Securing Your Social Networks

Social networks are a tremendous source of personal information leakage.  Actually, more like a waterfall.  As we learned in the last post, attackers use social networks to perform reconnaissance against their chosen targets.  Since few of us are going to delete all our social network accounts and move of the grid, we have to find a way to live with the level of disclosure.  Here are a few ideas.

  • Use strong passwords and two-factor authentication on any accounts you can.
  • Look at the security settings of your social networks, and limit your visibility to people you truly know and want to share with.
  • Many of us accept connection and friend requests from almost anyone.  Cyber attackers know this and will try to befriend us online, in order to get to know us and trick us into falling for a scam .  Accept connections only with people you know.
    • Take some time to comb through your friends and connections, and prune where necessary.  If you don’t know who they are, drop them!
  • Be careful what you share or retweet.  Make sure you have read the entire message, and that it is in agreement with your own beliefs and values.  Casual retweets of poorly understood content can blow back on you in unfortunate ways, and impact your reputation.
  • I understand the appeal of sharing your vacation or travel online, in real time, but this is an easy way for criminals to find unoccupied homes to burglarize.
  • In a similar vein, you may want to disable any automatic photo and video sharing with your social networks.  You are at the ballgame?  The thieves are in your living room.
  • Anything you post online may be viewed by a potential employer someday.  That “funny” post or picture may keep you from your highly paid dream job.

Over the last two weeks we have explored many of the ways that you can protect yourself and your personal information from unfortunate disclosure.  If the task to secure this information seems overwhelming, know that you are not alone.  Nevertheless, it is a good idea to slowly work your way through the ideas we presented, and give yourself a better chance at surviving online.

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.