Many of the previous posts on this blog have been geared toward midsize businesses to assist them with their information security strategies and to keep their data safe. However, with the widespread use of social media, this post focuses on security concerns when an individual uses social media.
Recently, I visited a grocery store in Southern California, and the unimaginable happened. All computer systems went down. The cashiers said customers could pay with cash – no credit or debit cards. While I paid for my items in cash, I wondered, what if this crisis happened at a Starbucks store where many customers use their Starbucks app to pay for their favorite latte? What procedures does Starbucks have in place? How would this situation impact the security of mobile pay?
With those questions in mind, here are five security tips to keep in mind as you navigate social media on a personal level:
Everyone loves Angry Birds and Farmville, but before you download the next great mobile app, ask yourself, what stood out from the Privacy Terms? Did you even read the Privacy Terms? Did you read the terms of service? These terms are important and should not be ignored. They relay important information regarding the type of information that an app accesses on your smartphone: contacts, calendar, photos, etc. Do you really want a game’s developers to access your confidential information? If the app is free, ads will probably bombard you, and even worse, your data is at risk.
While you may be aware that Coca-Cola has trademarked the names of all of its other brands, do you use the same name across all of your social media channels? I know people who use one account name for Facebook, another for Twitter, and a totally different version of their name for LinkedIn. While this may make sense, if you have a middle initial included on one site, or a nickname included on another site, what you think is clever may actually be a goldmine of data to a hacker. I highly recommend that you choose a single profile name and then be consistent as you set up all of your social networks. If you use a variety of account names, i.e., different iterations of your name, it becomes easier for a hacker to impersonate you because YOU have not provided consistency in using your name.
Everyone knows that “123456” and “password” are ridiculous options, but so are your pet’s name, your street address, and your favorite color. Think complex, perhaps, adding numbers and letters into an easy-to-remember phrase. Always use lower and upper case letters, and special characters, make the password at least 12 digits in length. If you’re unsure as to the strength of a password, use the Microsoft Password Checker. And, no matter how easy it seems, don’t use the same passwords for all social sites. Tweak them according to the site, but make sure they are different. If someone hacks your account, you don’t want all of your sites hacked.
When you sign up for a social media account, most of the time, you are asked to provide an email address. Before you hand over your main email address though, consider creating a gmail or yahoo email address specifically for your social media activities. If a hacker gains access to your social media account, and your email is compromised, your life doesn’t end. You can always forward the gmail/yahoo account’s emails to your main address/account.
Are your Facebook and Twitter accounts connected? Are your Pinterest and Facebook accounts connected? Are your LinkedIn and SlideShare accounts connected? Is your blog connected to Google Plus? There may be reasons why you want to connect one or more sites, but the marketing gurus would all agree that you should post different content on all your sites, so why would you want to connect the accounts? I won’t chime in on the content angle, but from the security angle, I definitely think the sites should not be connected. Again, if one is hacked, the likelihood of the connected sites rises exponentially, and anyone who follows you will see content that may not be appropriate. You never know the objective of a hacker, so it’s best to err on the side of caution and disconnect accounts. Use them separately.
Remember the quote from Scott Nealy that “You have zero privacy.” Once you post something online, it has the potential to be online forever. So, think before you post. Do you really want that photo to be seen by your boss or by your grandmother? Ask yourself that question before posting anything.
Before Facebook (yes, kids, we really had a life before Mark Zuckerberg), we didn’t share everything online. We didn’t announce our trips while we were away from home. We didn’t post photos of babies before they left the hospital. And we didn’t post every single status update. So, bottom line, think before posting, and maybe, it would be helpful to consider consequences if a security breach happened and a hacker accessed your account – would you be in crisis mode, or just shake it off because none of your sensitive data was posted? Hopefully, after reading this post and reviewing your content, you can answer, the latter.
If you want to read a painful account of a Twitter hack, meet Mat Honan:
What’s your fave social media security tip? Please chime in.
Image Credit: Master isolated images via FreeDigitalPhotos.net