My job blesses me with a wealth of folks who are in every profession known to man - just about. I have access to lawyers, bankers, writers, programmers, doctors, nurses, various members of the law enforcement community, teachers, professors, psychologists, accountants...you name it, I probably have access to one thru my job. This bit of info was passed along by one of my law enforcement officers and I included it in my last office newsletter - if it's good enough for work, it must be good enough to share on my blog. Parents - might want to go over these things with the kiddos!
SOCIAL NETWORKING SITES (SNS), like Facebook® and Twitter®, are software applications that connect people and information in spontaneous, interactive ways. While SNS can be useful and fun, they can provide adversaries, such as terrorists, spies, and criminals, with critical information needed to harm you or disrupt your mission. Practicing operations security (OPSEC) will help you to recognize your critical information and protect it from an adversary. Here are a few safety tips to get you started.
THINK BEFORE YOU POST! Remember, your information could become public at any time due to hacking, configuration errors, social engineering, or the business practice of selling or sharing user data.
Think. Protect. OPSEC.
- Keep sensitive, work-related information OFF your profile?
- Keep your plans, schedules and location data to yourself?
- Protect the names and information of coworkers, friends, and family members?
- Tell friends to be careful when posting photos and information about you and your family?
Before posting did you:
- Check all photos for indicators in the background or reflective surfaces? (bet you didn't think of that one 'eh?)
- Check filenames and file tags for sensitive data (your name, organization or other details)
- Unique from your other online passwords?
- Sufficiently hard to guess?
- Adequately protected (not shared or given away)?
- Carefully look for and set all your privacy and security options?
- Determine both your profile AND search visibility?
- Sort “friends” into groups and networks, and set access permissions accordingly?
- Verify thorough other channels that a “friend” request was actually from your friend?
- Add untrusted people to the group with the lowest permissions and access?
- Keep your anti-virus software updated.
- Beware of links, downloads, and attachments just as you would in e-mails.
- Beware of “apps” or plugins, which are often written by unknown third parties who might use them to access your data and friends.
- Look for HTTPS and the lock icon that indicate active transmission security before logging in or entering sensitive data (especially when using wi-fi hotspots).