Securing your Social Networking Profile Presented by: Kevin O'Brien Division of IT SF State.

Securing your Social Networking Profile

Presented by: Kevin O'Brien Division of IT SF State

The top vectors

Facebook Twitter

Google (+ Youtube) And others

A segue from online security to your personal security

Letting your online profile all hang out:

So you follow no security protocols

How vulnerable are you? Your online profile is all information and

accounts available online that are identifiable as being associated with you

Potential problems: Cyberstalking Identity and credit theft Workplace disciplinary actions Malicious e-mails Pranks from friends

Does your privacy even matter?

Employers use online info

“A recent Harris Interactive survey for CareerBuilder.com found that 45 percent of employers use social networks to screen job candidates," he says. "Another study done by Microsoft put the number even higher, finding that 70 percent of recruiters and hiring managers look online for information about applicants.”1

“According to a new study by Proofpoint...17 percent report having issues with employee’s use of social media. And, 8 percent of those companies report having actually dismissed someone for their behavior on sites like Facebook and LinkedIn”2

Anyone can see who has viewed their profile on LinkedIn

With friends like these who needs enemies... The project entailed creating a blatantly false identity

of a woman claiming to work for in military intelligence and then enrolling on various social networking websites.

Ryan deliberately chose an attractive young female’s picture to prove that sex and appearance plays in trust and people’s eagerness to connect with someone.

By the end of the 28-day experiment, Robin finished the month having accumulated hundreds of connections through various social networking sites. Contacts included executives at government entities such as the NSA, DOD and Military Intelligence groups. Other friends came from Global 500 corporations. Throughout the experiment Robin was offered gifts, government and corporate jobs, and options to speak at a variety of security conferences, said Ryan.

What’s even more startling: much of the information revealed to Robin Sage violated OPSEC procedures.

Fake friend

What can you do about it? Secure your

computer Change your

browsing habits Use privacy tools Read privacy statements

Be proactive! (Create profiles and search for yourself)

FacebookVulnerable Logging in and

staying logged in Passwords External sites know

your information

Solution Uncheck “keep me logged in” Delete

cookies.

Account Settings → Account Security

Text 'otp' to 32665 for a 1-time only pass

Account Settings → Privacy Settings Turn off instant personalization

Facebook and others

Problem Photos of you,

while not at your best

Solutions? Keep your profile

private. Untag photos of u

What does FB know about you? OpenBook FB id gaffe When you search for something on Bing or

inweb results on Facebook (powered by Bing), you'll be able to see your friends' faces next to web pages they've liked. “Instant Personalization”

See what others can see using ReclaimPrivacy.org

What is FB Sharing on u?

Facebook privacy settingsAccount Settings → Privacy

TwitterVulnerable Tweets are public

by default (All your tweets are being kept by the Library of Congress, among others)

Location based tweets give info

Apps can access all your info if you let them (including direct messages!)

Solution Make tweets

private Turn off location Refuse access to

apps and remove access to previous ones*

Twitter

Google + Youtube

What Google knows about youhttp://www.google.com/dashboard

Google tends to show data first, ask laterWho has access?

Google CEO Eric Schmidt stated: “If you have something that you don't want

anyone to know, maybe you shouldn't be doing it in the first place.”

What else can you do?

Read privacy statementsLog out of accounts

Pay attention toBe very careful when clicking

on Facebook buttons and links on external sites

Use “Facebook Disconnect” Consider open social

alternatives (Appleseed, Diaspora,etc.)

Keep enjoying being social! =)