How to protect data on social networks

The European cybersecurity agency Enisa has published 17 rules for protecting your personal and company information while using social networks: 1.

The European cybersecurity agency Enisa has published 17 rules for protecting your personal and company information while using social networks:

1. Consider carefully which images, videos and information you choose to publish

Remember that a social network is a public space; only post information or upload images you are comfortable with, keeping in mind that at a later stage you might be confronted with the content you uploaded, e.g. in a job interview. Information and pictures you post online should be considered permanent. They can be copied and stored by other individuals and can resurface years later in search engines.

2. Never post sensitive information

Do not make information such as address, date of birth or financial data available in your profile. A criminal might access your profile and steal your identity.

3. Use a pseudonym

You do not need to use your real name in an online profile. Using a nickname can help you protect your identity and privacy; only close contacts will know who is behind the nickname.

4. Do not accept friend requests from people you do not know

Be selective about who you accept as a friend on a social network. You do not have to feel obliged to add someone to your friends' list. Politely refuse or simply ignore the request.

5. Verify all your contacts

Ensure that the people you are in contact with or who sent a friend request are really who they say they are. Do not trust them immediately.

6. When joining a social networking site use your personal e-mail address

Do not use your company e-mail address but your private one and do not post confidential or competitive information about your organisation. Be careful about the information you reveal about your workplace, for example do not post pictures shot in front of your office with the company's address or logo on the background that may lead to your job or workplace address.

7. Be careful how you portray your company or organisation online

Consider what your employer would think before posting any comments or material online about your company or organisation.

8. Do not mix your business contacts with your friend contacts

You have no control over what your friends may post online or how they may portray you and consequently what your employer, colleagues and clients may be exposed to.

9. Do not let anyone see your profile or personal information without your consent

Before accessing your profile through your mobile phone, pay attention to the environment and people surrounding you. If someone is trying to see what you are doing, access your profile in a safer place.

10. Do not leave your mobile phone unattended

Someone with malicious intent could update your profile and status with false details. Remember to log out from the social network once your navigation is over and not to allow the social network to remember your password (this function is called 'auto-complete').

11. Do not save your password on your mobile phone

Mobile phones can be easily lost or stolen and if you save your password on your mobile device anyone who may have possession of it can access your profile, see your pictures and friends. Try to commit your password to memory and if you write it down be careful where you store it.

12. Use the security features available on your mobile phone

Remember to lock the keypad when not in use and protect the device with a Pin or password. Back up your details to another device, such as a PC, in case your mobile phone is lost or stolen. Configure connections (such as Bluetooth and Wi-Fi), especially in airports and public spaces, to be secure, and if your mobile device has a built-in firewall, remember to enable it.

13. Be careful what you publish about someone else

Do not upload pictures or personal information of other people without their consent. You might commit a criminal offence.

14. Read carefully and in full the privacy policy and the conditions and terms of use of the social network you choose

Always be informed about who provides the service and how your personal information will be used and who has the right to access the information you post.

15. Use privacy-oriented settings

Set the profile privacy level properly. Check the privacy settings of your profile - who can see your pictures, who can contact you and who can add comments - to avoid making your profile available to everyone.

16. Be careful when using your mobile phone and pay attention to where you put it

Report immediately a stolen or lost mobile phone with contacts and pictures saved in its memory and personal information regarding you and your friends.

17. Deactivate location-based services when not using them

Remember to deactivate location-based features of your mobile phone if you do not need them.

Source: Enisa

Read more on IT risk management