From login credentials to notifications, tracking and ads, ESET’s Lysa Myers explains how you can give your social media security a boost.
Social media has become an important part of modern life for most people – one that can cause serious headaches if you’re sharing with a wider audience than you intend. Because functionality and settings change with surprising frequency, it’s a good idea to assess your account preferences regularly. But if you are not particularly security-savvy, it can be hard to know what specific things to look for. In this guide we’ll lay out a few things to consider.
”I was surprised how many security-related features were listed in totally different areas.”
While the most obvious place to start looking for security-related settings would be security or privacy tabs, you shouldn’t stop there. In my own searches, I was surprised how many security-related features were listed in totally different areas. When in doubt, click through all the various tabs available in the settings or preferences pages for your accounts, to see what is there. Here are a few things to keep an eye out for:
Different social media sites have a fairly wide variety of options available for preserving the security of your login credentials. At this point most social media sites offer some sort of two-factor authentication. They may also provide a list of devices already logged into your account that you can check for suspicious entries, and you can enable notifications for new logins. You should also check lists of apps approved to access your account, and remove those you no longer use.
Viewing content and posts
Another important item to check is who has permission to view your posts. There are certain aspects of your profile that cannot be made private – usually at least whatever is used as your avatar or profile picture, and some basic information such as a username – so choose these items with this in mind. Most sites will allow you to protect your posts, and some allow you to do so with varying levels of granularity. Even if you have set limited audiences for your posts, it’s still a good idea to post as if anything you say could be publicly exposed.
Contact info and location
Social media offers people all sorts of different ways to contact you. Aside from any direct messaging options, they may require you to input your email or phone numbers, and in some cases even your physical address, and those items may be searchable.Even if they do not ask you to type in your address, they may automatically add your GPS location unless you disable this functionality. You can usually limit the visibility of your contact methods, or restrict who can look you up if they already have access to your name, email address or phone number.
Sending messages and comments
Some sites allow you to limit who can message you or who can comment on your posts. You may either be able to do this by selecting or blocking groups, or by blocking specific people.
Photo and video tags
Where there are pictures and videos on social sites, you will inevitably find tagging. If you want to have the right to approve whether others can link your profile to photos, you will generally need to enable this option, as it is rarely (if ever) the default option.
Tracking and ads
Most websites – not just social networking sites – use some level of tracking in order to display personalized ads. Some social sites may allow you to adjust how or when you are tracked, or which ads are displayed.
Receiving notifications from social sites can be sort of a mixed bag: they can let you know when something unexpected and unwanted is happening, or they can be a flood of potentially private information sent through an unencrypted channel where they can potentially be hijacked for nefarious purposes.
Curating your list of preferred types and methods of notification you receive can tip the scales in your favor. Facebook now allows you to use your PGP key to encrypt email notifications as well.
At best, content that runs automatically can occasionally be a nuisance. At worst, it can be a way for malicious content to execute before you know what hit you. Disabling “autoplay” functionality means you will need to click to run videos that people have posted, but it can also help you prevent a variety of rude surprises.
While the ever-changing functionality on social media sites can offer an exciting array of ways to connect with people, it can also be dizzying from a security perspective. By checking your settings with certain categories in mind, you can cut through the confusion and keep your account more secure.