Google doesn’t care about your security. Facebook doesn’t care about your security. You are the only one who can keep your computer and your network secure, Kyle Flaherty, director of communications at BreakingPoint Systems, argued during a panel at Social Media for Defense and Government. “Why would Facebook [care]?” he asked. “They don’t lose money when I click on a bad link and get a virus. … That’s on me.”
Flaherty came prepared with five behaviors organizations need to instill in their employees to promote network security.
- Make your password count. Don’t use “password” or “abc1234” as your password. Don’t use the same password for every account. Definitely don’t use the same password for your Twitter account that you use for your bank account. Flaherty says he has a different password for every service he belongs to — he changes them all every week. While that is difficult and time consuming, Flaherty argues that it’s a small price to pay to avoid being a victim of a virus that corrupts his entire system.
- Be app skeptical. Do you really know who developed that neat Twitter or Facebook application? Even if the company who created the app isn’t malicious and isn’t using the program to spy on you or hijack your account — what happens if that company goes out of business? Your account info could be sold or the company could be bought by someone with less honorable intentions. Flaherty says some apps are OK, but users should make sure they trust the developer before they allow the program access to their account.
- Know what you are signing away. It might not be light reading, but you should be familiar with the terms of service for every network you’re on. Who owns the content you post? What happens to your personal information if you leave the network? Can the network use your information or content without getting your specific permission? Flaherty argues you need to know what you’re signing up for when you join a new network.
- Take control of your privacy settings. Don’t just accept your network’s default settings. Make sure you know what information you’re sharing with just your connections and what you’re sharing to the broader network. Flaherty doesn’t advocate walling yourself off — that defeats the point of joining a network — but argues that users need to think about what kinds of information could be embarrassing if they were shared too widely and what could really be damaging.
- Create social media guidelines for your organization. Don’t assume that social media best practices are “common sense” — even if they seem that way to you, he said. Create a comprehensive guide establishing your best practices and make sure everyone in your organization is familiar with the document. Flaherty suggests making this a part of your official human resources practices, not just an information policy. If you’re not sure where to start with your guidelines, he recommends looking at policies from other companies as a starting point. Flaherty says IBM’s guidelines are especially well written.
Just as Flaherty was wrapping up his top five tips an audience member suggested one more that Flaherty eagerly endorsed.
- Don’t disclose your full birthday. Flaherty suggests leaving the year off so that the date is less useful for obtaining personal information about you.
While these tips don’t guarantee safety, they go a long way toward creating a more acceptable risk situation, he says. Companies need to find a balance between the opportunities of social media and the dangers these networks can present. But it’s important to realize these risks aren’t static, he notes, they’re tied to the way you approach your networks.
Image credit 07_av, via iStock