Wednesday, February 26, 2014

Social Media Security


Social media security is of utmost importance.  In his article,  “How Privacy Vanishes Online”, Steve Lohr  stresses that “seemingly innocuous bits of self-revelation can increasingly be collected and reassembled by computers to help create a picture of a person’s identity, sometimes down to the Social Security number” (2013).  Precautions must be taken to prevent the theft of identity, funds, and personal property. 
Businesses should establish employee social media policies.  The National Labor Relations Board’s policy template warns that “social media also presents certain risks and carries with it certain responsibilities” (Herrin, 2012).  Conduct that adversely affects job performance of employees or customers may result in disciplinary action up to and including termination.

9 Steps to Social Media Security

Think before posting images:  Avoid posting pictures of expensive personal items.  Never share images that may reveal your personal address.

Don’t broadcast outings:  Announcing on Twitter or Facebook that you are away is an open invitation for burglars.  Geolocation apps like Foursquare share your exact location, which lets criminals know you are not at home.
Use strict privacy settings:  View privacy policies on all social networking sites and choose the highest settings.  Only allow your actual friends into your network.

Avoid giving too much detail:  Hackers commonly enter personal accounts through the “forgot password” link.  If your mother’s maiden name, your hometown, birth date and pet’s name are all readily available on your Facebook, you may have handed out the key to your account.
Be aware:  Make sure a link looks legitimate before clicking.  Be wary of suspiciously vague posts like “look at the picture I found of you.” 

Use secure passwords:  Chose strong, complex, unique passwords and never share them.  
Update your security software:  Make sure your security suite is up to date and includes antivirus, antispyware, antis-spam, a firewall and a website safety advisor.

Train yourself and your family:  Make the above practices part of your family’s social networking routine. 
Establish a workplace social media policy:  Promote honesty and respect and warn against the use of material that may constitute bullying or harassment.  Adhere strictly to Section 7 of the National Labor Relations Act. 
In their article, “Predicting Social Security Numbers from Public Data”, Alessandro Aquisti and Ralph Gross reported that they could accurately predict the full, nine-digit Social Security numbers for 8.5 percent of the people born in the United States between 1989 and 2003 – nearly five million individuals” (2009).  This eye-opening statistic forced me to take precautionary steps in securing my information shared on social media networks. I advise you to do the same.   
Watch this video from Susan Rink on Social Media Policy:

References:


Aquisti, A., & Gross, R. (2009). Predicting social security numbers from public data. PNAS, 106(27). Retrieved from http://www.pnas.org/content/early/2009/07/02/0904891106.full.pdf+html

Herrin, B. (2012, June). National labor relations board posts template social media policy. Retrieved from Legal HIMformation website: http://www.legalhimformation.com/articles/2012/201206.asp

Lohr, S. (2010, March 16). How privacy vanishes online. The New York Times. Retrieved from http://www.nytimes.com/2010/03/17/technology/17privacy.html?_r=1&


Posted by at

23 comments:

  1. UnknownFebruary 26, 2014 at 2:20 PM

    Hey Susan, this was a very informative blog post. It's very scary how easy people can steal your information just from what you include on your social networking sites. Out of all the items listed, what do you think is the most important security step to consider?

    ReplyDelete
    Replies
    1. UnknownFebruary 27, 2014 at 5:39 PM

      Hi Amanda-
      It is hard to choose one item of greatest importance. Since I have children, I think I would have to say that I would be most strict about anything involving their physical security. It really frightened me to hear how information through Foursquare can be used by thieves and landmarks in neighborhood pictures can reveal your home address.

      Delete
  2. UnknownFebruary 26, 2014 at 7:42 PM

    Hi Susan, very informative post. I enjoyed the article about predicting social security numbers from public data. Giving out those numbers is such a scary thing. I remember applying to jobs online and some required to the use of my social security number, needless to say I didn't complete the application. I also noticed on some government websites, they want you to insert your social number via the keyboard on the computer screen and not the actual keyboard to prevent identity theft. Even using your debit/credit card in stores can leave you subject to identity theft.

    Were you effected by the Target security breach? If not, have you experienced something similar in another store or from an online purchase?

    ReplyDelete
    Replies
    1. UnknownFebruary 27, 2014 at 12:45 PM

      Hi Andrea - Both my boyfriend and I were effected by the Target breach. He received a new debit card about a month ago - his bank sent him one without him having to request one. I only received my new one a week ago. (My bank also sent it without me having to ask).

      Do you think that eventually the concept of buying through your social presence will catch on? FB already allows you to purchase things for your friends through their platform, things like Starbucks or other giftcards, or donating to their charities / causes.

      Do you think this will make online purchasing, and your social activity more or less secure?

