Data security is a big issue, one of concern to both businesses and individuals. From headlines about the NSA compromising private email to Google’s decision to use https (an encrypted, secure connection) for all its services, we see this concern more and more in our day-to-day use of the Web.
Today I’m going to share some tips to help ensure the privacy of your personal and brand information.
Log in Manually
No matter how official it looks, avoid clicking log-in links that arrive via email or social postings. These can be vehicles for collecting your password data. If the message is legitimate you should see it on your dashboard when you log in through a manually typed address.
Be Cagey with Personal Details
One favorite trick for breaking into someone’s financial or other type of account is by clicking the “Forgot your password?” link on the account login page. You know those security questions you set up when you created your online bank account/Facebook/other account? The ones with easy-to-remember answers like your birthday, home town, high school class, or first pet’s name. If you’ve posted any of the answers online in a publicly searchable format you’ve just opened the door for those with malicious intent.
Be Cautious About Links
Beware of unusual links. Twitter and Facebook users in particular are frequently subjected to brief, nonspecific comments coupled with a link. Things like, “Hey, is this you?” are almost always the lead in for phishing attempts or delivery of malware and viruses.
Don’t Let Them Scan Your Address Book
Part of protecting privacy is protecting the privacy of your friends and customers. With most social networks, you have the option to enter your email address and password and see if your contacts are on the network. When you do so you have just added to that network’s email database. Some sites might use this information to send email messages to everyone in your contact list or, in an even worse scenario, to everyone you’ve ever sent an email message to from that email address. Others make their revenue by selling user data, like that hefty stack of new email addresses you just gave it.
Be Picky About Friend Requests
If you want to be as secure as possible don’t just answer any friend request that comes down the pike. You never know whether the person on the other end is who they claim to be, and accepting their friend request allows them access to your more private postings and info.
When in Doubt, Throw It Out
Messages and emails with odd phrasing, generic text, or content that is out of character for the supposed sender should set off warning bells. “I didn’t know you did this” followed by a link is probably not legit. Remember you can contact the source and ask if they sent you the message rather than just clicking indiscriminately and possibly infecting your machine with something nasty.
Remember, It’s Permanent
If you put it online it’s going to stay online. Social networks often keep all of your account data even if you delete the account. Copies of that information still exist — for a basic example take a look at The Wayback Machine — an archive of websites that are no longer online. Even if the entire digital presence were eradicated (an impossibility) anyone on the Internet could have easily printed or saved photos, text, videos, or other content before you took it down.
Train Your Staff
If the social media presence you manage is for a company, one of the most important steps you can take is training your staff properly. This not only means teaching them social media best practices, but also making sure they know how to safeguard your client and customer data. This means running anti-virus and anti-malware programs regularly, as well as securing and password protecting the machines that client information resides on.
Separate Personal and Professional Profiles
One simple measure that many don’t take advantage of is separating the personal and business profiles. On some networks — Google+ and Facebook come to mind — it is required that you do so by the Terms of Service. Both of them require brands, organizations, and pretty much anything that is not an individual human, to set up a Page. Profiles are for people only.
This can have larger data security implications than you might think. Let’s use Facebook as our example. If you accept a friend request on Facebook you know it is coming from a profile, as pages cannot friend you. Friends see all your posts that you do not specifically block them from seeing. They have greater access to your personal info as well. If you like a page on the other hand, it can only access the data you have designated as public.
The Most Important Rule
The absolute bottom line is simple: If you don’t want something seen, don’t share it online.
Image by SaFoxy
George “Loki” Williams is the community and brand manager for award wining game company Savage Mojo, Ltd. and the owner of SocialGumbo, LLC, an online consultancy specializing in Web content and online communications. Loki has produced content for clients including the Open Society Institute, National Association of Broadcasters, Kobold Press, and Kaiser Permanente. His work has been seen or written about in The New York Times, The BBC, Air America, The Gambit Weekly, and NOLA.com, among others.