Other Hot Topics: Cloud Computing Security | Cloud Data Storage Solutions | Community Based Security Awareness | Copier and Multi-Function Device Security | Full Disk Encryption | Managing Malware | Mobile Device Security | Statewide Longitudinal Data Systems
|According to US-CERT: "The popularity of social networking sites continues to increase, especially among teenagers and young adults. The nature of these sites introduces security risks, so you should take certain precautions."|
- Passwords [User focus]
- Choose strong, complex passwords.
- Choose a unique password for each account.
- Never share your passwords.
- Never use your password on suspicious third party sites.
- Safety and Security [User focus]
- Don't reveal too much information about yourself. Depending on the information you reveal, you could become the target of identity or property theft.
- Watch what you click! Don't click on suspicious links or pop-up ads that may infect your device with malware or install spyware. (Recent buzz words for this include clickjacking, likejacking, and tabnapping.)
- Be wary of scams, such as fake profiles designed to exploit your trust. Scams are no longer limited to e-mails. (And social networking sites don't have spam filters.)
- Applications that run on social networking sites might send your information to a third party or spread malware.
- Check privacy policies (all social networking sites have them - see privacy policies for Facebook and Twitter below).
- Report spam, phishing, or hacking violations.
- Policies and Practices [Institution focus]
- Consider creating a social networking policy.
- Create a website addressing the topic of social networking (see examples from Cornell, NDSU, and RIT below).
- Create a social media guideline for employees (see an example developed by the University of Iowa's Human Resource Department below).
- Notify your community about recent attacks or exploits affecting social networking sites (e.g., cross-site scripting vulnerabilities, Adobe Flash exploits, etc.)
- US-CERT recommends using and maintaining anti-virus software, which may be able to detect and remove a virus before it can do any damage.
- Social Networking Primers (for those not familiar with Facebook, Twitter, etc.) [Parent focus]
- OnGuard Online offers parents some tips for Kids and Socializing Onlinehttp://www.onguardonline.gov/topics/social-networking-sites.aspx. (There's also a Net Cetera Community Outreach Toolkit.)
- David Pogue (New York Times) wrote the article "For Those Facebook Left Behind" that provides a brief overview of several popular social networking sites such as Facebook, Twitter, LinkedIn, FourSquare, and Yelp.
- EDUCAUSE has a series called "7 Things You Should Know About..." which provides concise information on emerging learning technologies. Each brief focuses on a single technology and describes what it is, where it is going, and why it matters to teaching and learning. Use these briefs for a no-jargon, quick overview of a topic and share them with time-pressed colleagues (see examples of several social networking briefs listed below).
- The Department of Defense now offers education and training materials, social media guides, policies, and user agreements through their new DoD Social Media Hub.
Higher Education Resources
- Cornell: Social Networking
- Indiana University: Knowledge Base Article on Social Networking
- NDSU: Student Affairs Statement on the Use of Virtual Social Networks, Faculty and Staff Training and Awareness, What's Your Virtual Etiquette?
- RIT: Safe Social Networking and Blogging, RIT Information Security Facebook Page, RIT Information Security Twitter Feed
- University of Iowa: Social Media Use on the Internet: A Guide for University of Iowa Employees
- University of South Carolina: Video on Social Networking: Security and Privacy Implications (select Security Videos under Resources)
- EDUCAUSE "7 Things" Publications: 7 Things You Should Know About Facebook, 7 Things You Should Know About Facebook II, 7 Things You Should Know About Flickr, 7 Things You Should Know About Ning, 7 Things You Should Know About Twitter, 7 Things You Should Know About YouTube
- EDUCAUSE Resource Page: Social Networking
- NCSA: Social Networking Safety Tips, What College Students Can Do (includes social networking tips), What College Admins Can Do
Industry & Other Resources
- DarkReading: 'Robin Sage' Profile Duped Military Intelligence, IT Security Pros
- Department of Defense: Social Media Hub
- Engadget: Effectively Manage Your Facebook Privacy Settings with Three Simple Lists
- Focus: The Security Risks of Social Networks
- InformationWeek: Social Network Security Policies Lacking
- Lenny Zeltser on Information Security: Information Security and Social Marketing Campaigns (October 27, 2010)
- McAfee: Social Networking Threats: New Report From McAfee Labs
- New York Times: "For Those Facebook Left Behind" (July 7, 2010)
- NSA Fact Sheet: Social Networking Sites
- OnGuard Online: http://www.onguardonline.gov/topics/social-networking-sites.aspxKids and Socializing Online and http://www.onguardonline.gov/topics/safety-tips-tweens-teens.aspxNet Cetera Community Outreach Toolkit
- SANS Training: Social Engineering (in development)
- Social Media Governance: Online Database of Social Media Policies
- Sophos: Recommendations for Facebook Settings and Facebook Worm - "Likejacking"
- StaySafeOnline.org: Social Networking Safety Tips (Word or PDF), Social Networking Safety Tips for NCSAM 2010 (Word or PDF), Social Networking - Protect Yourself (for Home Users)
- UBM: 10 Social Networking Security Trends to Watch
- US-CERT National Cyber Alert System Cyber Security Tips: Staying Safe on Social Network Sites (ST06-003)
- Wired: Facebook Backlash Sparks Transparency Tools
Questions or comments? Contact us.
Except where otherwise noted, this work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.