      Delete
    2. UnknownFebruary 27, 2014 at 5:47 PM

      Hi Andrea,
      Yes, I was targeted by a security breach. Someone in China stole my credit card information. Thankfully, my credit card company alerted me even before I was aware of the situation. They actually sent me a text as a warning. Ironically, I initially thought the text warning was a scam! I had never heard of a bank sending these warnings via text so instead of clicking the link they provided, I called them up instead. It is sad how suspicious we have to be.

      Delete
    3. UnknownFebruary 27, 2014 at 6:07 PM

      Hey Susan, you bring up an interesting point. There are so many times I will get an alert from Bank of America whether it's a text or email, and I immediately assume it's a scam. In today's society, how can we ever be secure?

      On one hand, the rise of social media and mobile has made it so much easier for us to make purchases, transfer money across bank accounts, etc. But now it is so much easier for us to be subjected to fraud and identity thief.

      Delete
    4. UnknownFebruary 28, 2014 at 4:51 PM

      Hi Amanda - I share your feelings. I sometimes feel like I am becoming so suspicious. I guess with most new advancements in society come disadvantages. This is life as we know it today.

      Delete
  3. UnknownFebruary 26, 2014 at 9:31 PM

    Hey Susan!

    I like how you organized your main points. Good job and easy to read. Do you agree with all of them or do you feel that there are some that do no necessarily need to be followed?
    Fantastic video by the way! You state that employers should have policies with social media usage. What are your thoughts on it? Do you think that employers should have a say or not bother with what employees do outside of work? This has always been something I thought about and I think it is an extremely relevant topic in these times.

    -Michele

    ReplyDelete
  4. UnknownFebruary 27, 2014 at 5:30 PM

    Hi Adrienne-
    Thanks for the compliments on the simplicity of my blog format. It was challenging since I have a tendency to be somewhat verbose.

    As far as posting for a corporate environment, I was particularly intrigued by the reading relating to Section 7 of the National Relations Board Act. It seems there is a fine line between keeping employees in line and infringing on their rights. It appears that employees are able to complain online about workplace conditions as long as they are engaging in dialogue. Random individual employee rants are not protected under the act.
    We did not have a social media policy in my family business. If I had, I would have insisted on a confidentiality clause, courtesy clause and insist on an anti harassment policy.

    ReplyDelete
  5. UnknownFebruary 27, 2014 at 5:56 PM

    Hi Michelle-
    I absolutely think all the tips I provided should be followed. I do think employers should have a say in what their employees post outside of work, where their company is concerned. While employers have to respect employee rights under Section 7, employers still must be concerned with employees representing the company online. A big consideration as well is the protection of trade secrets. Employers still have the obligation of enforcing anti-harassment and non-discriminatory policies online.

    ReplyDelete
    Replies
    1. UnknownFebruary 27, 2014 at 7:39 PM

      I definitely see where you are coming from. I really like that you made a point to mention that employers need to always enforce anti-harassment and non-discriminatory policies which in this case follows their employee online. Good point! I hadn't even thought of that.

      I'm curious, what do you think should be the ramification if these policies are broken online?

      -Michele

      Delete
    2. UnknownFebruary 28, 2014 at 4:57 PM

      I think the ramifications of online harassment and discrimination should be exactly the same both online and offline. The Internet is simply a different medium. Actually, now that I think about it, the punishment online should potentially be greater since messaging would reach a larger audience. Great question.

      Delete
  6. UnknownFebruary 28, 2014 at 9:46 AM

    Michele, good question about whether employers should monitor what employees post outside of work. I think if it is in relation to the company or others that work for the company, they most definitely should be able to have some type of say about what is said. Whether you are at work or off work, you are still representing the company. Just like an officer is still obligated to enforce the law even if they are off duty.

    If employers find issues of something that is said, the ramification should be wants outlined in the social media policies. Not being at work shouldn't change anything.

    ReplyDelete
    Replies
    1. UnknownFebruary 28, 2014 at 1:07 PM

      Thanks for your input on this topic Andrea! I really like the example of an off duty officer. Nice work!

      -Michele

      Delete
    2. UnknownFebruary 28, 2014 at 5:09 PM

      I think what this all boils down to is acting responsibly online, no matter whether we are on the clock or not.

      Delete
  7. UnknownFebruary 28, 2014 at 2:24 PM

    Hey Susan,

    Really great post. I think you hit on some of the most vital points that need to be paid attention to when it comes to our personal security and privacy on the Web. The quote in your first paragraph about how pieces of our information spread out over the Social Web can be put together to form a whole picture is quite alarmingly true. Those looking to steal your identity merely need to troll your social media presence to piece together the necessary information needed to access your important accounts.

