did an audit about a year ago and found 78 different social media accounts on Facebook and Twitter that seemed to come from "trusted" sources (meaning offices on campus, etc.). 32 of them were active. The others were not being updated because either someone got tired of doing it or the person doing it left and no one picked it up.
One of my pet peeves are stagnant corporate social media sites so our policy dictates that, if it is stagnant for 6 months (basically one semester), we have the right to take it down.
Mike
I completely agree about stagnant sites. I was surprised when I was doing research on Dannon Yogurt, and I went to their Facebook page. They haven't updated the site or posted anything in months. Talk about a bad user experience.
DeleteWhile it's great to be on social media, companies really need to make sure they have atleast one active user to avoid situations like this.
Hi Amanda - Thanks for sharing! You make some great points about the importance of social media security and privacy.
ReplyDeleteI think you make a great point about limiting specific information on social, especially geographic location. Tagging restaurants, hotels, parks and museaums has become such a big part of our culture. I know especially when I travel I like sharing photos and videos of where I am. What are your suggestions for starting to curb this mindset? It has been such an integrated part of our culture, how do we make people more aware of the dangers of this behavior?
Similarly, our friends can tag us at restaurants or other locations that broadcast to both their friends and our personal network. How can we avoid posts that others tag of us?
Kristen
Hey Kristen, we definitely need to be more mindful of where we check in. While we can't control what our friends tag, we can make sure we set our privacy settings so only our friends can see our content, statuses, photos, etc.
DeleteI know there are also privacy settings where you need to approve anything your friend's tag you in whether it's a photo, post, etc. This way, you have control over what is shown on your timeline and what friends can tag you in.
Hi Amanda -
DeleteI wasn't aware of the additional security setting where you can approve content your friends tag. I thought that if someone tagged you in a photo, location, video, etc. you couldn't stop their followers from seeing it. Do you have any other info on this security setting?
The approving the tag is a great security feature, but (as we've found out with Kristen), not everyone may know about it. I also like that, on Facebook, you can choose to "hide" your profile from outside search engines. Kristen and Amanda, do you know of any other not-so-widely known security features we should all consider taking advantage of on social networks?
DeleteHey Kait, I took another look at the Facebook settings and I found some interesting features under ads. Apparently, you can opt-out of ads that are selected for you based on your online actions. It's definitely worth taking a look at all the different tabs on the social sites you use.
DeleteTagging is such a polarizing thing on Facebook so I make it a rule of thumb to ask permission to tag others when possible. This is especially true of photos. For me personally, I do put a lot of the security ownership on myself as the user. Out of respect for my friends and family, I'm more apt to ask their perspective on tagging them.
DeleteThe video clip you shared is very eye-opening about the reach of social media and how it correlates to privacy, or lack thereof. I enjoyed reading through your post and liked how you organized your points. Your recap of "You Are What You Post" hit the nail on the head. I think there are still so many naive people out there who don't understand the impact of what they post has on their image. Because so many people have large "friend" lists, it is easy to lose sight of who is paying attention to what you are posting. I see this more with the younger generation as they are way more brazen in what they write – I would bet money they would never say half of the things they post face to face.
ReplyDeleteKeeping with that point, we are seeing a big shift with the younger generation to using more image based tools such as Instagram. While they may not be posting words necessarily, sometimes a photo says it all or at least implies something. What is your perspective on how Instagram plays into privacy and user safety/security? Do you feel that photographs have a greater impact on the user's image than posted comments?
Hey Tara, I completely agree. I've had my Facebook account for almost 9 years, and I'm sure if I scrolled down to see how many people I'm connected with, there would be over 100 or more than I haven't' spoken to in years.
DeleteThere is that saying that actions speak louder than words. While words have gotten people in trouble on Facebook and Twitter, images can have the same exact effect. Now that you can tag people on Instagram, people can view incriminating photos of you without you even knowing. Would you want a future employer to view you doing a keg stand?
We're seeing this shift in how people are using social networks now too. This article from FoxNews highlights new apps people are using that are more "secure" than Facebook, Twitter and Instagram.
http://www.foxnews.com/tech/2013/09/13/secure-alternatives-to-facebook-instagram-and-twitter/
This brings me to an interesting thought: Do you think the rise of security issues will be the downfall for these top social media sites?
I don't think that security issues will completely steer users away from social media tools. With mobile device use on the rise, it's probably more important to those users to have added security. If anything, I see some excellent opportunities for software developers to design additional security programs or apps that provide some kind of extra security.
DeleteWe are a social species and social networking is the enabler to our habit (addition for some). Closing the door on these tools doesn't seem likely, so the creative solution is to patch the wound so that we can carry on.
I agree with Tara. I think we and the technology will continue to evolve. Consider services like Snapchat. If you can forget that they suffered a huge hack of their user information, the actual method of communication offers a higher level of security that prior services had. Messages are deleted upon being reviewed.
DeleteI also think people are adjusting their ways. When you initially join a social media site, it's like a holiday. You use it, and use it, and use it. Then, after a while, your usage diminishes to what's probably a more appropriate level of activity.
Mike
Mike - I think you make a great point about social media usage. Have you ever looked at the app store on your smart phone? Social apps are updated every few weeks to constantly offer new features to keep users engaged. I think this is why Facebook and Twitter have been so successful; they have continued to slowly update their settings to be more user-friendly. However, it's important for each user to fully understand the changes in security to social application and ensure it's within the guidelines they set for themselves.
DeleteI like your comment "you are what you post" ... I'm finding many social media policies rightly indicate and educate their employees around the need to "think before you post." The world is watching!
ReplyDelete