Social Networking

Think about how you want to use social networking. Facebook is an all-purpose, come-as-you-are social medium. The community is gigantic, and anybody with an email address can join. It's best to limit your use of Facebook to sharing news, photos, music, videos, etc. casually with friends and family. For business, consider using a service like LinkedIn that caters specifically to professionals.

Follow the Golden Rule. Assume that the personal information and photos you display are available to everyone and anyone, not just to your friends.

Be careful about what personal information you post (this is not only applicable to twitter). Think about what you are posting. If you wouldb´t want your current or future employer, current or future spouse, or in-laws, or parents, etc. reading your post(s) then DON´T POST IT!

Do use a strong password, and don't use the same password you use for other sites (including UC, online banking, etc.). If someone were to hack your social networking account, you don't want them to have access to everything you do! (For guidance on creating a strong password, go to UC InfoSec's Choose a password webpage

Do not display your full birth date. Listing a full birth date - month, day and year - makes you an easy target for identity thieves who can use it to obtain more of your personal information and potentially gain access to bank and credit card accounts. Choose to show only the month and day, or even better, no birthday at all.

To protect children from online predators, do not post a child's name in a photo tag or caption. If someone else does, delete it if you can, or ask the member who owns the photo to remove the name.

Do not mention being away from home. Doing so is like putting a "Nobody's Home" sign on your front door. Be vague about the dates of your travel plans and vacations.

Restrict searches for your information. Find out what your options are for restricting public searches. At a minimum, you should be able to prevent your information from being searched for by anyone other than your designated online friends.

Do not permit youngsters to use social networks unsupervised. Most sites limit membership to ages 13 and older, but children younger than that find ways to use them anyway. If there's a young child or teenager in your household using Facebook, an adult in your household should become one of their online friends and use their email as the contact for the account in order to monitor their activities.

Think about whom you are allowing to become your online friend. Once you have accepted someone as your online friend, they will be able to access a lot of information about you, including photographs and other material you have marked as viewable by your friends. Find out if and how you can remove a friend in case you change your mind about someone or discover they aren't who they claim to be.

Make sure you have an up-to-date web browser and comprehensive security software on your computer. This includes anti-virus, anti-spyware, anti-phishing, and a software firewall.

Adjust your privacy settings to help protect your identity. Facebook and some other social networking sites provide options to protect you online, but it's up to you to understand what they do and how to use them, and to be aware that they change over time.

Set and review your privacy settings regularly. Familiarize yourself with the site's current privacy policies.

Make only a cut-down version of your profile visible to everyone. Reveal the rest of the information in your profile only to people you choose to have as online friends.

Disable options, and then add them in one by one. If you are using a social network just to keep in touch with people, consider turning off the bells and whistles you don't need or use. Disable unfamiliar options until you understand what they do and have decided that you do need and want them.

Join groups and networks cautiously. Assume that all members of a group will be able to see all of your information unless and until you restrict access to it deliberately.

Understand what happens when you quit the site. It's usually easy to deactivate your account, but some sites, like Facebook, will retain all your information including pictures, friends, etc. even if you do. Find out how you can delete all of your information. You may have to request that the operators of the site delete it for you. When quitting Facebook, you must submit a deletion request, and that, too, comes with some gotcha's.

• There will be a delay of unspecified length between submitting your delete request and the actual deletion.
• If you login to Facebook after submitting your request, your deletion request will be cancelled automatically.
• There's no easy way to confirm that your deletion request has been completed.
• Even after deletion, copies of your photos may remain on Facebook servers for technical reasons.

***********************************************************************
Some of the above content taken with permission from
OUCH! Security Information Service: http://www.sans.org/newsletters/ouch/updates/
Copyright 2010, SANS Institute (http://www.sans.org)

Contact Us | UC Information Security | 51 Goodman Drive, Cincinnati, OH 45221
(513) 558-ISEC | Copyright Information ©2011