    I have read that piece on predicting social security numbers by public data before and was quite alarmed. It made me stand back and look at how I share and use social media and what part of myself am I putting out there that could put me in danger. Luckily, I have found that I am not much of a sharer but it was disturbing how much information my friends and family would put about their lives online.

    I think a substantial theme related to many of your points is to be extra cautious and wary before acting out anything over social media. From posting pictures to making comments, thinking it through before posting will protect you best in the long run. We have to think: what is this comment, post, etc. saying about me personally? Is this something I want out there? What can someone learn about me from this being on the Internet? As has been pointed out by many on our class blogs this week, the Internet is a kind of permanence that people don’t quite seem to understand. I think with recent scandals, such as the Target security breach mentioned by Andrea above, I think the public is becoming more cautious and understanding about what information they are putting out there.

    You mentioned that a lot of these facts opened your eyes to some of your own lapses in looking out for your own security. Is there a specific bit of behavior that you have noticed and are going to change now? Or will you just be practicing a general cautious observance of everything you do and say on the Web from now on?

    ReplyDelete
    Replies
    1. UnknownMarch 1, 2014 at 7:59 AM

      I sometimes wonder if the lack of privacy on sites like Facebook will ultimately be the downfall for these social networking sites. While we all need to be careful of what we say and post online, it causes agitation for people who want to have a separation between work and their private life.

      Delete
    2. UnknownMarch 1, 2014 at 4:01 PM

      Perhaps technological advances will be made that do a better job of securing privacy. I wonder if finger printing can be used to confirm identification online?

      Delete
    3. UnknownMarch 2, 2014 at 11:07 AM

      I'm curious if there will be an all-encompassing social media outlet one day whose main and primary goal will be the security and privacy of its users. I don't think privacy will be the ultimate downfall of social networking but it could contribute to it. However, younger generations seem to have a complete lack in concern for their own privacy, it might not eventually matter anymore. I'll be curious to see the way teenagers who share too much today will evolve their social media use as they get older and privacy becomes more of a concern.

      Delete
  8. UnknownFebruary 28, 2014 at 5:04 PM

    Hi Nash-
    Because my credit card information was stolen, I am much more aware of the security certificates on websites. I once foolishly clicked a link on Facebook which then hacked my contact list and put my friends and family in danger. This is a perfect example of how numerous people can be affected by the carelessness of one person. Needless to say, I am now much more careful before clicking now.

    ReplyDelete
    Replies
    1. UnknownMarch 2, 2014 at 11:04 AM

      Susan, yes definitely. Phishing and hacking scams have completely proliferated the social space. My Twitter has been hacked before as well posting a suspicious link to my followers. Luckily, at the time, I rarely posted on my Twitter and the only accounts seeing this suspicious link were random Twitter Bots that had decided to follow me in the first place. And I think you hit on another important point here as well. When using social media, it's not just your own security that is put at risk. Social media is all about connection and how every one of us connects. That puts all of us at risks if someone within our network doesn't properly secure themselves.

      Delete
  9. UnknownMarch 1, 2014 at 5:52 PM

    Hi Sue - I echo everyone's thoughts about how you re-capped this week's reading into very easy to follow and simple steps. Honestly, these steps would make a great little printed card that so many people should carry around as a constant reminder of the importance of social media and internet safety. As users, it's easy to get cozy with going through the motions of using these tools that we can lose sight of how much detail we are posting. While this week's reading was enlightening, reading through our classmates perspectives was even more educational. Especially those who were able to share personal experiences of having had their accounts compromised in one way or another. Great read!

    ReplyDelete
  10. UnknownMarch 2, 2014 at 5:47 AM

    I agree Tara. I, myself, should carry a little card in my wallet. I think "cozy" is the perfect word to use regarding most of our attitude with social media security. We think of it as a fun place to connect with friends and associates, but we easily forget the risks involved.

    I, too, feel that in this class, as well as many others, we learn so much from one another. We, in this class, as well as our program, are but a small example of the power of social media. I often comment to my coworkers about how collaboration and group brainstorming in the office often results in solutions or ideas that never would have been reached if we had been working independently. I feel the same is true of social media, only with social media the exchange is so much more powerful due to the extreme reach. Nichole Kelly (2013) has a great article about how to use internal social networks can be used to solve real business problems: http://www.socialmediaexplorer.com/social-media-marketing/using-an-internal-social-network-to-solve-real-business-problems/ . Thanks for stopping by!


    Kelly, N. (2013, October 8). Using an internal social network to solve real business problems. Retrieved from Social Media Explorer website: http://www.socialmediaexplorer.com/social-media-marketing/using-an-internal-social-network-to-solve-real-business-problems/

    ReplyDelete

Subscribe to: Post Comments (Atom)