Protecting Your Social Media Presence

Social media sites are great tools that allow us to keep in touch with friends, family and coworkers. However, understanding the potential risks to these sites is important to enjoying and using them properly. Your online activities may expose excessive information about your identity, location, affiliations, and relationships, which leads to an increased risk of identity theft, targeted violence and/or stalking.

For a safer social networking experience, one should always assume:

  • No one is anonymous on the internet. Nothing posted is private:
    • Once something is posted it can spread quickly.
    • Everyone can see what you post--from who you are friends with, to your comments, to where you post. 
    • An embarrassing comment or image can and will likely come back to haunt you.
  • The more you participate in social networking the higher your risk to cyber crimes is.

To remain more secure and manage your online presence, follow these best practices:

  • Do not accept friend/follow requests from anyone you do not know
  • Avoid third party applications. If they are needed, do not allow them to access your social media accounts.
  • Be cautious with the images you post. What is in them can be more revealing than who is in them.
  • Configure your security options on your accounts to minimize who can see your information.
  • Never check “remember me” or “keep me logged in” options from public or shared computers.
  • Do not use the same password for all of your accounts.
  • Do not use your social media accounts to log into other sites. Create a new account for the site instead.
  • Do not post personally identifiable information.

Every social media site is unique in their security settings and protocol. In order to protect your information, one must understand how the site operates and which settings are appropriate. To learn more about popular social networking sites and how to stay secure, see our tips below.

Twitter:

Twitter is an open platform, where participation is open to everyone with an email address and internet access. It is important to remember that anyone can read Tweets that are not set to private even if they do not have an account themselves.

By default, your Tweets are set to public and are available to everyone on the internet. You can limit who sees what you post by changing the setting to “Protect My Tweets”. Protecting your account has many benefits including:

  • All Tweets are protected.
  • People will have to request to follow you before they can view anything you post. You will also have to approve these requests.
  • Other users will not be able to retweet what you post.
  • Protected Tweets do not appear in search engines.

Besides protecting your tweets, there are other items you should consider before posting on Twitter.

  • Posting images can often create more interaction with your account; however, it is important to remember all images contain metadata. The metadata can contain a lot of information such as the location where the picture was taken, the date and time of when it was taken, the model and make of the camera and more.  While most social networking sites delete this data, Twitter does not. Always think twice before posting an image.
  • Photo tagging is also a common feature to many social media sites. On Twitter, this function makes it easier for other users to and your followers to locate you and participate in social exchanges. Due to tagged photos not being individually verified, you could be associated with images you are not even in or images you never want to be associated with. To avoid this risk, change the photo tagging setting to prevent anyone other than yourself from tagging you in photos.

Facebook:

Facebook allows us to stay in touch with family and friends. There are a few important security settings to check and change for a more secure experience:

Login notifications are a great way to identify attempted compromises to your Facebook profile. When accessing your profile, Facebook checks for the presence of a “cookie” on your computer that identifies the browser. This double checks that it is one that you have accessed your account is on before. If the cookie is absent or incorrect, Facebook asks if the information should be saved and will send a text or email. While this is not double authentication, login notifications are a great way to keep track of your account. If you receive a login notification and you did not initiate the login, you should immediately change your password and follow the Facebook community guidelines for what to do next.

The best way to prevent your account from being hacked is activitating login approvals. Every login attempt will be interrupted and a code sent to your mobile phone that is on file with your profile. Only after the code is entered, will the login proceed and be verified. The recipient of the text only has 20 seconds to complete the login before the code expires. This setting with login notifications provides a greater level of security.

In addition, limiting the people who can send you friend requests also helps protect your profile. Users should change the security setting to only allowing friends of friends to send requests. This gives you more assurance that the friend request is coming from someone in your personal network. Always remain cautious when receiving a request from someone you do not know even if they know individuals in your network.

LinkedIn:

Configuring LinkedIn accounts for maximum security can be challenging. Users need to decide how to balance privacy, safety and security against the value of building a professional network. The biggest issue is that there is no way to make yourself completely invisible on LinkedIn. As a general rule, do not include things like email, telephone numbers or addresses in any fields that are not labeled for that information.

Making connections is an important part of this social networking site. If we are judged by the company we keep, then deciding which requests to allow or deny is an important decision. To help stay secure, follow these practices when adding connections:

  • Be skeptical when you are contact by individuals you do not know personally. Not everyone on the internet is who they say they are.
  • Be cautious when accepting connections from individuals you do not know.
  • Only accept connections that add quality to your professional network and consider the consequences of accepting connections that do not.
  • Do not accept requests based on the requestor’s strength of network. People can build false networks and leverage their false credibility.

When selecting an email address to use with your profile, try to separate your personal and professional life. LinkedIn uses your email as the primary outlet through which communication flows. It will also use your email if you are ever locked out of your account.

Once your account is set up, LinkedIn will ask if you want to sync your contact books. Before allowing a third party site to access your address books, ask if you would be okay with exposing your name and email address to those you did not choose. Also consider if you want to be professionally associated with everyone in your address book.

Last updated: November 28, 2016